MGP 21 - Tornado.Cash

Proposal

  • 0x0039F22efB07A647557C7C5d17854CFD6D489eF3

Note from Ameen - I split these up into two proposals so the DAO can independently evaluate giving the retroactive grant for work already done to ship tornado.cash and the grant for its future roadmap. Personally I am in favor of rewarding excellent contributions after the fact, even if a grant wasn’t agreed upon in advance, because the team takes on 100% of the execution risk themselves instead of taking the money first and potentially falling short of expectations. Also in this particular case, Peppersec was a finalist for the Hopper Mixer UI RFP (MGP 9), and in taking this project on without guaranteed funding, they have demonstrated competence, initiative, and a commitment to furthering the Ethereum ecosystem. 

Background

  • Have been running Peppersec.com consulting company. We do research, development and security audits. Recent clients - POA.network, Vault12, LevelK, Ztake.org, Dragonereum, AIRA, Tatau and others.
  • Our own projects:
  • Main contributors
  • First steps
  • MolochDai did the interview for UI work. Result: went with blockX
  • Deposit works on any dapp browsers (mobile and desktop)
  • Withdraw (where the huge amount of computations takes place) works in pure mobile/desktop browsers, Tor Browser, Brave. Could be done with help of Relayer of user’s wallet account.
  • Gas consumption - 888k deposit, 692k withdraw.
  • Proof calculation time - 6 sec (with BigInt native support).
  • User Keys 10MB (zipped)
  • Telegram group with ~100 people
  • ~400 Twitter subscribers
  • > 155 deposits made, > 88 withdrawal made
  • Ecosystem contributions
  • Found double spend vulnerability for all zkSnark based mixers
  • Many PRs to snarkjs and websnark repos. Including bug fix that make it possible to calculate zkProof in Tor Browser.
  • Started conversations with major wallet providers about integrations
  • imToken
  • Trust Wallet (binance)
  • Coinbase Wallet 
 
User-uploaded image: Screen+Shot+2019-08-09+at+2.06.47+PM.png
Demoing Tornado.Cash to Coinbase Wallet Leads
  • Comparison with other mixer projects
  • Note from Ameen - This was originally a link to the WIP State of the Mixers Report (MGP 19), but as that is not yet public, if you are a Moloch member and would like to see how Tornado compares to other mixers, please DM me and I’ll share the doc with you privately.

Future Work (MGP 21.2)

  • Open Relayers’ market. We have good ideas how to solve front-running problem and make it work in decentralized manner. (1 month, $12k)
  • ERC20 support for DAI, USDC, USDT tokens (3 weeks, $9k)

Possible Future Work (out of scope for current grant)

  • Audit by independent team.
  • Research for Wallets and DApps integrations.