Tornado.cash Is Finally Trustless!
We have some great news! As we promised from our previous report, we have set the operator address to
0x000000000000000000000000000000000000 on all instances (0.1 ETH, 1 ETH, 10 ETH, and 100 ETH), so that from now on, all tornado.cash contracts are immutable and unstoppable.
What it means
From now on, Tornado.cash is largely living by the precepts that code is law. The Tornado.cash smart contracts are running on Ethereum and the community has the decision on whether or not to use our tools.
There are pros and cons to this. The positive thing is that no one can modify the smart contracts and the protocol is decentralized and unstoppable, as long as Ethereum isn’t changed or taken down. The tricky part is that the tornado.cash team is also not able to protect the users from bugs anymore as we did before. However, we did our best to secure the project before giving up control. Please have a look at the audits of the smart contracts and of the trusted setup ceremony. One more thing you can do to protect your funds is to get an insurance coverage from NexusMutual.
Tornado.cash is not just decentralized on the smart contract side. We’ve also moved to decentralize our user interface and site. We’re now using IPFS to deploy our UI at https://tornadocash.eth.link and have also published our minified UI repository https://github.com/tornadocash/ui-minified. Feel free to run it on your localhost.
Please keep in mind, that the main domain https://tornado.cash could be unavailable in some countries.
We also do not control or have any role in relaying transactions. The relayer’s network is independent of our team and is set up by folks running a node by following the instructions here: https://github.com/tornadocash/relayer
Currently, there are 4 independent relayer nodes.
Decentralized Full Node RPC (Help Wanted)
If you run a full geth node and want to help, please provide your url to us so we can have RPC providers on our UI.
We are still going to keep working on our next major version of tornado.cash v3.
As we have stated before, our vision is to provide privacy with appropriate compliance. We want to replicate Zcash features onto Ethereum mainnet which would allow private transfers of arbitrary amounts, and the ability to transfer ownership of tornado.cash notes within the pool.
Our goal always has been to do this the right way. We strive to provide users with software to preserve privacy and freedom, in compliance with FinCen regulations.
As software providers, we believe we are compliant with these rules. As noted by FinCen, “[a]n anonymizing software provider is not a money transmitter” (Page 20).
We have also recently released new compliance tools which enables you to prove the source of any transaction using Tornado.cash, if the need arises.
We wanted to give thanks to the Ethereum community for supporting us. We will continue to build software to enable widespread privacy on Ethereum and to do so in the right way.