Tornado.Cash is currently the largest decentralized currency mixing protocol. It has experienced a currency refund due to regulatory reasons in the state where it is located in the United States, and now it is finally issued! The current deposit amount in Tornado.Cash has reached 200 million US dollars, with a weekly transaction volume of 10 million US dollars and an income of about 20,000 US dollars. A centralized currency mixing platform previously seized by the FBI had an income of 50 million U.S. dollars in 8 months of operation. Judging from this amount, currency mixing is worthy of attention, and Tornado.Cash may also have a relatively large room for development because of this. And from a technical point of view, Tornado.Cash is also a relatively high-level protocol.
Tornado.Cash has become Ethereum's largest privacy solution, it is autonomous and decentralized, but it is also static - which makes it impossible to grow. What is now being presented are proposals that could change that. If this proposal is adopted, then the governance of Tornado.Cash will be delegated to its users, and Tornado.Cash will be allowed to grow under the governance of its community. In this way, users of Ethereum will be in control of their own privacy protocols.
Here is a proposal on how the Tornado.Cash governance system could work:
TORN token
TORN is an ERC20 compatible token with a fixed supply to govern Tornado.Cash. TORN holders can make proposals through governance and can vote to change the protocol.
TORN is not a fundraising tool or an investment opportunity. After 45 days of deployment, it will remain non-transferable until the community votes through governance to unlock the transfer and ensure compliance with all applicable laws.
The following is the initial distribution method of TORN:
5% (500,000 TORN) : Airdrop to early users of the Tornado.Cash Ethereum pool
10% (1,000,000 TORN) : Anonymous mining of Tornado.Cash Ethereum pool, linear unlock within 1 year
55% (5,500,000 TORN) : DAO library, which will be unlocked linearly within 5 years and has a 3-month lock-up period
30% (3,000,000 TORN) : founding developers and early supporters, will be linearly unlocked within 3 years, and have a 1-year lock-up period
airdrop
Believed from the beginning that Tornado.Cash users should have a say in the governance protocol. For this reason, early adopters of the protocol will receive an airdrop of TORN.
Before the block height of 11400000, all addresses that deposit to the Tornado.Cash Ethereum pool will get airdropped TORN. TORN will be airdropped in the form of a non-transferable TORN voucher (vTORN), which can be exchanged for TORN 1:1 within 1 year. Unredeemed TORN will be liquidated into the governance contract after 1 year and become part of the DAO library. The redeemed TORN can be used immediately.
The airdrop amount depends on the size and length of the user's deposit - larger deposits and earlier deposits will receive more TORN. The multiplier for deposit size is logarithmic:
So depositing 100 Ethereum will get twice as many tokens as depositing 1 Ethereum. The multiplier allows both large and small users of Tornado.Cash to have a say in governance.
The exact curve for the time multiplier looks like this:
The exact airdrop formula is as follows:
anonymous mining
The basic philosophy behind Tornado.Cash is that privacy is a human right, and that the more everyone adopts privacy measures, the safer it is for all of us (just as HTTPS being the default in web browsers makes us All are safer as well). To this end, users who add the Tornado.Cash anonymity set in the future should also receive TORN.
Traditional DeFi liquidity mining is a natural choice for token distribution. However, any naive yield mining scheme would force users to disclose how long their deposits were spent in the Tornado.Cash pool. This goes against the core value of Tornado.Cash: protecting privacy.
This is the driving force behind the invention of anonymous mining. In anonymous mining, users will be able to receive TORN through a two-level shielded liquidity mining system, which can fully protect user privacy.
After making a deposit in Tornado.Cash, the user accumulates Private Anonymous Points (AP) in a protected account that will protect the user's wallet address and balance without revealing any information about the deposit. Once a user has accumulated enough AP on their protected account, AP can be exchanged for public TORN tokens at any time via our custom Tornado.Cash AMM.
This system is a bit complicated. But this ensures that user privacy is always protected during the process of claiming TORN tokens.
NOTE: Only tokens deposited after the deployment ceremony are eligible for anonymous finalization - older tokens will be distributed via airdrop.
The operation steps are as follows:
Claim AP
First of all, users can only claim anonymous points (AP) of spent Tornado.Cash vouchers (users can only claim AP after spending vouchers). There will be a delay when claiming AP after spending the ticket.
To claim AP, the user's browser generates a special zero-knowledge proof to calculate the AP owed (based on how many blocks the user's credentials have in the Ethereum Tornado.Cash pool), which is then added to the user's protected balance middle. The following table is the AP table of each block for different Tornado.Cash certificate sizes.
Other users online can only see that someone has claimed some APs of unknown size for some credentials in a particular Tornado.Cash pool. To further enhance privacy, users can claim APs through relayers (repeaters who accept APs as a way to pay for their relaying).
protected account
Since the AP is completely private, in order to store the user's protected AP, the user needs to generate a secret key to store the AP balance. This key is randomly generated, then encrypted with an Ethereum public key (using Metamask's eth_getEncryptionPublicKey) and stored on-chain. This way, if it is lost, it can be recovered using the user's Ethereum key.
This secret key is used for encryption, submitting claims and extracting data without revealing the user's identity.
Convert AP to TORN
Users can use the customized Tornado.Cash Automated Market Maker (AMM) to convert their mined AP into publicly visible TORN.
Continuously and evenly drip TORN into this AMM (1 million TORN tokens within 1 year). AP claimed at any point can bid for the TORN accumulated to that point in the AMM.
This does mean that the timing of converting AP to TORN is strategic - if too many people are withdrawing at the same time, the AP/TORN conversion ratio will drop, and if very few people are withdrawing, the ratio will increase. However, for the first 45 days, TORN is completely non-transferable.
Here's a rough analogy: imagine that in a year, TORN tokens are released by dripping into buckets (AMM). With AP tokens, it is possible to bid on any amount of TORN currently stored in a bucket. If there are many APs bidding at the same time, the bucket will be exhausted quickly, and the bidding rate of each AP will be low. However, if AP holders are patient, it should level off over time and everyone should receive roughly equal amounts of TORN as AP.
This is the whole process of claiming TORN. Unfortunately, many of these have irreducible complexities. However, we will not know how much AP will be generated during the anonymous mining process (because it is private!), so this is the only way to ensure that TORN has a fixed supply and that all AP is continuously secured until it is redeemed for public TORN.
The exact AMM formula looks like this:
- T-TORN mining plan distribution
- Tvirt — virtual TORN balance
- Twithdrawn — the amount of TORN the user has withdrawn
- TORN - the amount of TORN the user will receive
- AP — Redeemable Anonymous Points
- W — AMM swap weight constant
Tornado.Cash Proxy
You might be wondering how this is possible - is Tornado.Cash really immutable?
it is! The Tornado.Cash smart contract cannot be changed or updated. They are decentralized and immutable.
However, for Tornado.Cash to be able to mine, it needs more metadata than is currently available: it needs to know the block number of each Tornado.Cash deposit and withdrawal. To do this, the old Tornado.Cash that added every transaction's existing block number was fronted by a proxy. For Tornado.Cash users using a proxy, their credentials can be used to mine anonymously, as the Merkle tree will contain data on when their deposits occurred. (The proxy-less version of Tornado.Cash will still work fine.)
Note: In order to aggregate deposits and withdrawals into the Merkle tree, a script called root-updater needs to be run. As long as someone is running, the system will run smoothly and reliably. Who should take charge of this role and how to deal with it is a decision made by the community through governance.
manage
In order to participate in the governance of Tornado.Cash, users first need to lock tokens in the governance contract. If users need to vote or create proposals, tokens cannot be unlocked until the end of the proposal execution period (8.25 days after proposal creation). Locked tokens can also be delegated to another address.
To make a proposal, a user needs to own at least 1000 TORN. All proposals need to be smart contracts, and this contract needs to have a smart contract that passes the verification code after the management contract is executed. This way, any administrative changes can be easily audited and tested.
The voting period for proposals is 3 days. A proposal will succeed if it receives a majority of votes and the total number of votes cast is at least 25,000 (if the turnout rate is too low, the proposal will automatically become invalid).
After the proposal is successful, its validity period is 2 days. After the deadline, any user can execute the proposal (initiate changes). If the proposal is not executed within three days thereafter, it will be considered expired and no longer executable.
All initial parameters are relatively small, as there will not be many TORN tokens in circulation in the early days. But these thresholds may be adjusted as the circulating supply grows.
Governance proposals have the right to change the internal parameters of Tornado.Cash, including full upgrades (via proxies).
management startup
At the end of the day, it's just a suggestion. We do not control Tornado.Cash, its users do, so if the community adopts this proposal, then it will be the way forward for Ethereum privacy. We've written the code and published it to GitHub and IPFS.
about
UBI.city - An agreement on the future organizational structure. We will release more ideas and design mechanisms for UBI.city in the near future. Welcome interested blockchain technology enthusiasts, community initiators, research analysts and Gavin, Contact Iris to discuss the possibility of UBI in the future.
ChinaDeFi - ChinaDeFi.com is a research-driven DeFi innovation organization . Every day, from nearly 900 content from more than 500 high-quality information sources around the world , it looks for more in-depth and more systematic content, and synchronizes it with the fastest speed. The Chinese market provides decision-making aids.