RFP: Tornado Desktop


This post outlines a potential request-for-proposal for a Tornado Cash desktop client, which can generate, store, and manage notes safely offline.


The motivation for this Request for Proposal is twofold:

  1. I’m one-of-five multisig holders and I’ve been seriously reflecting on what could be funded of significance to really boost the ecosystem. I’ve made some comments on the forum mentioning useful initiatives that I imagine would qualify for funding. However, even these have felt underwhelming.
  2. Reflecting on the project more deeply as of late, I’ve realized that managing an industrious Tornado operation (or really, engaging in anything more than just casual usage) for the average user is a pain in the ass. And storing notes in your everyday browser’s local storage is risky. To say the least.


A desktop client would provide an additional layer of security to Tornado Cash end users

Notes could be generated offline. Transactions could be signed offline. Then the device could be brought online to broadcast the transactions. In the process, you could then airgap your private notes from being stored in a persistently online environment, such as your browser.

Furthermore, it could be possible to also include Ethereum wallet generation in this desktop client - similar to MyCrypto Desktop (we could even clone the MyCrypto codebase for this). Allowing for new wallet generation locally would easily allow users to create independent wallets to mix funds safely between without relying on MetaMask (which is now in the lovely hands of JP Morgan, Mastercard, UBS - we all know how much they love empowering humanity)

Long term, this desktop client could begin to include basic analytics to provide the user with insight into how much entropy they may accidentally be revealing as they mix their funds through Tornado. For example:

  • if you claim all your AP at once immediately after mixing, you may give yourself away
  • if you mix too often from one address to another, you may give yourself away
  • if you mix a large, specific number of deposits in from one address and then withdraw them all to another address, you may give yourself away

Each of these transaction types could be analyzed offline prior to tx execution to inform the user if their attempt at creating personal security for themselves will be foiled by their own folly or accidental misstep


If there is interest, we can potentially create a Gitcoin Bounty for anyone interested in taking on the project.

Is there demand for a desktop version of Tornado Cash that would let you generate, store, and manage notes easily offline?
  • Yes
  • No

0 voters

Any and all feedback is appreciated and welcomed


Thanks for this post @ethdev. As discussed before, I do think that this could be really useful for the community. I would personally prefer to use this solution instead of a website.


It could also force the use of Tor and relayers could run hidden service so IP address are not leaked. I agree that the current solution for managing notes is not the most secure and I limited my amount of long term deposit in part because of this.


This is a great idea. I recommend to use Tauri, an electron competitor written in Rust:


We could write a proposal for this but it depends on the amount assigned to this bounty. What amount are you thinking @ethdev?