This post outlines a potential request-for-proposal for a Tornado Cash desktop client, which can generate, store, and manage notes safely offline.
The motivation for this Request for Proposal is twofold:
- I’m one-of-five multisig holders and I’ve been seriously reflecting on what could be funded of significance to really boost the ecosystem. I’ve made some comments on the forum mentioning useful initiatives that I imagine would qualify for funding. However, even these have felt underwhelming.
- Reflecting on the project more deeply as of late, I’ve realized that managing an industrious Tornado operation (or really, engaging in anything more than just casual usage) for the average user is a pain in the ass. And storing notes in your everyday browser’s local storage is risky. To say the least.
A desktop client would provide an additional layer of security to Tornado Cash end users
Notes could be generated offline. Transactions could be signed offline. Then the device could be brought online to broadcast the transactions. In the process, you could then airgap your private notes from being stored in a persistently online environment, such as your browser.
Furthermore, it could be possible to also include Ethereum wallet generation in this desktop client - similar to MyCrypto Desktop (we could even clone the MyCrypto codebase for this). Allowing for new wallet generation locally would easily allow users to create independent wallets to mix funds safely between without relying on MetaMask (which is now in the lovely hands of JP Morgan, Mastercard, UBS - we all know how much they love empowering humanity)
Long term, this desktop client could begin to include basic analytics to provide the user with insight into how much entropy they may accidentally be revealing as they mix their funds through Tornado. For example:
- if you claim all your AP at once immediately after mixing, you may give yourself away
- if you mix too often from one address to another, you may give yourself away
- if you mix a large, specific number of deposits in from one address and then withdraw them all to another address, you may give yourself away
Each of these transaction types could be analyzed offline prior to tx execution to inform the user if their attempt at creating personal security for themselves will be foiled by their own folly or accidental misstep
If there is interest, we can potentially create a Gitcoin Bounty for anyone interested in taking on the project.
Any and all feedback is appreciated and welcomed