This article is my personal point of view and not connected to any other people or companies
Everybody in crypto knows what's happening with Tornado. Here is my own explanation of the situation for a wider number of people, not only software-related guys.
Tornado is a mixer. You take 10 ETH, send them to the mixer (open the site, or you use your own software) from your "good" address, receive a secret piece of information (a "small file" or "secret text string"), and can use this "secret" later. From any other computer, device, or with other software, you can send "secret" to the mixer, and it will send your 10 ETH to the address you’ve sent along with the secret. That's all.
Tornado Cash mixer is a smart contract. It's just a piece of code that was placed ("deployed") in the Ethereum blockchain. This piece of code cannot be changed, it's code is fully open. What does "open" mean for blockchains? The first thing - is that "deployed" machine code can be read by anyone, and provably full, from the first bit to the last.
Second - the algorithm is also fully open, there are tons of articles, posts, and discussions about the building of such systems, as well as deployed examples and proofs-of-concept.
Third - the source code ("text" from which the "deployed" code can be generated) is also fully open on GitHub and there are tons of copies of this code on dev's computers, on GitHub, in personal dev's repositories, and in articles. You can choose from tens of implementations, download it absolutely free and deploy your own "Tornado" mixer when you want.
Now, why they launched it? Why Tornado team deployed a service for money laundering?
Tornado is based on a technology called zkSNARKs. It's a new cryptographic technology, allowing a lot of very powerful algorithms to be launched. For example - to defend your personal data from leaks from different services, to simplify misc verifying actions, that allow you to "prove that I have something, written in some document (ownership right, allowance to drive, absence in list of criminals, etc)" without the need to show this document in plain to verifier", because the verifier can be a malicious actor too and can leak the document itself.
It's a very, very important technology for the whole IT area, not only for crypto. It allows users to build distributed networks, where computers perform large computations without trust. In theory, such networks can be thousands of times more powerful than traditional centralized networks, helping to find new medicines, materials, teach ML algorithms, and so forth.
All this is possible in public networks without the risk of accounts takeover, with honest payment for each computed byte by participants. It's not an easy tech to figure out, but everybody who understands it knows that each working implementation of zkSNARKs can potentially become a breakthrough. For any blockchain developer or team - making a successful project using zkSNARKs is an excellent achievement, because any practical use of such software gives very valuable info about the security of such protocols to all the developer community.
zkSNARKs for many tasks have multiple serious drawbacks - you need huge "proving" keys (tens of gigabytes), or generation of the proof + calculation takes too much time(days), or the verifier cannot verify the result in a short time.
But, some particular tasks can be implemented with zkSNARKs in a way that is suitable for users - in the case that they work with “numbers”, “sets” and - the simplest “atoms” of data science. One of the simplest applications of these kinds of proofs - is the mixer algorithm, where you prove that you previously have put a value to the secret list. The work of designing such algorithms and making them better is performed by top cryptographers, and scientists from top world universities - because they can totally change the way distributed systems work.
And, as it's common in cryptography, everything is fully open, every article, every algorithm. The days when cryptography was a secret are already passed, now, any "secret protocol" means "insecure protocol", because top world cryptographers didn't audit it.
Ok, interesting. But why did they implement a mixer?
First, technical
zkSNARKS has some specific types of "proofs" that are very useful for "proving that something is in some list (set membership proofs)". And the simplest type of data is proving the fact, that "I've added some number to this SECRET list" (without opening the number and the list). These proofs are short, can be computed by user computers quite fast, and can be verified efficiently (enough for the Ethereum blockchain could check the proof in one transaction).
For this proof, it doesn't matter what number you prove "I have 28 from 30 points on the last exam in university" or "I have put 28 ETH to the protocol earlier". The mixer is good enough to be implemented because there is no connection with the outside world, which is always a pain in the ass for any decentralized project.
Second, financial
Why TORN token? Guys wanted to become millionaires using "dirty money"? In DeFi, in many cases, a special token is the easiest and most secure way to achieve many goals at the time, and "monetization" is not the main reason in many cases. Of course, the project needs to pay to the team, or how do you think the open source development is funded? But a token can be used also for tens of different functions - voting for the protocol changes, grants, insurance funds in case the protocol will be hacked, etc.
In a mixer, it seems to not be a good decision to take part of users’ money (like centralized banks can do easily without your permission), so, the only way to organize the support of a project - it's own token TORN. How it was distributed - can be read in public and every operation with the TORN tokens is public.
Third, ethical
So, the team, participating in many public hackathons, making excellent and deep technical talks at public conferences, and presenting a lot of important info to ALL developers, decide to launch the project to make a special money laundering service??
So, how do I see the pseudo-dialog when a "potential" project, deciding to start or not to start a mixer on zkSNARKs:
- "zkSNARKs are excellent, what can we build using them?"
- "requirements?"
- "must work in current Ethereum, be decentralized, user experience should be good (without huge keys, proving times, etc), the project must be useful in real life"
- "(after research) It's very strict requirements, now the only thing that can be built with 99% probability and have users - it's a mixer. Proofs of “set membership” with the simplest type of data - numbers, all data is on chain, the value of the project - privacy"
- "mixer? seems like it can be dangerous, money laundering, etc.."
- "(tons of talks, tons of questions, consultations with lawers)"
- "project, that can test promising cryptographic algorithm, with real value, on real data, protecting user's privacy, fully open and decentralized, a real “rocket”"
- "A "good" part seems bigger than "bad", fuck it, let's try"
(SORRY TO THE TORNADO TEAM, IT'S ONLY MY "DETECTIVE" VERSION)
The success and money for such risky startups are unpredictable. The project can receive ten users and be stopped after the first serious bug. And, of course, the Tornado team, having experience with many startups, and hackathons fully understand it.
It definitely wasn’t: "we know those bad guys will bring their money and we'll take part of it". It was: “Something really important and big is hidden in such solutions, let’s try”
WTF was that, SEC?
The result is very bad. The only thing that happened - many people (mostly from the “good” part of Tornado users) were really scared. Any other results? Tornado deposits continued, while actions of the regulator only proved the quality of the algorithm. Now, there will be tons of Tornado copies with the untrusted setup, from untrusted teams, with definitely less control.
Tornado publicly performed all required actions from the regulator, by blocking “bad” addresses on their frontend. Nothing else can be done with the protocol now. The problem is not solved, funds still go through; the site, restricting users using regulatory rules is down; members, trusted by the open community but compromised. Instead of one mixer from the team with a good reputation, following all regulation requests, with good funding and public presence, users will have tens of shady copies, working exactly as original, that will continue to avoid your “regulation”. Excellent result, applause…
zkSNARKs primitives are extremely important for the creation of large-scale networks, unbreakable and flexible telecom, and distributed supercomputing. They are not only about "anonymity" or "money". Sorry, that "number" is the simplest type of data in computer science, and cryptographers first try to defend "numbers". Sorry, that the best way to defend "numbers" are public blockchains. Sorry that many people preferred to call these numbers "a currency" to build their businesses.
Special thanks to the "financial regulation" (of all countries) for the absence of the ability to build really important things on zkSNARKs and public blockchains: Self Sovereign Identity protocols, Verified Credentials, "anonymity-by-government", "100%-legal-onchain" solutions.
Crypto, and mixers as its part, are so successful because they’re not connected to all this old mammoth shit. Every time new algorithms meet off-chain laws, made for old and stupid fiat money, shit happens. And for almost 5 years of crypto-adoption you didn't do anything significant with it, simply repeating old scenarios, repeating the same errors, and ignoring technical progress. Good luck.