Early TornadoCash developer ameen.eth proposed a solution that allows people to have privacy while effectively curbing money laundering activities: Privacy-Pools and Proof-of-Innocence. Ethereum Taipei researcher albertlin.eth has analyzed the design principles of this solution.
Proof-of-Innocence is a proof used to prove that the withdrawal is from a deposit allowed in the whitelist, which can be constructed from both the whitelist and blacklist. “Privacy-Pools” adds the concept of “Proof-of-Innocence” on top of TornadoCash, and the original receipt now has a third meaning: to prove that the withdrawn funds come from a deposit allowed in the whitelist.
In addition to providing the information required to construct the Deposit Merkle Root, the withdrawer also needs to provide the information to construct the Allow Merkle Root, and prove that the withdrawn funds are from a deposit allowed in the whitelist.
- Genius of encryption sets off again: Vitalik and the Ethereum sociological experiment of Zuzalu citizens
- API3 Decoded: How dAPIs Solve Vulnerabilities to Hacker Attacks?
- Indian Central Bank Urges Financial Institutions to Utilize AI and Blockchain to Improve Customer Service
Since the Allow Merkle Root is provided by the withdrawer, criminals can still use fake Allow Merkle Roots to withdraw illegal funds. The fake Allow Merkle Root will still appear on the chain and be viewed by others as doubtful, which can help track the flow of illegal funds.
What I find interesting is the use of another ZKP to prove another fact, which is similar to ZKP’s addition. This usage is simpler and more efficient than constructing a larger and more complex ZKP. As for the selection of the Allow Merkle Tree, I think it will be constructed by a relatively fair unit in the future, which will also be more convincing to others.