A former Tornado Cash developer claims to be building a new crypto mixing service that aims to solve a “critical flaw” of the sanctioned crypto mixer — which he hopes will convince U.S. regulators to reconsider its position on privacy mixers.
The code of a new Ethereum-based mixer, “Privacy Pools,” was launched on GitHub on Mar. 5 by its creator, Ameen Soleimani.
In a 22-part Twitter thread, Soleimani explained that the “critical flaw” with Tornado Cash is that users cannot prove that they’re not associated with North Korea’s Lazarus Group or any criminal enterprise for that matter.
1/ We fixed @tornadocash
test out the demo, but please note:
– this is experimental code
– it has not been audited
– the trusted setup is untrusted
read the full story anon https://t.co/9nAU3RrgpN
— ameen.eth (@ameensol) March 4, 2023
With Privacy Pools, however, Soleimani explained that depositors and withdrawers could opt out of an anonymity set that contains an address associated with stolen or laundered funds.
This feature of Privacy Pools is executed with zero-knowledge (ZK) proofs, meaning that the privacy of the user is preserved:
“Now, users have the option to help regulators isolate illicit funds, without revealing their entire transaction history […] With privacy pools, just because someone deposits into the same smart contract as you, it doesn’t mean they can also force you into sharing an anonymity set with them. It’s your choice.”
Soleimani provided a demonstration of how Privacy Pools is used:
13/ Our demo is live – https://t.co/Nt4b2Tgx1D
Now, users have the option to help regulators isolate illicit funds, without revealing their entire transaction history.
Let’s watch a brief video of it in action: pic.twitter.com/An9lWx6jfr
— ameen.eth (@ameensol) March 4, 2023
The developer hopes the solution will empower “the community to defend against hackers abusing the anonymity sets of honest users without requiring blanket regulation or sacrificing on crypto ideals.”
While Privacy Pools is already live on Optimism, Soleimani noted that the first version of the privacy protocol is still in its “experimental” stage because the code isn’t complete and has not been audited, but he is “pretty close to having this ready.”
To see the protocol progress further, Soleimani wants on-chain forensics platforms like Chainlaysis and TRM Labs to conduct tracebacks on deposits so that users of the privacy tool don’t have to manually create their own subset exclusion lists.
In making the case for on-chain privacy protocols, Soleimani cited what he described as an “excellent” report by the Federal Reserve Bank of St. Louis in Missouri which examined the trade-offs between on-chain privacy and regulation:
“Their report proposes to achieve effective regulation by having Tornado Cash users provide receipts to an intermediary, thus revealing their entire transaction history to the intermediary, but still being able to have privacy with respect to other public blockchain users.”
The developer hopes this can help “start a conversation” with U.S. regulators on how on-chain privacy can be preserved whilst restricting criminal activity through the use of ZK proofs.
Soleimani’s attempt to create a crypto-friendly on-chain privacy solution comes after the U.S. Office of Foreign Asset Control (OFAC) sanctioned ETH and USDC addresses linked to Tornado Cash on Aug. 8 in response to several alleged thefts by North Korea’s Lazarus Group, who were claimed to have routinely used the privacy mixer to preserve its anonymity.
Shortly after the sanction on Aug. 10, Alexey Pertsev, the creator of Tornado Cash was arrested by authorities in the Netherlands and is currently facing a series of money laundering charges. He remains behind bars and his next hearing will take place in late April.