Tornado Cash

Security Updated Jun 2026

What is Tornado Cash?

Tornado Cash is a decentralized, non-custodial privacy protocol on Ethereum that allows users to deposit ETH or ERC-20 tokens and later withdraw them to a completely different address. The protocol uses zero-knowledge proofs (zk-SNARKs) to break the on-chain link between the deposit and withdrawal addresses, making it the most widely used crypto mixer on Ethereum.

How It Works

Tornado Cash uses a smart contract that accepts deposits and issues cryptographic commitments. When a user deposits ETH, the contract records a hash (commitment) in a Merkle tree. To withdraw, the user submits a zero-knowledge proof demonstrating they know the preimage of one of the commitments — without revealing which one. This breaks the deterministic link between deposit and withdrawal addresses.

The protocol supports fixed denominations (0.1, 1, 10, 100 ETH) to make deposits within the same pool indistinguishable from each other.

On August 8, 2022, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Tornado Cash, adding its smart contract addresses to the Specially Designated Nationals (SDN) list. This made it a federal crime for U.S. persons to interact with the protocol.

Key consequences:

  • U.S.-based exchanges and services must screen for Tornado Cash interactions
  • Addresses that have sent or received funds from Tornado Cash are flagged by most compliance tools
  • The protocol’s code remains deployed and operational (smart contracts cannot be “shut down”), but interacting with them carries legal risk for U.S. persons
  • In 2024, a U.S. court partially lifted the sanctions on Tornado Cash’s immutable smart contracts, ruling that OFAC overstepped its authority — but individual operators remain sanctioned

Risk Scoring Implications

In address risk scoring, any interaction with Tornado Cash contracts is treated as a high-weight signal:

  • Direct contract interaction: The address is a Tornado Cash pool contract → immediate critical risk score
  • Indirect interaction: The address has sent or received funds from a Tornado Cash pool → significant score penalty (typically +35 points)
  • Mixing pattern: Multiple deposits to Tornado Cash followed by withdrawals to fresh addresses → pattern-based risk flag

These signals are used by the Onchain Diary Risk API to identify addresses that may be attempting to obscure the origin of funds.

Related Terms

MixerSanctionsSmart Contract

More Security Terms

51% AttackBlacklistContract AuditFlash CrashFlash Loan AttackFront-Running