Awesome
<div align="center"><img src="book-src/images/brand.png" style="width: 512px;"></div><br>Tornado Cats is a book for learning zero-knowledge applications and decentralized mixing by creating a simple mixer protocol based on Tornado Cash. This is still under construction and is currently available only in Japanese.
This book is available live at https://minaminao.github.io/tornado-cats/.
<!-- ## Table of Contents 1. Introduction 2. Overview of Tornado Cash 1. What is Tornado Cash 2. How It Works 3. Relayer 4. Mixing 5. Inappropriate Use that Results in Loss of Anonymity 6. Tornado Cash Classic and Tornado Cash Nova 3. Overview of Zero-Knowledge Proofs 1. What is Zero-Knowledge Proof 2. Completeness, Soundness, and Zero-Knowledge 3. An Example of Zero-Knowledge Proof 4. Non-Interactive Zero-Knowledge Proofs 5. zk-SNARKs 4. Deep Dive into Zero-Knowledge Proofs 1. Prerequisites 1. Alphabets, Symbols, Strings, Languages 2. Probabilistic Polynomial Time Algorithms 3. Negligible Functions and Overwhelming Functions 4. Random Variables, Ensembles 5. Indistinguishability 6. One-Way Functions, One-Way Permutations, Hard-Core Predicates 7. Probabilistic Polynomial Time Turing Machines 8. Two-Party Protocol Security and Simulation Paradigm 9. Computational Complexity Classes 10. Relations, Binary Relations, NP-Relations 11. Arithmetic Circuits 12. Bilinear Groups 2. Proof Systems 1. What is Proof System 3. Interactive Proof Systems 1. Interacting Turing Machines 2. Definition of Interactive Proof System 3. Computation Complexity Classes of Interactive Proof Systems 4. An Example of Interactive Proof: Graph Isomorphism Problem 4. Interactive Zero-Knowledge Proofs 1. Zero-Knowledge Proofs 2. Zero-Knowledge 3. Perfect Zero-Knowledge 4. Computation Complexity Classes of Zero-Knowledge 5. Honest Verifier Zero-Knowledge 5. Zero-Knowledge Proofs for NP 1. Commitment Schemes 2. Zero-Knowledge Proof of Graph 3-Coloring 3. Negative Results for Zero-Knowledge Proofs 6. Proof of Knowledge 1. What is Proof of Knowledge 2. Knowledge Soundness 3. Relationship between Soundness and Knowledge Soundness 7. Arguments 1. What is Argument 2. The Trade-off between Computational Zero-Knowledge Proofs and Perfect Zero-Knowledge Arguments 3. Perfectly Hiding Commitment Schemes 4. Construction of Perfect Zero-Knowledge Arguments 8. Non-Interactive Zero-Knowledge Proofs 1. What is Non-Interactive Zero-Knowledge Proof 9. Non-Interactive Zero-Knowledge Arguments of Knowledge 1. What is Non-Interactive Zero-Knowledge Argument of Knowledge 2. Definition of Non-Interactive Perfect Zero-Knowledge Arguments of Knowledge 3. Adaptiveness 10. Succinct Non-Interactive Arguments 1. SNARGs and SNARKs 2. Preprocessing Model and Fully Succinctness 11. Quadratic Arithmetic Programs 1. Flattening 2. Rank 1 Constraint Systems 3. QAP Reduction 4. Check of QAPs 5. Formalization of QAPs 12. Groth16: zk-SNARK for QAPs 1. Groth16 Overview 2. Efficiency of Groth16 3. Non-Interactive Linear Proofs 4. Split Non-Interactive Linear Proofs for Type Ⅲ Pairings 5. Disclosure-Freeness 6. Non-Interactive Arguments from Non-Interactive Linear Proofs 7. Non-Interactive Linear Proofs for QAPs 8. Schwartz–Zippel Lemma for Multivariate Laurent Polynomials 9. Statistical Knowledge Soundness against Affine Prover Strategies 10. Pairing-Based zk-SNARKs for QAPs 5. Basics of Zero Knowledge Proof Circuits 1. What is Circuit 2. What is Circom 3. Circuit Example: Factorization 4. Compile Circuit 5. Rank 1 Constraint System 6. Witness Computation 7. Trusted Setup 8. Proof Generation 9. Verification 6. Design of Mixer Protocol 1. Basic Idea 2. Design of Mixer Protocol 3. Protocol Architecture 4. Contract Architecture 5. Circuit Architecture 7. Design of Deposit and Withdrawal 1. Design of Deposit and Withdrawal 2. Example of A Design That Does Not Work 2. Example 2 of A Design That Does Not Work 4. Design Example 5. Algorithm and Data Structure Selection 6. What is Pedersen Hash 7. What is MiMC Merkle Tree 8. Implementation of Withdrawal Circuit 1. Define Signals and Create Components 2. Check Nullifier 3. Check MiMC Merkle Tree 4. Check Recipient, Fee, and Relayer 9. Basics of Smart Contracts 1. Contract Development 2. Solidity 3. What is Foundry 10. Implementation of Pool Contract 1. Contract Testing 2. `TornadoCats` Contract Interface 3. `deposit` Function 4. `withdraw` Function 11. Appendix 1. Tornado Cash: Decentralization 2. Tornado Cash: Status 3. Tornado Cash Classic: Contracts 4. Tornado Cash Classic: Circuits 5. Tornado Cash Classic: Trusted Setup Ceremony 6. CircomLib 7. Ethereum: Precompiled Contracts for zk-SNARKs 12. Reference -->Warning This repository is for educational purposes only and is not intended to facilitate attacks against protocols and money laundering.