Privacy is a difficult area to build in, especially given last year’s arrest of Tornado Cash developer Alexey Pertsev. However, privacy is a necessary primitive for DeFi to work at scale, as it’s suboptimal for everyone’s historical transactions and balances to be publicly visible on-chain.

The primary legal risks of building privacy solutions involve the fact that the mixing functionality they provide can be used to facilitate money laundering and other criminal activity. For this reason, all our proposed implementations all involve mitigating this ability while preserving the additional benefits of privacy. Both solutions involve rewriting the Tornado Cash circuit, and require a team that’s reasonably familiar with zero knowledge technology.

The first solution involves rewriting the Tornado Cash circuit to:

a) give users the ability to interact with certain smart contracts from the shielded pool. This could include things like swapping, staking, depositing into a money market, or even LP’ing – actions in which ownership of asset value is maintained.

b) only allow users to withdraw from the shielded pool back to the same address they deposited with

The combination of these two features gives users the ability to keep their financial activity private as long as they keep assets within the shielded trading pool.  However, by preventing the ability to transfer within the shielded pool, users cannot move assets in an untrackable way once removed from the shielded pool.

The second solution involves modifying the Tornado Cash circuit to enable a viewing key to be generated that can decrypt specific shielded transactions. The ability to generate the viewing key would be threshold sharded amongst all the validators, who would then be able to decrypt transactions in response to a governance vote.  It would then be up to governance to vote to decrypt transactions that are in the interest of the network such as the movement of hacked funds, or to comply with valid request from law enforcement agencies.  Crucially, this should be done such that validators are able to decrypt a single input to an output and thus able to uncover specific transactions without revealing the entire network

Where: This would make most sense on Osmosis since this is currently the only Mars outpost.

Hackathon MVP:Mentors: Sunny and Dave (cofounders of Osmosis)