Taking responsibility

How to continue as a mixer?

Amnesia Cash is a functional clone of Tornado Cash. For a further introduction please read this blog post:

Only a week after the introduction of Amnesia Cash as a mixer, Tornado Cash was declared Persona Non-Grata akin to terrorism due to the accusing of helping foreign hackers launder stolen crypto funds.

Tornado Cash, at its core, is a very simple, yet very effective zero-knowledge proof application. Its simplicity is its strength and that allowed for such a secure mixer.

However, due to its simplicity and pure decentralization, it also attracted a lot of illicit uses. Many hacks and exploits laundered their money through Tornado Cash. Without anyone being able to do something about it, not even law enforcement.

The future of crypto

Tornado Cash, even though banned in the harshest of ways, didn’t stop functioning. It became harder to reach but because it is a proper decentralized product, it didn’t stop, it is truly a testament to being unstoppable. The ‘unstoppable’ is one of the most appealing parts and selling points of crypto/dApps. However, as we can see with Tornado Cash and a lot of other high-value projects is that it attracts unethical behavior if the benefits are good enough.

Some projects do have measures in place but these tend to lead to centralized control of just a few people. With the ability to arbitrarily ban or assume control of people’s assets. So just having an ‘admin’ or ‘super user’ defeats the purpose of decentralization.

But, if we want a future for the crypto space, we need to self-regulate. Laws are hard to enforce here, but it is hard to argue with code. But with code, simplicity is key, there is no ambiguity, and introducing too much complexity and social behavior opens up a plethora of (game-theoretical) attack vectors. But if there is no (self) regulation of immoral behavior eventually someone willing to use violence will retaliate.

We need to make immoral behavior non-beneficial, not just because the law says so but because it is the right thing to do. No-one likes to see their funds stolen only to see them publically disappear without a trace.

A solution

From the start Amnesia Cash recognized this problem but we were planning to introduce these measures after the initial releases on testnets. But due to these recent events surrounding Tornado Cash we spend some time validating if our solution was actually 100% feasible without compromising privacy.

On the surface, it looks like a small change but under the hood, it needed a lot of alterations on Tornado Cash`s great zero-knowledge-proof work. But we are certain this can work!

The solutions consist of two simple extra features:

1. The token pools will have a contract-enforced thawing period. Meaning that tokens are locked for a fixed period of time before a withdrawal is possible.
2. During this time a ‘bouncer role’ can deny a deposit. This means that the depositor is only allowed to withdraw back into the depositing address.

These two extra conditions are fully incorporated in the zero-knowledge proofs so that no information about timestamps or deposit addresses is leaked.

Let’s take a look at the implications:

• The bouncer role cannot assume control over any funds. Only deny them to be mixed. But also allow them to be mixed again in case of a mistake.
• Because they cannot assume control there is no liability on what to do with the funds afterward. Once a hack goes on it is for humans quite clear it is happening. By using the bouncer, funds that go into Amnesia can therefore be denied without legal and moral implications on what to do next.
• The bouncer role is an address that can be a smart contract managed by a DAO or group of people actively reacting to ongoing events. Finding a good method to do this is beyond the scope of the Amnesia Cash core project.
• Therefore a community can decide, by the use of the bouncer, that certain entities should not mix their coins, like exchanges.
• There is no way to automatically ‘ban’ users, it must always be an action after the deposit happens. There are no white or black lists.
• After the thawing period, the bouncer has no option to deny the funds anymore. By then the tokens/coins are completely mixed. Once in, you are in, keeping decentralization.
• During a complex situation, Amnesia can go into emergency mode, tripling the thawing period for the bouncer to react. However, even then, during and after the thawing period, the funds are always yours.
• Even if denied, you will never lose access to your tokens. You obtained privacy through the mixer or can withdraw them again to the depositing address.
• By having the bouncer as a role there is clearly a form of oversight and centralization introduced. But the power of the bouncer is very limited and can never compromise any funds. But it does allow for self-regulation on what exact tokens and funds should stay public and which ones are private.
• Once your coins are private after the thawing period, there is no way to take that privacy back.

We at Amnesia Cash believe this is the best method to deal with funds that should not be mixed or made private, whilst avoiding legal (custodial) complications. The method is simple enough for a core project and the complexity of how to deal with unwanted funds can be outsourced to an external contract/DOA/whitelist of people. Now how to do that exactly is still up to debate and not (only) up to the Amnesia Cash team.

If you have good idea’s on how to improve, have questions, suggestions or want to follow the project, join our discord at: https://discord.com/invite/rskpfmEKEU

Or follow us at twitter: https://twitter.com/amnesia_cash