The dirty secret of Tornado Cash is that it is controlled by a multisig, and the trusted setup was done on a single machine
The objective is to perform a legit trusted setup, then ditch the admin multisig and lock the contract open, so we have privacy on Ethereum until the heat death of the universe or the end of time, whichever comes first
This trusted setup will also be able to be re-used for other privacy implementations beyond Tornado Cash, should that be desired
Process
A“trusted setup” telegram group was organized by Barry of the EF
The EF, Tornado, and others worked together on a trusted setup codebase, with the critical element being the multi-party computation(MPC)
The MPC is the actual cryptography part of the trusted setup code, and was written by Kobi Gurkan of the EF
Tornado Cash wrote the UI and libraries for interacting with the MPC system so users can participate in the trusted setup(see MGP 35)
I reached out to Zooko who was kind enough to connect us with his ZCash auditors, Least Authority and NCC, who provided quotes on the MPC audit to Kobi and I
Kobi reviewed the quotes and chose NCC(the quote from Least Authority was a lot more expensive and NCC’s proposal was more on point)
NCC sent us the Statement of Work which I’ve attached below, and now I’m filling this proposal out!
Funds Flow
As soon as the proposal voting is done(and passing), SpankChain will sign a contract with NCC and wire the first $20,000 so work can start
Once the grace period is complete, I will ragequit 100% of the shares, and immediately send anything above $40,000 worth(priced at the time) back to the guild bank
Once NCC hits the first milestone, SpankChain will wire the second $20,000 to NCC
Rationale
Process
Funds Flow