Privacy on the Blockchain: An Analysis of Tornado Cash and DFINITY's Solution

In this article, we delve into the workings of Tornado Cash and explore the need for privacy-oriented solutions that are both secure and legal. We also discuss the DFINITY Foundation's efforts to improve privacy and security at the service level.

Privacy on the Blockchain: An Analysis of Tornado Cash and DFINITY's Solution

Tornado Cash is a non-custodial privacy solution that aims to improve transaction privacy between the recipient and destination address. In this article, we will delve a little deeper into the privacy protocol, including what the US government sanctions are on the protocol and what perhaps more legal alternatives are.

What is Tornado Cash?

Tornado Cash is a blockchain privacy solution that allows users to send ETH and ERC-20 deposits through its smart contract service and withdraw their crypto to a new address, such that there is no link between the deposit and the withdrawal address. A popular service for those who wish to obscure the source of their funds, be it criminals or those wishing to maintain financial privacy.

How Does Tornado Cash Work?

To make a Tornado Cash deposit, users generate a secret and send its hash called a commitment along with their desired deposit amount to the Tornado smart contract. Later, when they decide to make a withdrawal, they provide proof that they possess a secret to unspent commitment from the list of deposits, without revealing any piece of potentially identifying information.

The zero-knowledge technology allows users to provide proof without revealing which exact deposit matches the secret. The smart contract will check the proof and transfer the deposited funds to the address specified for the withdrawal. At this point, it will be difficult for anyone to determine which deposit the withdrawal comes from.

Sanctioned by the US Treasury

On the 8th of August, the US Treasury sanctioned Tornado Cash for allegations of helping North Korean hackers launder billions of dollars of crypto. The Office of Foreign Asset Control prohibited US crypto users and businesses from interacting with the protocol. The Treasury claimed that Tornado Cash has "laundered" over $7 billion, including $1.5 billion of illegally obtained funds. After the sanctions, the US Treasury blacklisted 38 Ethereum wallets and six USDC wallets belonging to the protocol, making the use of the service illegal.

Need for Privacy

While the blockchain is pseudonymous, it is not completely anonymous. The trace of transactions is not hidden, and authorities have used the transparency of the blockchain to catch criminals. Privacy-oriented crypto users look to privacy solutions such as Tornado Cash, that enables users to break links in on-chain transactions. But this can be done in several different ways.

That's why the DFINITY Foundation is investigating secure multi-party computation as a means to improve privacy and security at the service level. These solutions aim to provide maximum privacy for sensitive data while minimizing transaction time, making them an attractive option for users who value their privacy.


While Tornado Cash is a popular privacy-oriented solution that allows users to obscure the source of their funds through zero-knowledge proof technology, its controversial and sanctioned status makes its use risky. Despite this, the need for secure and legal privacy-oriented solutions persists. DFINITY has the potential to offer a safe haven for users seeking confidential data management and may be a solution to protect their trail of breadcrumbs in an era of big brother oversight.

Connect with Bitfinity Network

Bitfinity Wallet | Bitfinity Network | Twitter | Telegram | Discord | Github

*Disclaimer: While every effort is made on this website to provide accurate information, any opinions expressed or information disseminated do not necessarily reflect the views of Bitfinity itself.