MolochDAO Unveils ZK Powered Cryptomixer
The On-Chain Privacy Protocol includes compliance features
MolochDAO, a decentralized autonomous organization that funds Ethereum infrastructure projects, has created a new crypto-mixing service designed to preserve the privacy of on-chain transactions while offering features that allow users to prove they comply with local regulations.
On Saturday, Ameen Soleimani, a developer who contributed to the now-sanctioned crypto-mixing protocol, Tornado Cash, revealed that MolochDAO has launched a demo of Privacy Pools, its new coin-mixing service.
Speaking on behalf of MolochDAO, Soleimani said a critical flaw of Tornado Cash was failing to provide users with a means to prove they are not affiliated with criminal groups or other sanctioned entities.
In contrast, Privacy Pools uses zero-knowledge proofs, a privacy-preserving technology, to enable users to demonstrate that they are blacklisting sanctioned wallets without revealing their identity.
“Now users have the ability to help regulators isolate illicit funds, without revealing their entire transaction history,” Sol said.
Tornado Cash Sanctions
Soleimani said some of the DAO’s members had “furiously built” Tornado Cash in three weeks after the board rejected a proposal to formally fund the development. Launched in 2019, Tornado Cash has steadily grown to emerge as Ethereum’s top mixing service.
Cryptomixers aggregate digital assets from multiple users to hide the origin of said assets, allowing users to move funds between wallets without leaving a trace on the chain.
In August 2022, the US Treasury Department placed Tornado Cash on its list of Specially Designated Nationals, prohibiting US entities from interacting with the protocol.
The move was attributed to the US government’s desire to prevent the Lazarus Group, a North Korean state-backed hacking organization, from using the service to launder stolen funds. Lazarus was linked to the $624 million hack of Axie Infinity’s Ronin Bridge in March 2022, which remains the largest exploit in DeFi history.
Lazarus is believed to have commingled more than $100 million using Tornado Cash. Soleimani noted that the Treasury Department also sanctioned Blender, a custody commingling service, in early May — just six weeks after Lazarus used Blender to commingle $20 million worth of assets.
Zero knowledge technology
Soleimani said Privacy Pool’s design took inspiration from Vitalik Buterin, Ethereum’s chief scientist, and a report prepared by professor Fabian Schar and graduate student Mat Nadler of the University of Basel and published by the Federal Reserve Bank of St. Louis in February.
Both Buterin and the paper advocate using zero-knowledge proofs to reveal specific transaction data to regulatory or financial intermediaries, while ensuring that transactions remain private on the blockchain.
“The approach essentially treats the privacy-enhancing protocol as an independent protocol and regulates the on- and off-ramps,” the St. Louis Federal Reserve’s report said. “This is similar to how cash transactions are regulated, with the major difference that cash does not involve an immutable transaction history…Crypto asset mixers like Tornado Cash can become an integral part of public blockchain infrastructure.”
“You can create a Tornado Cash-like mixer where … you don’t want to reveal exactly who you are [but] you would say “I’m a participant in this ecosystem, but I’m not a hacker”, Buterin said last year.
Soleimani has published the code for Privacy Pools to GitHub, but emphasizes that the protocol is not yet ready for prime-time.
Balancing privacy and regulation
“We are still fixing some bugs,” Soleimani said. “We’re sending this to start a conversation to help regulators understand a potentially more attractive balance between privacy and regulation that we didn’t even know existed a few months ago.”
Soleimani added that MolochDAO plans to sponsor grants that support further feature development for Privacy Pools. “We are open to working with anyone who is interested in taking this idea forward,” he said.