mirror of
https://github.com/tornadocash/tornado-core.git
synced 2024-11-22 01:37:07 +01:00
readme
This commit is contained in:
parent
5fe6186697
commit
1e8a16f759
66
README.md
66
README.md
@ -1,41 +1,15 @@
|
||||
## Requirements
|
||||
1. `node v11.15.0`
|
||||
2. `npm install -g npx`
|
||||
# Tornado mixer
|
||||
|
||||
## Usage
|
||||
1. `npm i`
|
||||
1. `cp .env.example .env`
|
||||
1. `npm run build:circuit` - may take 10 minutes or more
|
||||
1. `npm run build:contract`
|
||||
1. `npx ganache-cli`
|
||||
1. `npm run migrate:dev`
|
||||
1. `./cli.js deposit`
|
||||
1. `./cli.js withdraw <note from previous step> <destination eth address>`
|
||||
1. `./cli.js balance <destination eth address>`
|
||||
![mixer image](./mixer.png)
|
||||
|
||||
## Testing truffle
|
||||
1. `npm i`
|
||||
2. `npm run build:circuit`
|
||||
2. `npm run build:contract`
|
||||
3. `npm run test` - it may fail for the first time, just run one more time.
|
||||
|
||||
## Testing js
|
||||
1. `npm i`
|
||||
2. `npm run build:circuit`
|
||||
3. `cd scripts`
|
||||
4. `node test_snark.js`
|
||||
|
||||
## Deploy
|
||||
1. `npx truffle migrate --network kovan --reset`
|
||||
|
||||
# Specs:
|
||||
- Deposit gas cost: deposit 903472
|
||||
- Withdraw gas cost: 727821
|
||||
## Specs
|
||||
- Deposit gas cost: deposit 888054
|
||||
- Withdraw gas cost: 692133
|
||||
- Circuit constraints: 22617
|
||||
- Circuit proving time: 8965ms
|
||||
- Serverless, executed entirely in the browser
|
||||
- Circuit proving time: 6116ms
|
||||
- Serverless
|
||||
|
||||
# Security risks:
|
||||
## Security risks
|
||||
* Cryptographic tools used by mixer (zkSNARKS, Pedersen commitment, MiMC hash) are not yet extensively audited by cryptographic experts and may be vulnerable
|
||||
* Note: we use MiMC hash only for merkle tree, so even if a preimage attack on MiMC is discovered, it will not allow to deanonymize users or drain mixer funds
|
||||
* Relayer is frontrunnable. When relayer submits a transaction someone can see it in tx pool and frontrun it with higher gas price to get the fee and drain relayer funds.
|
||||
@ -48,4 +22,28 @@ spent since it has the same nullifier and it will prevent you from withdrawing y
|
||||
* This can be solved by storing block number for merkle root history, and only allowing to withdraw using merkle roots that are older than N ~10-20 blocks.
|
||||
It will slightly reduce anonymity set (by not counting users that deposited in last N blocks), but provide a safe period for mining your withdrawal transactions.
|
||||
|
||||
## Requirements
|
||||
1. `node v11.15.0`
|
||||
2. `npm install -g npx`
|
||||
|
||||
## Usage
|
||||
1. `npm i`
|
||||
1. `cp .env.example .env`
|
||||
1. `npm run build:circuit` - may take 10 minutes or more
|
||||
1. `npm run build:contract`
|
||||
1. `npm run browserify`
|
||||
1. `npm run test` - optionally run tests. It may fail for the first time, just run one more time.
|
||||
1. `npx ganache-cli`
|
||||
1. `npm run migrate:dev`
|
||||
1. `./cli.js deposit`
|
||||
1. `./cli.js withdraw <note from previous step> <destination eth address>`
|
||||
1. `./cli.js balance <destination eth address>`
|
||||
1. `vi .env` - add your Kovan private key to deploy contracts
|
||||
1. `npm run migrate`
|
||||
1. `npx http-server` - serve current dir, you can use any other http server
|
||||
1. Open `localhost:8080`
|
||||
|
||||
## Credits
|
||||
|
||||
Special thanks to @barryWhiteHat and @kobigurk for valuable input,
|
||||
and to @jbaylina for awesome [Circom](https://github.com/iden3/circom) & [Websnark](https://github.com/iden3/websnark) framework
|
||||
|
3
cli.js
3
cli.js
@ -1,4 +1,5 @@
|
||||
#!/usr/bin/env node
|
||||
// Temporary demo client
|
||||
const fs = require('fs')
|
||||
const assert = require('assert')
|
||||
const snarkjs = require('snarkjs')
|
||||
@ -68,8 +69,10 @@ async function withdraw(note, receiver) {
|
||||
}
|
||||
|
||||
console.log('Generating SNARK proof')
|
||||
console.time('Proof time')
|
||||
const proof = await websnarkUtils.genWitnessAndProve(groth16, input, circuit, proving_key)
|
||||
const { pi_a, pi_b, pi_c, publicSignals } = websnarkUtils.toSolidityInput(proof)
|
||||
console.timeEnd('Proof time')
|
||||
|
||||
console.log('Submitting withdraw transaction')
|
||||
await mixer.methods.withdraw(pi_a, pi_b, pi_c, publicSignals).send({ from: (await web3.eth.getAccounts())[0], gas: 1e6 })
|
||||
|
@ -7,6 +7,7 @@
|
||||
<body>
|
||||
<p>
|
||||
Open dev console!<br>
|
||||
Make sure your Metamask is unlocked and connected to Kovan (or other network you've deployed your contract to)<br>
|
||||
<a href="#" onclick="deposit()">Deposit</a>
|
||||
<a href="#" onclick="withdraw()">Withdraw</a>
|
||||
</p>
|
||||
|
@ -1,3 +1,4 @@
|
||||
// This is still WiP
|
||||
const bigInt = require('snarkjs/src/bigint')
|
||||
const utils = require('../scripts/utils')
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user