Roman Semenov
Epicenter episode 395 with guests, Roman Semenov
Last updated
Was this helpful?
Epicenter episode 395 with guests, Roman Semenov
Last updated
Was this helpful?
This is epicenter episode 395 with guests, Roman Semenov.
Welcome to epicenter the podcast for you and your Crypto founders builders and thought leaders. I’m Sébastien Couture and I’m here with Friederike Ernst.
Today we’re speaking with Roman Semenov. He’s co-founder of Tornado.cash. It’s a fully decentralized protocol for private transactions on Ethereum.
今天我们连线Roman Semenov。他是龙卷风现金公司的联合创始人。这是以太坊上用于私人交易的完全去中心化协议。
(ads)
So Roman thanks to join us today tell us a bit about yourself. What’s your background and how did you get involved in crypto.
Roman,谢谢你今天加入我们,跟我们介绍一下你自己。你的背景是什么?你是如何参与到加密领域的?
My background is I learned studied physics originally but then I got into programming. I founded a few startups web services then I got into blockchain. I think four years ago worked on Ethereum scalability solutions at this time it was plasma but then switched to zk-SNARK( Zero-knowledge succinct non-interactive arguments of knowledge) and privacy.
我的背景是我最初学的是物理,但后来我开始编程。我创立了一些网络服务初创公司,然后我进入了区块链。我记得四年前我在以太坊的可扩展性解决方案上工作,当时它还是以太坊等离子体,但后来转向了零知识证明和隐私。
What did you do in physics? I’m a physicist by training also.
你在物理上做了什么?我也是一名物理学家。
It’s uh Quantum statistics and field theory so the black holes small particles some whole stuff.
它是量子统计和场论关于黑洞很小的粒子和一些整体的东西。
When you um got started on the privacy side of Ethereum applications. What kind of drew you to that.
当你开始着手以太坊应用程序的隐私方面时。是什么把你吸引来的。
I started by learning zk-SNARK to do some scalability stuff and they can also be applied to oracle’s and other things but one of the main applications are is privacy so I’ve build a few privacy projects on Ethereum hackathons and then we just decided to build something for production .
我开始通过学习零知识证明,做一些可伸缩性的东西,也可以应用于甲骨文公司和其他东西但的主要应用之一是隐私,所以我建立一些隐私项目在以太坊活动,然后我们决定建立这样的产品。
The thing that you built for production was Tornado.cash right? So tell us about Tornado.cash in a nutshell so we’ll dive deep into how it actually works in a bit but um what problem is it that Tornado solves.
你制作的产品是龙卷风现金对吗?跟我们说说龙卷风吧。所以我们会深入研究它是如何运作的,以及龙卷风解决的问题是什么。
The privacy because by default all Ethereum transactions are public. And not many people are comfortable with all their like financial history being public. So it solves this problem.
隐私,因为默认情况下所有以太坊交易都是公开的。没有多少人愿意自己的金融历史被公开。这就解决了这个问题。
Can you describe in a nutshell how that works, how do I make my transcation not public.
你能简单地描述一下它是如何工作的吗,我如何让我的交易不公开。
If you have a Ethereum wallet if you just transfer some funds to a new wallet uh the wallets can be connected like everyone can see that funds went to this new address but with Tornado.cash, you can put your funds into Tornado pool and when you do this Tornado.cash generates a private note for you. This note will be used to access your funds later. It’s kind of similar to private key then you want to withdraw you generate a new address and use this private note to withdraw your funds to this new address and nobody will see how your old address is connected to a new one.
如果你有一个以太坊钱包,如果你只是将一些资金转移到一个新的钱包,那么钱包可以连接,每个人都可以看到资金转到这个新地址,但是是通过龙卷风现金,你可以把你的资金投入龙卷风池。当你这样做的时候,龙卷风现金为你生成私人凭证。这张凭证将在以后使用。它有点像私钥,然后你想要取款,你生成一个新地址,然后用这个私钥把你的钱取出到这个新地址,没有人会看到你的旧地址是如何连接到一个新地址的。
The way I see Tornado gas is it’s like this black box where you throw funds into it and then on the other end you can withdraw funds and there is no way of knowing where those transactions are connected because you know they’re everything is obfuscated by cryptography in Tornado.cash. Can you walk us through some of the like usage scenarios like what does a user use tornado cash for like who are your users.
我看到这样的龙卷风就像是黑盒,你把资金投入,然后在另一端可以提款,没有办法知道那些事务相连,因为你知道他们都是混淆在加密龙卷风中的。你能给我们介绍一些类似的使用场景吗,比如用户使用龙卷风现金是为了什么,比如谁是你的用户。
If you want to get a new identity on blockchain , you can put your some of your funds to Tornado.cash then withdraw to your fresh address and use it for some thing that you do not want to be connected with your previous identity.
如果你想在区块链获得新身份,你可以把你的部分资金投入龙卷风。然后把现金提取到你的新地址,用它做一些你不想和你以前的身份联系在一起的事情。
When people deposit into Tornado.cash they’re given a zero knowledge based note that allows them to withdraw as much as they put in minus a fee. The kind of highes on the fact um that other people use that service as well so right so basically if I’m the only one who uses Tornado.cash, It’s no good because everyone knows exactly one person put money in and exactly one person pulled money out. So what do you recommend to users of Tornado.cash so I assume it’s advisable to leave to not withdraw immediately after depositing.
当人们向龙卷风现金中存款,他们将得到一个零知识的票据,允许他们取出多少钱,他们投入多少钱减去一笔费用。因为其他人也在使用这个服务。所以如果我是唯一一个使用龙卷风的人这不好,因为每个人都知道一个人存钱,一个人取钱。那么你有什么建议给龙卷风现金的用户呢,我想在存入后最好不要立即支取。
Correct, you can imagine Tornado.cash pool as a bag of coins that are all the same and some people come along and throw a new coin into this bag and then some other people come and take the coin, take some coins from this bag. So there is some activity like people come and go but for example if someone puts a coin into this bag and then someone else immediately takes coin out someone can think that probably this is like the same person.
没错,你可以想象龙卷风现金池是一个装满硬币的袋子,这些硬币都是一样的,一些人过来把一枚新的硬币扔进这个袋子,然后另一些人过来拿走硬币,从这个袋子里拿一些硬币。所以有一些活动,比如人们来了又走,但是例如,如果一个人把一枚硬币放进这个袋子然后另一个人马上把硬币拿出来这个人就会认为这可能是同一个人。
It is better if you mix with the crowd so you put your funds into the pool wait until at least few more people interact with this pool and then take some funds out.
如果你和人群混在一起会更好,所以你把你的资金放进池子里等到至少有更多的人加入池子,然后取出一些资金。
So basically it’s better to use the protocol when there’s like a lot of noise to kind of obfuscate the lineage between your deposit transaction and your withdrawl transaction.
所以在有很多杂音的时候使用协议会更好来混淆你的存款交易和取款交易之间的关系。
Yeah.
是的。
And there are also fixed denominations right? So basically there’s different pools for different increments of tokens.
也有固定的面额?基本上,不同的代币增量有不同的交易池。
Yeah and those pools are completely separate. This is done because for example if we would allow any amounts if you put some specific amount like 1.33 Ethereum in there and then take out the same amount. People can see that probably this is like the same user.
是的,而且这些池子是完全分开的。这样做是因为,例如,如果我们允许任何数量如果你放入一些特定的量,比如1.33个以太坊然后取出相同数量的。人们可以看到这可能是同一个用户。
So what’s the typical daily volume that goes through your protocol and how many users interact with it.
那么通过你的协议的日流量是多少以及有多少用户与它交互。
It’s usually dozens, you can check the actual states on the we have the dune analytics dashboard it can be accessed from Tornado.cash app, it’s in the main menu. But basically it’s dozens of transactions for each pool and the total number of transactions are around like 10 thousands plus plus.
通常是非常多的,你可以在分析仪表板上查看实际状态,这可以从龙卷风现金的应用官网上访问,在主菜单里。但基本上每个池子都有几十个交易,总交易数大约是1万多个。
And which tokens do you support so I assume Ethereum is supported but what about other tokens.
你支持哪些令牌,所以我假设以太坊被支持,但是其他令牌呢?
Ethereum is the most popular one and it provides the best anonymity set but Tornado.cash also supports Dai, cDai(Compound Dai), and Wrapped Bitcoin and people can also use those but there are few users so less anonymity at the moment.
以太坊是最流行的,它提供了最好的匿名设置,但龙卷风现金也支持Dai, cDai(复合Dai)和wbtc,人们也可以使用这些。但目前用户很少,所以匿名性更小。
I assume this only works for tokens which reasonably liquid right? So basically where there’s quite a lot of demand for obfuscating the origin of these coins. Do you have an idea of how to extend that to less liquid coins?
我假设这只适用于流动性合理的代币,对吗?所以基本上有很多人需要混淆这些硬币的来源。你有什么办法可以将其推广到流动性更少的硬币上吗?
The easiest solution is you can exchange less liquid coins to Ethereum use Tornado.cash for Ethereum and then can exchange back to those coins. Basically the assets that are chosen for Tornado.cash pools are the ones where people want to hold their funds for example, if a user wants to hold their funds a long time in Tornado.cash, maybe someone is not comfortable holding Ethereum and more comfortable holding stable coins. For example some users don’t want to be exposed to its volatility they can use Dai pool to put their money there for a few months for example.
最简单的解决方案是,你可以使用龙卷风现金向以太坊兑换较少的流动性代币,然后可以兑换回这些货币。基本上就是龙卷风所选择的资产。现金池是人们想要持有他们的基金的地方,例如,如果用户想要长期持有他们的基金。也许有人不喜欢持有以太坊,更喜欢持有稳定的货币。例如,一些用户不想暴露于其波动性,他们可以使用Dai池子把他们的钱放在那里几个月。
Is there a way have you thought of I don’t know like technically how feasible this is but for the Tornado.cash smart chain aslo include uh in addition to the privacy aspect some sort of automated market maker uh type of application that would allow users to basically swap tokens so like you could have like one person with depositing Ethereum and wanting to withdraw Dai and you could have maybe like another in the same pool wanting to do the inverse and you could just basically kind of like have those users like uh swap their tokens for one another.
你有没有想过一种方法,我不知道从技术上来说这是否可行的,但是对于龙卷风现金智能链也包括,呃,除了隐私方面的自动化市场制造商,呃,类型的应用程序。该应用程序将允许用户基本交换标记就像你会喜欢存以太坊,然后想取Dai。你也许会像另一个,在同一池想做和你相反的操作。基本上可以让这些用户互相交换他们的代币。
It’s not easy to do this uh while preserving privacy so uh automated market makers are not very friendly with like privacy solutions because for example in solution that you described those two assets can change their relative value for example when you deposited they were like the same but maybe when you withdraw one of them are now 10 times more expensive and it will be hard to do this like matching and exchange.
这并不容易做到。同时保留隐私,呃,自动化市场制造商对隐私的解决方案并不友好。因为你描述的解决方案,这两个资产,举个例子,可以改变他们的相对价值,又或者当你存入的时候他们是同样的价值,但也许当你取出其中一个将会是现在的10倍昂贵,而且很难像配对和交换这样做。
(ads)
So let’s talk about how Tornado.cash works under the hood so we already mentioned that there’s different pools like for 1, 10 or 100 Ethereum. Talk about the smart contract and the particular zero knowledge technologies that Tornado.cash uses.
让我们来谈谈龙卷风现金是如何在幕后运作的,所以我们已经提到了有不同的池,比如1个、10个或100个以太坊。谈谈智能合约和龙卷风现金的零知识技术使用。
I want to ask you how deep do you want to go.
我想问你,你希望多深入。
This is a fairly technical podcast you can go technical.
这是一个技术性很强的播客,你可以从技术性说。
So there are two basically two actions deposit and withdraw. There is also anonymity mining but we can talk about later uh. When you deposit the front generates some random bytes to be precise like 62 bytes but that doesn’t matter like some random array of bytes computes their hash and sends your Ethereum along with this hash to the smart contract. It calls deposit function and then smart contracts inserts this hash into the Merkle Tree. And the hash function is used to Petersen Hash. It’s more Snark friendly than regular SHA-3 or whatever and then the interesting part happens.
基本上有两种行为存款和取款。还有匿名挖掘我们稍后再谈。当你存入时,前端会生成一些随机字节,确切地说,比如62字节,但这没关系,因为一些随机字节数组会计算它们的哈希,并将你的以太坊连同这个哈希一起发送到智能合约。它调用存款函数,然后智能合约将这个散列插入到哈希树中。哈希函数用于彼得森哈希,它比普通的SHA-3更友好。然后有趣的部分就发生了。
When you withdraw like deposit is simple, but it’s quite expensive because this hash function is pretty expensive in solidity in since you insert into Merkle Tree, you need to compute a lot of those. But the operation itself is somewhat simple. When you withdraw the front end takes the same array of bytes and spilits it into the first part is called secret and the second part is called nullifier. (Know More)
当你取款像存款一样简单时,但是它又很昂贵,因为这个哈希函数非常昂贵因为你插入哈希树,你需要计算很多。但操作本身就很简单。当你取出前端接受相同的字节数组,并将其分成第一部分称为secret,第二部分称为nullifier。
This time we hash only this last part nullifier hash and using the snark we prove that we can take this random array of bytes your key and if we hash all of it we get your commitment and if we hash only the second part of it, we get your nullifier and also it proves that this commitment the hash of all this key is present in the Merkle Tree of deposits. So the inputes for snarks is Merkle root when you are using zero knowledge, some inputs are private and some inputs are public. The public inputs are sent on chain to check them against some smart contract data, and private inputs are only present when the user generates Snark proof. So the public input is Merkle root and smart contract willl check that Merkle root used for this Snark proof is the same that he has on the smart contract like for tree of deposits.
这次我们只散列最后一部分nullifier散列并使用Snark证明,我们可以把这个随机字节数组作为你的键。如果我们散列所有的字节我们就得到了你的承诺,如果我们只散列第二部分,我们得到了你的nullifier,它也证明了这个承诺。所有这个键的哈希值都存在于哈希树的存款中。所以当你使用零知识时,snarks的输入是哈希根,一些输入是私有的,一些输入是公共的。公共输入被发送到链上,与一些智能合约数据进行核对,而私有输入只有在用户生成Snark证明时才出现。所以公共输入是哈希节点智能合约会检查这个Snark证明中使用的哈希节点是否和他在智能合约中使用的一样就像存款树。
Merkle path is private, so the external observer only sees that the node is present in this Merkle tree. But don’t know where exactly it is located, which leaf exactly it is, and also smart contract can verify that all hashes were computed correctly. Because it is proven with this Snark. Also hash of the second part nullifier hash is also public. And it is used to prevent double spends when user withdraws funds the smart contract verifies that this nullifier hash is not present already in this array of nullifier hashes. And if it is present then it means the same note was already withdrawn and interesting part is that nullifier hash is not, cannot be linked to commitment to hash of all this value. Because those are computed from different bytes, and they seem completely random to external observer.
哈希路径是私有的,所以外部观察者只能看到该节点存在于哈希树中。但不知道它到底在哪里,它到底是哪个叶子,而且智能合约可以验证所有哈希值都是正确计算的。因为这已经被史纳克证明了。第二部分的哈希也是公共的。当用户提取资金时,智能合约会验证该消零散列是否已经出现在该消零散列数组中,用于防止重复消费。如果它存在,则意味着相同的注释已经被撤销,有趣的是,nullifier 哈希不能链接到所有这些值的承诺哈希。因为这些是从不同的字节计算出来的,而且它们在外部观察者看来是完全随机的。
So you already alluded to the fact that these transactions are pretty costly on chain can you give us an idea of how much um they cost at say a hundred quay. So deposit costs a little bit more than 1 million of gas. So this will be it depends on Ethereum price too but I guess like 200 dollars or something like this and withdrawl is cheaper, withdrawl only computes like verifies Snark proof and it costs around 400 thousands dollars guess.
你已经提到了这样一个事实,就是这些交易在链上是非常昂贵的,你能给我们一个概念,他们在100个节点上花费多少。因此,沉积的成本略高于100万手续费用。所以这也取决于以太坊的价格,但我猜大概是200美元或类似的,而提款更便宜,提款只计算像验证Snark证明这样的东西,它需要大约40万美元的猜测。
You can only withdraw in the same increments that you’ve put in right you can’t just say I put in 100 Ethereum and then I’ll just withdraw a 0.1 of an Ethereum or one each whenever I need one each you have to deposit and withdraw the same increments.
你只能在你投入的相同增量中提取,不能说我投入了100个以太坊,然后我只提取0.1个以太坊,或者当我需要的时候每个都取一个,你必须存入和取出相同增量。
Exactly yeah. With current implementation yes.
是的。根据当前的实现,是的。
Is there a plan to make this more efficient because obviously depositing at say 200 Ethereum per transaction or 200 dollars per deposit is pretty expensive and only pays for pretty large sum so basically if I want to um obfuscate say a hundred thousand dollars that maybe worth it but if it’s only one Ethereum or something it’s probably unfeasible right.
有打算让这更有效率吗,因为很显然,当只有200以太坊或者200美金的时候,这是很昂贵的。只有支付相当大笔基本上如果我想嗯混淆说十万美元也许值得,但如果这只是一个以太坊什么的,这可能是不可行的。对的。
Yes. There are many ways to improve the current solution when we developed Tornado.cash. We were thinking about what is the simplest solution we can make to solve privacy and roll it out to main net faster. But now we are thinking about how we can make this convenient and cheap. So currently Tornado.cash solves privacy in the simplest but not very easy to use way. There are many ways to improve it. For example, it can be done more similar to Zcash with transactions, inside the shielded pool, so to allow users to deposit any amount uh into the pool do transactions, to some other users.
是的。当我们开发龙卷风现金的时候,有许多方法可以改进当前的解决方案。我们在想我们能做出的最简单的解决方案是什么来解决隐私问题,并将其更快地推广到主网。但现在我们在考虑如何让它变得方便和便宜。所以目前龙卷风现金以最简单但不太容易使用的方式解决了隐私问题。有很多方法可以提高它。例如,它可以做更类似于大零币的交易,在池子内,这样可以让用户存入任何金额额到池中做交易,给其他一些用户。
Like for example, you can deposit three Ethereum send one each to someone else privately, then withdraw one if or whatever and also using layer 2 technology. It can be made much cheaper than it currently is and uh this privacy pool will be can be very layer 2 friendly. I’d say because since you already need to enter the privacy pool and then exit the privacy pool when you are done, you can in the same transcation bascially enter layer 2 as well with good enough integrations. Privacy can be done in such a way that your deposit fund, deposit funds into the privacy pool and magically all transactions inside this privacy pool are done already on layer 2 and are cheap and fast.
例如,你可以存入三个以太坊,每个人私下发送一个,然后提取一个,也使用layer 2技术。它可以比现在便宜很多,而且这个隐私池可以非常友好。我想说,因为你已经需要进入隐私池,然后退出隐私池,当你完成时,你基本上可以在同样的交易中进入layer 2,有足够好的集成。隐私可以通过这样的方式来实现,你的存款基金,存款基金到隐私池中,神奇的是,隐私池中的所有交易都已经在layer 2完成了,而且便宜又快速。
So if I understand correctly which is saying is that you could deposit funds into Tornado.cash and then those funds would essentially come out in a layer 2. Does that mean that you would need to have different pools for every uh layer 2 solution or uh there be a way to somehow have like one big pool that like sends funds in one of several layer 2 which kind of like increase privacy. I guess.
如果我理解正确的话你可以把资金存入龙卷风现金,然后这些资金会出现在layer 2。这是否意味着你需要为每个layer 2解决方案有不同的池,或者有一种方法可以有一个大的池,把资金发送到几个layer 2中的一个,这有点像增加隐私。我猜。
It will result in a separate anonymity pool for each layer 2 because it’s very hard to synchronize different layer 2 solutions and prevent double spins. For example, if someone sends funds in one layer 2 and then send the same funds in different layer 2, it will likely result in the different pools.
由于很难同步不同的layer 2解决方案并防止双自旋,这将导致每个layer 2都有一个单独的匿名池。例如,如果有人在一个layer 2发送资金,然后在不同的layer 2发送相同的资金,这可能会导致不同的池。
I have a couple more technical questions as to how the protocol actually works um so when I withdraw from the pool after having waited say a couple of days I would use a fresh address right? Because I mean this is kind of the point of all of this. How do I pay for gas from a fresh address right because basically if it’s a fresh address I won’t have any ease to pay for gas so how’s the standard.
我还有几个技术问题关于协议是如何工作的所以当我在等了几天之后从池子中退出时我会用一个新的地址,对吗?因为这是所有这些的重点。我如何从一个新的地址支付手续费,因为基本上如果这是一个新的地址,我不会轻易支付手续费油钱,所以标准是怎样的。
For this, we have a relayer network and basically how this works is instead of sending your Snark proof and all the call data to Ethereum. You send the same data to relayer and three layer submits this for you on chain and then gets part of your deposit as a compensation. All the parameters including relayer fee and which relayer should receive it are included in Snark proof. So if anything changes in this data the Snark proof becomes invalid, so relayer cannot changing anything. And the worst thing that it can do is just don’t do its job, and like send the transaction in which case you just like choose anyone.
为此,我们有一个中继网络,基本上它的工作原理是,而不是将你的Snark证明和所有呼叫数据发送到以太坊。你发送相同的数据到中继器和三层提交这个链,然后得到你的部分存款作为补偿。所有参数包括中继费用和哪个中继应该收到它都包括在Snark证明。所以如果数据中有任何变化,Snark证明就无效了,所以中继不能改变任何东西。它能做的最糟糕的事情就是不做它的工作,发送事务在这种情况下,你只需要选择任何人。
But this is a pretty rare occasion because if free layers misbehave they will just get deleted from UI.
但这是非常罕见的情况,因为如果自由层行为不当,它们就会从用户界面中被删除。
(ads)
So last year a paper came out in academic paper on misuses of Tornado.cash or basically user faults mostly where they looked at the 3 thousands Tornado.cash deposit and withdrawls until the date and found that through just looking at the graph they could actually match up 400 of these basically because people use the same deposit and withdrawl address as people did these immediately one after the other and so on.
所以去年有一篇关于误用龙卷风现金的学术论文发表了,可以说是用户故障,他们存了3000个龙卷风,直到这个日期的现金存款和提款他们发现仅仅通过看这个图表他们实际上只可以匹配400个。基本上因为人们使用相同的存款和提款地址人们一个接一个地这样做。
So this is already quite a large chunk of users that maybe some of these were test transactions but I assume some of the users genuinely messed up do you think you could make it easier for people to use this correctly or do you think you could make it harder for people to mess up. And we all know this is really difficult because people like messing up.
这是已经相当大部分的用户,也许这些测试事务但我认为一些用户真正搞砸了你认为你能方便人们使用这个正确或你认为你能让人们更难陷入困境。我们都知道这很难因为人们喜欢搞砸。
For this article I think like the most of the transactions that withdraw to the same address were probably just tests but in general I agree we need to educate people better on how to correctly use tornado cash to preserve privacy but the best way to solve this would be to make a wallet that takes care of all those things for the user.
在报道中我认为最喜欢的事务,取款到相同的地址可能只是测试,但总的来说我同意我们需要更好地教育人们如何正确使用龙卷风现金保护隐私。但解决这个是最好的办法让一个钱包为用户负责所有这些东西。
For example, the most obvious thing is hiding IP address because IP can be considered public information all those intermediate internet service providers and many other nodes in the network can see it and wallet could submit all the requests through torn. For example, and also like the wallet is the would be the most convenient way to solve this but it is a lot of work so.
例如,最明显的是隐藏IP地址,因为IP可以被认为是公共信息,所有的中间互联网服务提供商和网络中的许多其他节点都可以看到它,钱包可以通过龙卷风提交所有的请求。比如,和钱包一样是最方便的方法来解决这个问题,但它是很多工作所以。
You also need to connect to um to an Ethereum endpoint right so basically most wallets actually just um connect to inferior also basically inferior. If you don’t mask your IP they typically know who you are and which transactions you’ve sent to the network right?
你还需要连接到以太坊端点,所以基本上大多数钱包都连接到这样的端点。如果你不掩盖你的IP他们通常知道你是谁以及你发送到网络的哪些交易,对吧?
Yes, for users it’s correct to assume that everyone knows their IP address unless they use VPN or something like this. But if you just want to prevent your neighbor from looking inside your wallet it can be fine. Like every users decide for himself which level of unlimitedness he wants, like whether he wants to just hide his financial history from general public, or he maybe doesn’t trust governments at all and want nobody to be able to see his uh financials.
是的,对于用户来说,假设每个人都知道自己的IP地址是正确的,除非他们使用VPN或类似的东西。但如果你只是想阻止你的邻居偷看你的钱包,那也没关系。就像每个用户自己决定他想要的程度,比如他是否想要向公众隐藏他的财务历史,或者他可能根本不信任政府,不想让任何人看到他的财务。
The project goes at lengths when you’re like on the website and reading the documentation, it really goes at length to ensure that every aspect of tornado cash is decentralized. So there are no admin keys to administer the smart contract the website and the interface are hosted on IPFS, and there’s like all of this uh documentation around like how the project aims to be fully decentralized.
当你在网站上阅读文档时,这个项目会花很长的时间,它会花很长的时间来确保龙卷风现金的每个方面都是分散的。所以没有管理密钥来管理智能合约,网站和界面都托管在IPFS上,有很多关于这个项目如何实现完全去中心化的文档。
What kinds of constraints does this impose on you as a developer and perhaps also on users, and was there ever you know a thought that perhaps you should do this also as like an anonymous founder was this ever considered and if not why not.
这对开发者和用户有什么限制,你是否有过这样的想法作为匿名创始人你是否考虑过,如果没有为什么没有。
Anonymous founders making it as anonymous is harder, because it’s harder to hire and people basically trust way less to anonymous founders than public figures. As for immutable smart contracts, it introduces a lot of complexity, but users trust more when they see that the system cannot be changed.
匿名创始人很难做到匿名,因为更难雇佣而且人们对匿名创始人的信任度远低于公众人物。至于不可变智能合约,它引入了很多复杂性,但当用户看到系统无法更改时,他们会更信任它。
For example, one of the difficulty we had is introducing anonymity mining because if the contracts would be still updatable the anonymity mining could be much much simpler. But since we couldn’t change already existing smart contracts we had to introduce quite a few new mechanisms to work around this.
例如,我们遇到的一个困难是引入匿名挖掘,因为如果合约仍然是可更新的,匿名挖掘就会简单得多。但是由于我们不能改变现有的智能合约,我们不得不引入一些新的机制来解决这个问题。
Which new mechanisms?
什么样的机制?
For example, this is some intermediate step the Tornado.cash smart contract, like core smart contract don’t save at which block. Each deposits was made and for anonymity mining, this information is needed to compute the reward size. Because it’s based on time, the deposits spent in the pool so we had a separate contracts that contains Merkle Tree of all deposits and all withdrawls. But with block number information, so it mostly duplicates the court smart contract state, but it’s like extra stuff and also someone needs to upload updates to this tree. It is done trustlessly. So you cannot upload incorrect information but still someone has to do it and pay for gas.
例如,这是龙卷风现金智能合约的一些中间步骤,就像核心智能合约不保存在哪个区块。每笔存款都是进行的,对于匿名开采,需要这些信息来计算奖励的大小。因为它是基于时间的,在池里的存款所以我们有一个单独的合同包含所有存款和所有提款的哈系数。但有了区块号信息,它基本上复制了智能合约状态,但这是额外的东西,还需要有人上传更新到这棵树。这是不可靠的。所以你不能上传不正确的信息,但还是要有人去做并支付手续费用。
What’s the role of the Torn token, I mean you use that for anonymity incentivization or anonymity mining right?
龙卷风代币的作用是什么,我的意思是你用它来匿名激励或匿名挖掘,对吗?
Torn token is used for making governance decision for Tornado.cash protocol, and currently there are a few ways to get Torn. Old users got torn as airdrop so the people that used Tornado.cash in the past, before Torn token was released, got their Torn voucher that they can change to Torn token.
龙卷风令牌用于龙卷风现金的治理决策协议,目前有几种方法得到令牌。老用户会获得令牌空投,所以过去使用龙卷风现金的人,在龙卷风令牌释放之前,得到了他们的龙卷风凭证,他们可以把它换成龙卷风现金的代币。
And new users get Torn tokens as a reward via anonymity mining so basically Torn tokens are distributed to users that use Tornado.cash the past and in present so people that use it the most have the most voting power in the governance.
新用户通过匿名挖掘得到龙卷风代币作为奖励,所以基本上龙卷风现金的代币被分发给过去和现在使用龙卷风现金的用户,所以使用它最多的人在治理中有最多的投票权。
And what kind of governance decisions does the Torn take?
龙卷风采取什么样的治理决策?
There are some proposals. For example to update anonymity mining mechanism because at the moment of release it was too expensive and basically broken because it cost too much. But then the more efficient one was developed that is ten times of cheaper in terms of gas and governance was used to deploy this.
有一些建议。例如,更新匿名挖掘机制,因为在刚开始的时候它太昂贵了,而且基本上被破坏了,因为它的成本太高了。但是后来更有效的一种被开发出来了,它在手续费方面的成本是十倍而且治理也被用来部署它。
New contract and migrate all the data there also there was proposal for new pools new bigger pools for Dai, cDai and wbtc were introduced, and currently there is one more active proposal to do a community fund for tornado cash. So community decided to set up multiseek to be able to quickly make some decisions that don’t need this big governance voting. But basically like it’s smaller decisions than governance usually makes. And I need to know that Tornado.cash team doesn’t have a vote in its own governance because all team tokens are under wasting so currently community makes all these decisions without us.
新的合同和迁移所有的数据也有建议新的池新的更大的池为Dai, cDai和wbtc被引入,目前有一个更积极的建议做一个社区基金为龙卷风现金。因此,社区决定建立多小组,以便能够快速做出一些决策,而不需要这个大的治理投票。但基本上它比政府通常做的决策要小。我需要知道那个龙卷风。现金团队在自己的治理中没有投票权,因为所有团队代币都不在,所以目前社区在没有我们的情况下做出所有这些决定。
How long are the tokens rested for?
代币锁仓多长时间?
It is for 3 years but first cliff like first unlock is after one year so this would be around December.
3年,但第一次解锁是在一年之后,所以大概是在12月。
So this community pool, what kind of initiatives or applications do you hope to see this pool funding.
那么这个社区集合,你希望看到什么样的倡议或应用程序得到这个集合的资助。
I think they want to reward some contributors to Tornado.cash ecosystem, so maybe people that write manuals or make videos or maybe even sponsor done or something like this.
我想他们是想奖励龙卷风现金的一些生态系统的贡献者,所以可能是编写手册,制作视频或者赞助之类的人。
(ads)
And so tell us a little bit about this ecosystem like what exists out there in the Tornado.cash ecosystem.
告诉我们一些关于这个生态系统的信息比如龙卷风现金中存在的生态系统。
And what kind of thing would you like to see develop because it seems like a pretty mean to me anyways, it seems like a pretty straightforward thing like it’s an enemy pool but what kind of things can we build on top of that.
你希望看到什么样的东西发展,因为无论如何对我来说,这似乎是一个很随意的东西,它似乎是一个很简单的东西,就像一个基础池,但我们可以在它的基础上构建什么样的东西。
There are a few simple things that come to mind like not a solution but more like we like documentation for example. So some things like some simple things are needed to be done uh but in terms of more complex there are a few proposals about how to manage change or some people call it dust for example if you withdraw one Ethereum and then spend half of it for something now you have half Ethereum sitting in some address and you can’t do much with it like you cannot make it private again and everything you do with it will be connected with your previous transactions that spent this half Ethereum. Uh so there are a few proposals how to make those like small pieces private again.
有一些简单的事情会出现在我的脑海中,但并一定不是解决方案,而是我们更喜欢的文档。所以有些事情需要做一些简单的事情啊,但在更复杂的有一些建议关于如何管理变更或一些人称之为尘埃例如如果你取一个以太坊然后花一半的东西现在你有一半以太坊存在一些地址,和你不能做得像,你不能让它再次私有,你用它做的一切将与你之前使用这半以太坊的交易联系起来。有一些建议可以让这些小碎片变得私密。
So one of the things that I thought was really interesting on the Tornado.cash website is the compliance tool. When I saw it it’s like is are they talking about regulatory compliance or the is there some other form of compliance that I’m not getting here but yeah it is a tool to sort of you know ensure that transactions and special users can be compliant with their local tax regulation. What’s the compliance tool and why do you choose to build this into Tornado.cash.
关于龙卷风现金,我觉得很有趣的一点是,网站是合规工具。当我看到它就像他们在谈论法规遵从性或有其他一些形式的遵从性,我不但是它是一种工具,确保交易和特殊用户可以符合他们的当地税务规定。合规工具是什么?为什么你选择将其构建成龙卷风现金。
Compliance tool allows prove the link between deposit and withdrawl and basically it gives a Tornado.cash user a freedom to disclose his information to someone, so the financial information is not forced to be like completely hidden and user has now power to decide who they want to see this information.
合规工具允许证明存款和取款之间的联系,基本上它给了龙卷风。现金用户有向别人公开信息的自由,因此财务信息不会被强制完全隐藏,用户现在有权力决定他们想让谁看到这些信息。
For example, if they want to send those private funds to an exchange and then exchange ask them about origin of funds or something like this, they can easily prove where the funds come from and pass all this check can be used for tax compliance or KYC or things like this. But nobody except the user has the power to disclose it.
例如,如果他们想把这些私募基金交换,然后交换问他们关于基金的起源或这样的东西,他们可以很容易地证明资金从何而来,通过所有这些检查可用于税务合规或什么之类的。但是除了用户之外,没有人有权力公开它。
Yeah I remember a while ago there were exchanges who weren’t allowing users to send mixed tokens to them for if I think it was an issue with them the Wasabi wallet and finance but I am sure there were also other exchanges who put similar measures in place is that correct?
是的我记得前一段时间有交往的人不允许用户发送混合标记他们如果我认为这是一个问题与他们Wasabi的钱包和金融,但我相信还有其他交易所把类似的措施是正确的吗?
I am actually not aware about this so can’t really comment much but I didn’t hear about like mass restrictions of like this.
我其实没有意识到这一点,所以我不能评论太多,但我没听说过像这样的大规模限制。
When you use this compliance tool I guess as a user you provide some sort of an attestation that will allow a third party to read the information about the origin of transaction. Doesn’t that sort of open up a vulnerability though where by sharing it with one user you effectively open the possibility for this information to be made fully public. Because once you’ve shared with one user that this other party that other party can effectively share that information with the world and thus making transaction anonymity and Tornado.cash obsolete.
当您使用这个遵从性工具时,我猜作为一个用户,您提供了某种类型的认证,允许第三方读取有关交易来源的信息。这是否会导致一个漏洞,通过与一个用户共享,你有效地打开了这个信息被完全公开的可能性。因为一旦你和一个用户分享了这个另一个用户就可以有效地和全世界分享这个信息从而使交易匿名和龙卷风现金过时。
How dose one protect themselves against attack on their privacy and I mean is it am I even correct in assuming that this is the case.
一个人如何保护自己的隐私不受侵犯,我的意思是我假设这是正确的。
This is correct, so the best way would be to only share your privacy information to other people you trust that they don’t lick it.
这是正确的,所以最好的方法是只分享你的隐私信息给你信任的人,他们不会公开它。
Most people probably use this you know in the case of like exchange requesting uh some sort of origin of funds for KYC or uh for tax purposes or something or things like so it assumes that you have to sort of trust that these third parties are either not going to get hacked or um won’t disclose the information.
大多数人可能使用这个你知道的情况下喜欢交换请求,呃某种基金起源KYC或者呃为税收目的之类的所以它假设你必须相信这些第三方不会被攻击或嗯不会披露这些信息。
Yeah, correct.
是的。
I am curious are you familiar with uh the upcoming uh MiCA regulatory proposal in Europe and the provisions in there for sort of privacy coins and uh anonymous transactions.
我很好奇你是否熟悉欧洲即将出台的MiCA监管提案以及关于隐私币和匿名交易的规定。
Nope.
并不。
In Europe uh there’s a regulatory proposal called market and crypto assets that in its current drafting uh aims to make privacy coins forbidden. You know if that would be the case then regulated exchange could be forced, you know, and this is just like my interpretation of it. But, you know, regulated exchange could be forced to like either refuse deposits from addresses that have interacted with these protocols or even stopped trading uh privacy coins like Zcash etc.
在欧洲,有一项监管提案叫做市场和加密资产,目前正在起草中,旨在禁止加密货币。如果是这样的话,那么受管制的交易就会被强制进行,这就是我对它的解释。但是,你知道,受监管的交易所可能会被迫拒绝与这些协议互动的地址的存款,甚至停止交易隐私币,比如大零币等。
Do you feel that perhaps protocols like Tornado.cash you know in the future could end up in the, in the sites of you know national or supranational regulators that you know want to make these kinds of transactions or these kinds of anonymous uh crypto protocols uh forbidden.
你是否觉得像龙卷风现金这样的协议。在未来,可能会出现在国家或超国家监管机构的网站上你知道他们想要进行这种交易或者这种匿名的加密协议被禁止。
I don’t think so because it’s very easy for exchange to ask about origin of funds and for user to prove where those funds come from. When users showed the compliance report to an exchange, the funds are no longer private for this exchange like they can see where they come from. So I don’t see any problems here.
我不这么认为,因为交易所很容易询问资金来源,用户也很容易证明资金的来源。当用户向交易所显示合规报告时,该交易所的资金不再是私有的,因为他们可以看到它们来自哪里。所以我看不出有什么问题。
Okay so let’s talk about um the larger ecosystem for a little bit so basically if you look at Tornado.cash um and other privacy preserving solutions mean you’ve got solutions that have their own blockchains like Zcash and Monero and then you have things that kind of go on top of Ethereum um such zk money so basically Tornado if you look at it. It’s a well-designed mixer but at its core it’s a mixer.
好了,我们来谈谈更大的生态系统如果你看看龙卷风现金。和其他隐私保护解决方案意味着你有自己的区块链解决方案,比如大零币和门罗币,然后你有以太坊上的东西,比如zk,基本上就是龙卷风。这是一个精心设计的混币器,但它的核心是一个混币器。
So basically if you look at ck money which has this ck uh Zcash like shield clearly the use cases for that much broader and encompass many more things than tornado dose so my question here is what does your roadmap look like? And how do you plan to position you yourself in the new presence of things like zk money.
所以基本上,如果你看看zk,它有zk,大零币这样的后盾很明显它的用例范围更广包含比龙卷风更多的东西所以我的问题是你的路线图是什么样子的?在zk这样的新事物面前,你打算如何定位自己?
I think the most solutions uh move in the similar direction and try to be like similar to Zcash which was uh like one of the first researches in this area, so I guess most solutions will look like this and the original Tornado.cash implementation was the like fast way to do privacy but in the future it should also be pretty similar like allow transaction and stuff.
我认为大多数的解决方案都朝着类似的方向努力像大零币一样,它是这个领域的第一个研究,所以我想大多数的解决方案都会像这个和最初的龙卷风一样。现金实现是一种快速的隐私保护方式,但未来它也应该类似于允许交易之类的。
And as for separate blockchains currently Ethereum privacy has lower transaction count mostly, because the Ethereum is much more expensive than many for example but with new release of layer 2 technology in this year this can change, like the separate blockchains. The only thing they can do is to transfer money privately but on Ethereum transfer and money privately would be only one of many features in the ecosystem. So I think privacy coins as a separate blockchain is less convenient for most users.
至于单独的区块链,目前以太坊隐私的交易数量大多较低,例如,因为以太坊比其他很多区块链昂贵得多,但随着今年layer 2技术的新发布,这种情况可能会改变,就像单独的区块链一样。他们唯一能做的就是私下转账,但在以太坊,私下转账和转账只是这个生态系统的众多功能之一。所以我认为隐私币作为一个独立的区块链对大多数用户来说不太方便。
So you also move in the direction of shields and layer 2 and this is the general direction for Tornado?
所以你也朝着防护层和layer 2的方向移动这是龙卷风的大致方向?
Yeah.
是的。
So before we wrap up here you know what uh is on the roadmap here and also where can users learn more about Tornado.cash and perhaps getting involved.
在我们结束之前,你要知道路线图上的内容以及用户可以从哪里了解更多关于龙卷风现金的信息。也许还有参与。
Tornado.cash development is in big part is governance and the community governance holds more than half of all torn tokens and people can get involved by going into form and participating in discussions and steering international direction that they think is the best.
龙卷风现金开发在很大程度上是治理,社区治理拥有所有龙卷风的代币的一半以上,人们可以通过参与形式、参与讨论和引导他们认为是最好的国际方向来参与。
Thank you so much for joining us Roman. This was very elucidating I think privacy is something that gets talked about increasingly more but I think it’s very necessary that we become more sensitive to these issues.
非常感谢你能加入我们,Roman。这很说明问题,我认为隐私是人们谈论得越来越多的东西,但我认为我们对这些问题变得更加敏感是非常必要的。
I think uh like usually what happens is people don’t much care about their privacy until something bad happens and some big service leaks some private data and then suddenly people realize uh that they actually want the privacy or maybe events similar what happened with uh snowden when someone comes along and actually shows people how important it is, people suddenly start caring about it.
我想嗯通常发生的是人们不太关心他们的隐私,直到发生了糟糕的事情,一些大型服务泄漏一些私人数据然后突然人们意识到哦,他们真正想要的隐私或者类似的事件发生在呃斯诺登当有人出现,实际上显示了人们有多重要人们突然开始关心它了。
I think that’s very true and I think those are great closing words thank you so much for coming on.
我认为这是正确的,我认为这些是很好的结束语,谢谢你能来。
Thanks for having me.
谢谢你邀请我。
Thank you Roman.
谢谢你,Roman。
