The Good Tech Companies - Tornado Cash Is One Step Away from Full Censorship (and a Solution)
Episode Date: August 28, 2024This story was originally published on HackerNoon at: https://hackernoon.com/tornado-cash-is-one-step-away-from-full-censorship-and-a-solution. Tornado Cash is a privacy... tool that can be used by anyone, everywhere as long as isn't fully censored... yet. Find out more in this article. Check more stories related to web3 at: https://hackernoon.com/c/web3. You can also check exclusive content about #crypto-mixing, #tornado-cash, #crypto-regulation, #blockchain-censorship, #ethereum-censorship, #tornado-cash-censorship, #obyte, #good-company, and more. This story was written by: @obyte. Learn more about this writer by checking @obyte's about page, and for more stories, please visit hackernoon.com. Roman Semenov, Alexey Pertsev, and Roman Storm decided to launch a cryptocurrency mixer on Ethereum in 2019. The system achieves privacy by severing the on-chain connection between deposit and withdrawal. It enables withdrawals to different addresses from those used for deposits. Users deposit their funds, wait for a while for the mixing, and then withdraw using a new address.
Transcript
Discussion (0)
This audio is presented by Hacker Noon, where anyone can learn anything about any technology.
Tornado Cash is one step away from full censorship and a solution, by Obite.
When Roman Semyonov, Alexey Pertsev, and Roman Storm decided to launch a cryptocurrency mixer
on Ethereum in 2019, they probably didn't think they'd have legal issues with it.
After all, a cryptocurrency mixer, Tornado Cash, in this case, is just
another piece of software, and writing code isn't established to be illegal.
What others do with that code, well, that's a very different story.
And there lies the controversy. Just as a reminder, what a cryptocurrency mixer or
tumbler does is obscure the public transaction trail by mixing the involved coins with others,
making it difficult to trace the origin or destination of the funds. In the specific case of Tornado Cash, TC, those
transactions must be made in Ether, ETH, or ANYERC20 token on Ethereum. Users deposit their
funds, wait for a while for the mixing, and then withdraw using a new address and a ticket or
note received at the beginning
the system achieves privacy by severing the on-chain connection between deposit and withdrawal
addresses utilizing a smart contract and zero knowledge proofs based on pretty advanced math
it enables withdrawals to different addresses from those used for deposits additionally relayers can
be employed to withdraw to addresses with no prior
ETH balance, ensuring greater anonymity. Tornado Cash is a privacy tool that can be used by anyone,
everywhere. Maybe to protect yourself against surveillance, to keep a business transaction
secret, or to safely fund a project or group in a hostile territory. Of course, as the tool it is,
it can also be used by malicious parties
to launder money, evade taxes, or fund illicit operations. To be fair, USD bills could be used
for that too, and no one is blaming the Fed for printing them. Which isn't the case for the
Tornado Cash developers. The legal saga. Things started to look bleak for this mixer and its
founders on the 8th August 2022, when the US Office of Foreign Assets Control, OFAC, blacklisted Tornado Cash,
accusing it of laundering billions in virtual currencies,
leading to domain takedowns and developer account suspensions.
Being blacklisted by the OFAC is bad news since it often involves asset freeze,
banning of transactions, and penalties for the parties who dare to have relationships with the sanctioned one, even outside the US.
Barely two days later, Alexei Pertsev was arrested in Amsterdam for suspected involvement
in money laundering through Tornado Cash. He's been a specially signal ed as a sort of
accomplice of the Lazarus Group, the North Korean hacking group considered responsible for the $625 million robbery on the
Ronin network in 2022. These hackers laundered the stolen funds via Tornado Cash. One year later,
in August 2023, Storm and Semyonov were also accused of the same thing in the US,
and the former one was arrested in Washington. At least, he was released just a day after by
paying a $2 million bond, and he's pending a trial.
In the Netherlands, Pertsev didn't have that luck, staying in prison for over nine months
before being allowed to leave for home arrest until his trial in April 2024.
His trial concluded in May 2024 with a sentence of 64 months in prison,
which he is currently appealing. Pertsev's legal team is actively working on the
appeal, but it may take several months before a new hearing is scheduled. This is likely the
first time ever that an open-source software is blacklisted by the OFAC, which sets a very bad
precedent. Several crypto and privacy advocacy groups and organizations, including CoinCenter,
DeFi Education Fund, and the Electronic Frontier Foundation have
pronounced in favor of Tornado Cash developers, and some of them are helping in the legal battle.
The censorship saga, for average crypto users and privacy enthusiasts, in practice,
all this means that Tornado Cash became illegal to use for all US citizens,
residents, and companies, including foreign entities that somehow participate in their market.
In case you didn't know, that includes quite a number from the crypto industry.
Therefore, wide censorship against Tornado Cash transactions quickly spread,
something that just shouldn't happen in the decentralized world.
Numerous crypto companies, from exchanges to stablecoin issuers,
started to banor outright freeze any coin that came from this mixer.
For instance, the Boston-based Circle, issuer of USD coin, USD, froze over $75,000 of funds linked to Tornado cash addresses. Tether Limited, the issuer of the most popular stablecoin so far,
USDT, initially refused to do the same, but eventually froze over 161 wallets sanctioned by the OFAC,
including some TC-related. Even decentralized platforms followed suit, given that, beyond the
ledgers, they're led by companies that control their websites and front-end interfaces.
That includes DYDX, Aave, Uniswap, Balancer, Oasis, REN, and more. Some wallets, like Metamask, don't allow Tornado
Cash transactions in the default setting. The old Tornado Cash website isn't available anymore,
and the accounts of its founders on GitHub were suspended for a while.
To sum it up, all centralized services, domains, interfaces, accounts, etc., related to this
platform have been taken down.
Does this mean that Tornado Cache was effectively banned and it's not available anymore?
No. Avoiding censorship is still possible. Being the open-source and decentralized software that
it is, Tornado Cache is still very usable by anyone who wants to. It may not be as easy as
before, but it's still there, with a site
maintained by its own community. Its smart contract is available on Ethereum, and users
can access the platform via the Interplanetary File System, IPFS, decentralized network.
The link is available from the official Twitter, ex-account of Tornado Cash, at Tornado Cash.
As for wallets to handle Tornado Cash transactions,
the real issue is the RPC, Remote Procedure Call, endpoints. They're often centralized
service providers of node infrastructure for wallets, so it's usually enough to change the
provider to one more amenable with this and other mixers. The team behind the IPFS website
recommended a list of them and provided instructions for meta mask users.
One part of censorship is done at the front-end level. That's only the part users see first,
buttons, forms, text, images, etc. and not the whole system. In a study by researchers from the Imperial College London, it was proven that, actually, this kind of censorship is quite
ineffective. Greater than, DeFi users can interact with the
platform smart contracts through a CLI greater than command line interface, or by forking the
platform project to create their greater than own front-end interface. Another method is to adopt a
non-tainted address greater than to interact with censoring DeFi platforms. To do so, users need to
transfer greater than their assets from their tainted addresses to
non-tainted ones. For instance, greater than we observe that a TC user transfers the withdrawn
ETH to a non-tainted address greater than via an intermediary address, to swap ETH to REN BTC on
Uniswap, I.E. TC 49, 8 greater than ETH right-pointing arrow ADDR 025. 3 ETH right pointing arrow ADDR 116. 5 ETH right
pointing arrow ADDR 211. 97 ETH right pointing arrow Uniswap 0. 94 REN BTC greater than right
pointing arrow ADDR 2. In this way, the non-tainted address ADDR2 is not blocked by greater than Uniswap.
Does this way of circumventing censorship look a bit complicated?
Well, yes, it'd be easier if the whole Ethereum network wasn't that full of middlemen.
Deeper censorship, front-end censorship isn't the only challenge, though.
In the consensus layer OFA blockchain, valid, and miners play crucial roles in approving or
disapproving operations, and they do have the technical ability to exclude a certain transactions,
effectively censoring them. Therefore, if a transaction originates from or is destined
for a sanctioned address, like a Tornado cash address, validators and miners might choose to
exclude it to comply with sanctions and avoid legal repercussions. For instance, Ethereum's system for creating blocks and enabling transactions uses three layers,
builders, relayers, and proposers. Builders are responsible for assembling transactions into
blocks, relayers help pass those blocks to proposers, and the proposers are the
validators who add them to the chain. Censorship can happen at any one of these layers.
For example, builders can refuse to include certain bad transactions like those involving
tornado cash in their blocks. Even if a builder includes a sanctioned transaction,
relayers might obstruct the block from being sent to the proposers. Finally, if the block somehow
reaches the proposers, they could refuse to propose it to the blockchain. Now, even if 90% of builders refuse to include Tornado Cash transactions in
their blocks but are still willing to build on top of blocks containing those transactions
from the remaining 10%, then Tornado Cash transactions can still make it through.
However, if block producers not only refuse to include those transactions but also reject
building on top of any block that contains them, then Tornado Cash transactions would
be fully censored.
This means that no new blocks with those transactions would be added to the blockchain, effectively
blocking them entirely.
Currently, there are about 50% of post-merge OFAC-compliant blocks on Ethereum, which means
there's a half of the whole network
that doesn't want to deal with Tornado Cash transactions. For now, they only block such
transactions from their own blocks but are still okay to build on top of blocks that include them.
However, if pressed to do so by governments or out of an abundance of caution,
they might adopt stricter censorship and start refusing to build on top of such blocks as well.
That's the on-step needed for Tornado Cash to be fully censored.
Beyond Ethereum, why is this level of censorship even possible in a decentralized network?
One may ask. The short answer is that, on Ethereum and similar ecosystems,
transaction generation isn't the same as transaction approval.
There are several steps, and parties, in the middle,
which isn't exactly ideal for a decentralized network. And all those middlemen, builders,
relayers, proposers, are usually formed by companies that could be forced to or decide to comply with the OFAC sanctions for their own convenience, and thus ban Tornado Cash and other
transactions. To potentially worsen centralization even more, the USSEC
underscore underscore approved underscore underscore 8 spot Ether ETF applications in May 2024,
which means more ETH in the hands of strictly regulated parties, more ETH being staked in the
US jurisdiction, and larger likelihood of censorship for Tornado cash transactions.
Truth be told, Ethereum isn't the most censorship resistant or decentralized
network nowadays no blockchain is since they tend to always have middlemen between transaction
generation and transaction approval on the other hand a directed acyclic graph dag ledger like
obite where transactions don't need to be approved by anyone and instead are added to the dag by the
users themselves offers a higher level of decentralization and freedom. There are no miners, validators,
or other centralized services between users and their transactions in Obite.
Every time a user conducts a transaction referencing past ones, it becomes part of the DAG,
immutable and beyond alteration. The DAG partially provides some order for transactions, and the work is
completed by order providers, ops. Their prominent entities are organizations that post their own,
guiding transactions, to help order the rest, yet, most importantly, lack the ability to alter the
DAG history or refuse transactions, as it does happen on Ethereum and other blockchain networks.
Privacy-centered services like Tornado
Cash could work more seamlessly in such a network without middlemen. This way,
Obite presents a compelling alternative to blockchain networks like Ethereum,
and it stands as a beacon for decentralized systems while providing a platform where
users can transact with confidence and autonomy. Info featured vector image by Tornado Cash.
Thank you for listening to this
Hackernoon story, read by Artificial Intelligence. Visit hackernoon.com to read, write, learn and
publish.