Menu
Browse

Tornado Cash

Primary URL Location Industry
tornado[.]cash
Country Russia
Financial Services Icon
Financial Services
Profile

Tornado Cash operates as a decentralized cryptocurrency mixer that enables users to obscure the transaction history of Ethereum‑based assets. Users deposit tokens into a smart contract, which pools them with other deposits and later allows withdrawals to new addresses, breaking the on‑chain link between sender and receiver. The service focuses on Ether and ERC‑20 tokens issued on the Ethereum blockchain. Its core product is a trustless, non‑custodial privacy layer for blockchain transactions.

The protocol distinguishes itself through its reliance on immutable smart contracts and a decentralized autonomous organization (DAO) that governs upgrades and parameter changes via token‑holder voting. This governance model was highlighted in May 2023 when an attacker concealed malicious code in a governance proposal, gained control after validator approval, and extracted roughly one million dollars in cryptocurrency. The stolen funds were subsequently laundered through Tornado Cash’s own mixing service before the attacker proposed returning control and patching the vulnerability. These events underscore both the protocol’s technical openness and the risks inherent in on‑chain governance mechanisms.

Tornado Cash lists its headquarters as Russia, though as a decentralized protocol it does not maintain a traditional corporate structure or centralized ownership. Control of the protocol rests with holders of its governance token, who can vote on protocol upgrades and parameter adjustments. There is no publicly disclosed parent company or subsidiary relationship; the project exists as an open‑source initiative maintained by its community. This decentralized arrangement aligns with its goal of providing censorship‑resistant privacy services.

Incidents
Linked incidents available to members
1 incident