I need to harp on an issue that I’ve raised a few times in the past, and that issue is access to the front-end source code.
As you may know, Tornado.cash is made up of two principal parts - the contracts and circuits, and the front-end. The contracts and circuits are all open source, and a good chunk of the JS that is used to interact with them is open source. However, the code for the front-end is closed-source, and it’s not clear to the community who actually has access to it.
The problem with this is that there is little overlap between those who offer support to Tornado.cash’s users, and those who have access to the front-end code. So, when there’s a flood of questions in Discord and Telegram about why user are unable to withdraw their notes, all that most people who want to help can do is throw up their hands and say “I don’t know, maybe try a VPN?”
If all that the front-end did was call off to open source contracts, it’d be feasible to made educated guesses about what’s going on. However, the front-end is seemingly much more complicated than that. It’s using prepared caches of data served as ZIP files. It’s calling off to random, closed-source contracts (does anyone know what
0x8cb1436f64a3c33ad17bb42f94e255c4c0e871b2 does?). It’s processing logs from Infura in order to generate proofs, but it’s not at all clear how it’s doing that, and why it might be failing.
I’ve been providing support to TC’s userbase for several months now. I have enjoyed doing it, and I’ll probably keep doing it. But the fact that many questions are having to go unanswered because nobody has access to the code, or has access but doesn’t offer support, is super frustrating.
I think that the multisigs should fund a snapshot vote on this issue. Either the front-end should be made open-source, or there needs to be a transparent decision-making process for how people are given access.