Introducing Proof of Innocence built on Tornado Cash
Tornado Cash is a popular protocol on Ethereum that allows users to make private transactions by breaking the on-chain link between the recipient and destination addresses. However, there may be instances where a user wants to demonstrate that their use of Tornado Cash is above board and not related to any illicit activity. That’s where Proof of Innocence comes in. Proof of Innocence is a tool that allows users to prove that their withdrawals from Tornado Cash are not from a list of specified deposits, selected by the user themselves. This allows users to clear their name and demonstrate their innocence without revealing their identity. Check out the demo application at poi.chainway.xyz to see Proof of Innocence in action.
Tornado Cash is a popular privacy-preserving service for Ethereum that allows users to make anonymous transactions. In August, the Office of Foreign Assets Control (OFAC) imposed sanctions on wallet and smart contract addresses associated with Tornado Cash, citing concerns that the service was being used to launder billions of dollars. This raised concerns about the security and trustworthiness of the system, and highlighted the need for additional measures to prevent bad actors from using it for illegal purposes.
That is where the “Proof of Innocence” protocol comes in. This innovative tool builds upon the existing capabilities of Tornado Cash and allows users to prove that their deposits are not from sanctioned or blacklisted addresses. In fact, you can exclude yourself from any address that has deposited into Tornado Cash, for specific purposes. By providing this proof, users can show that they are not hackers or other bad actors, and can make withdrawals from Tornado Cash with confidence. This not only improves the security and trustworthiness of the system, but also helps to protect legitimate users from being associated with illegal activities, without sacrificing their privacy.
How the Protocol Works
When making a withdrawal from Tornado Cash, users provide a zero-knowledge proof to demonstrate that their commitment (i.e., their deposited funds) is securely held within the Tornado Cash system and has not been withdrawn. This proof, which is based on the use of a Merkle Tree data structure, allows the user to confirm the existence and status of their commitment without revealing any identifying information about themselves or their transaction history. The zero-knowledge proof therefore ensures the privacy and security of the user’s funds while also enabling them to access and withdraw their commitment as needed.
The “Proof of Innocence” protocol adds an additional layer to this process by allowing users to prove that their commitment is not in a given list of commitments. This helps to ensure that the user is not a hacker or other bad actor who has been sanctioned or flagged for illegal activities.
To create this proof, the user provides the blacklisted commitments and constructs a Sparse Merkle Tree of this blacklist. This allows the user to easily and efficiently prove that their commitment is not in the blacklist. This proof can then be verified by anyone.
The “Proof of Innocence” protocol is open source and available on Github.
Last Words
Please note that the use of Proof of Innocence is at your own risk. Chainway values the importance of open source projects and welcomes any feedback on Proof of Innocence. We encourage users to thoroughly evaluate the tool before using it and to handle their private keys and Tornado Cash notes with care.
