Ethereum Privacy Tool Tornado Set to Be Fully Non-Custodial Within Next Month

Tornado.cash has been an early and promising prospect in Ethereum’s advancing privacy arena.

Its potential? To be a solution anyone can use to make anonymous Ethereum transactions in a non-custodial manner, meaning users would maintain control of their funds every step of the way.

However, due to the security trade-offs and the financial stakes around a rising project like Tornado, the tool isn’t entirely non-custodial yet — its admins could still materially exert control over the system if put under duress, for example.

“The dirty secret of Tornado Cash is that it is controlled by a multisig, and the trusted setup was done on a single machine,” SpankChain CEO and MolochDAO grassroots Ethereum funding group founder Ameen Soleimani said in a recent proposal to fund $40,000 toward a new Tornado trusted setup ceremony.

Such a ceremony would set up the parameters of a new non-custodial version of Tornado in a verifiable way, and the good news for the project and for Ethereum in general is that funding proposal did pass. The passage kicked off work on an audit by NCC Group Security Services, an auditing firm recommended to Soleimani by Zcash pioneer Zooko Wilcox.

Toward Better, More Secure Privacy

This will set Tornado on a trajectory to fulfilling its full potential, Soleimani has said:

“The objective is to perform a legit trusted setup, then ditch the admin multisig and lock the contract open, so we have privacy on Ethereum until the heat death of the universe or the end of time, whichever comes first.”

Notably, the NCC audit of the new Tornado trusted setup codebase comes after MolochDAO facilitated a prior $10,000 proposal aimed at optimizing the user interface and design of the ceremony.

As for the newly approved funding, it’s put Tornado on course to be fully decentralized in short order. In responding to criticism that the tool has previously been hailed as non-custodial when it wasn’t, Soleimani separately noted:

“I’ve never called it safe yet,…

Source Link

Advertisements