The “basic difficulty” of the Tornado Cash system, according to Soleimani, is that users of the system cannot demonstrate that they are not part of a group that is robbing or laundering bitcoin money.
- The developer of Tornado Cash is now working on Privacy Pools, a service that mixes different cryptocurrencies.
- The primary issue with Tornado Cash is that users cannot provide paperwork about their involvement in criminal activities.
U.S. Regulators’ Stance
To encourage U.S. regulators to reevaluate their stance on privacy mixers, an ex-engineer with Tornado Cash claims to create a new crypto mixing service to address a “critical fault” in the accepted crypto mixer. Ameen Soleimani, the mixer’s designer, posted the source code for “Privacy Pools,” a new Ethereum-based mixer, on GitHub on March 5.
Users of Tornado Cash cannot substantiate that they are not connected to the Lazarus Group in North Korea or any other criminal organization, according to Soleimani, who outlined this as the “fundamental fault” of the system in a 22-part Twitter thread. Yet according to Soleimani, depositors and withdrawers utilizing Privacy Pools can reject an anonymity set that includes an address linked to money that has been stolen or laundered.
The zero-knowledge (Z.K.) proofs are used to implement this Privacy Pools feature to ensure that the user’s privacy is protected. “Users now have the choice to assist regulators in isolating illicit funds without disclosing their whole transaction history. Just because someone deposits into the same smart contract as you doesn’t mean they may compel you to share an anonymity set with them in privacy pools. You get to decide.”
By empowering “the community to respond against hackers misusing the anonymity sets of honest users without necessitating blanket legislation or compromising on crypto values,” the solution’s creator intends to prevent such abuse.
While the first iteration of the privacy protocol is still in its “experimental” stage because the code is incomplete and hasn’t been inspected, Soleimani stated that Privacy Pools is already live on Optimistic and that he is “very near to having this ready.”
For the protocol to advance, Soleimani wants on-chain forensics tools like Chainalysis and TRM Labs to do tracebacks on deposits so that privacy tool users won’t need to establish their subset exclusion lists manually.
Soleimani argued in favor of on-chain privacy protocols and provided the following example from what he called an “outstanding” paper by the Federal Reserve Bank of St. Louis in Missouri that looked at the trade-offs between on-chain privacy and regulation:
Their paper suggests that users of Tornado Cash submit receipts to an intermediary to accomplish effective regulation, disclosing to the middleman all of their transactions while maintaining their right to privacy concerning other users on the public blockchain.
On-Chain Privacy
The creator believes this will “start a debate” with American officials about how Z.K. proofs might be used to protect on-chain privacy while limiting criminal activities. After the U.S. Office of Foreign Asset Control (OFAC) sanctioned ETH and USDC addresses linked to Tornado Cash on August 8 in response to several alleged thefts by North Korea’s Lazarus Group, who were purported to have routinely used the privacy mixer to preserve its anonymity, Soleimani made an effort to develop a crypto-friendly on-chain privacy solution.
The developer of Tornado-Cash, Alexey Pertsev, was detained by Dutch authorities shortly after the sanction was announced on August 10. He is currently charged with multiple counts of money laundering. His next hearing is scheduled for late April, and he is still being held in custody.
