Prepare for upgraded logic

Signed-off-by: T-Hax <>

config.js

@@ -4,7 +4,7 @@ module.exports = {
   governance: '0x5efda50f22d34F262c29268506C5Fa42cB56A1Ce',
   instanceRegistry: '0xB20c66C4DE72433F3cE747b58B86830c459CA911',
   router: '0xd90e2f925DA726b50C4Ed8D0Fb90Ad053324F31b',
-  merkleTreeHeight: 20,
+  merkleTreeHeight: 24,
   singletonFactory: '0xce0042B868300000d44A59004Da54A005ffdcf9f',
   singletonFactoryVerboseWrapper: '0xCEe71753C9820f063b38FDbE4cFDAf1d3D928A80',
   salt: '0x0000000000000000000000000000000000000000000000000000000047941987',

contracts/instances/ERC20TornadoCloneable.sol

@@ -7,24 +7,6 @@ pragma abicoder v2;
 
 import "../core/ERC20Tornado.sol";
 
-/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ INTERFACES ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
-
-interface ITornadoRouter {
-  function relayerRegistry() external view returns (address);
-
-  function instanceRegistry() external view returns (address);
-}
-
-interface IRelayerRegistry {
-  function burn(address, address, address) external;
-}
-
-interface IInstanceRegistry {
-  function instanceData(address) external view returns (address, uint80, bool, bool);
-}
-
-/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ CONTRACT  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
-
 /**
  * @title ERC20TornadoCloneable
  * @author AlienTornadosaurusHex
@@ -99,56 +81,15 @@ contract ERC20TornadoCloneable is ERC20Tornado {
     router = _router;
   }
 
-  /**
-   * @notice This function is a permissionless function which, if the infra is dead, immediately downgrades
-     the address of the router to address(0), which makes the instance function as any of the older
-     instances.
-   * @dev We will disable the current infra and call this function once we deploy a new infrastructure
-     system which will require the relayers to have a wallet-like smart contract, because then
-     frontends will be able to build proofs for it, and as such there will be no need for this bullshit.
-   */
-  function checkInfrastructureIsDead() public virtual {
-    require(router != address(0), "infrastructure already dead");
-
-    try
-      // Amount of gas forwarded specified so a potential hijacker can't break the system
-      // by allowing this to not revert, but making it enough gas so router reverts
-      IRelayerRegistry(ITornadoRouter(router).relayerRegistry()).burn{ gas: 100_000 }(
-        msg.sender, // Such that it can't be hardcoded for which person
-        address(0),
-        address(this) // This will get passed in the withdraw function
-      )
-    {
-      /* Do nothing since registry is ok */
-    } catch {
-      router = address(0);
-      return;
-    }
-
-    try
-      // Amount of gas forwarded specified so a potential hijacker can't break the system
-      // by allowing this to not revert, but making it enough gas so router reverts
-      IInstanceRegistry(ITornadoRouter(router).instanceRegistry()).instanceData{ gas: 3_000 }(address(this))
-    returns (address _token, uint80, bool _isERC20, bool _isEnabled) {
-      if (IERC20(_token) != token || !_isERC20 || !_isEnabled) {
-        router = address(0);
-      }
-    } catch {
-      router = address(0);
-    }
-  }
-
   /**
    * @notice Alright so first of all, the contract is still permissionless with
-     this function. If the `_relayer` field is set to address(0), transactions
+     this function. Both normal users and relayers can withdraw from the contract
-     will still work (because of the router). This means, that what this blocks
+     because there is no checks with external contracts, and instead relayers are
-     is relayers which are not registered from processing transactions, while
+     slashed because for any relayer assisted withdraw, some data is stored.
-     manual user deposits and transactions still work. This is done because, the
+     For Governance relayers, slashing is done because, the entire point
-     entire intention of the system was to make it economically (similarly to
+     of the relayer registry system should be to make it economically (similar to
      proof of stake) sybil resistant, but the system has the issue that it can
-     be avoided. So, this is a temporary fix for this until we don't make a full
+     be avoided.
-     system upgrade after which will we disable this trash by disabling the infra
-     and calling `checkInfrastructureIsDead()`.
    * @param _recipient The recipient address of the withdraw.
    * @param _relayer The relayer address of the withdraw. Must be a registered
      relayer otherwise router reverts.
@@ -161,16 +102,7 @@ contract ERC20TornadoCloneable is ERC20Tornado {
     uint256 _fee,
     uint256 _refund
   ) internal virtual override {
-    // This is the part which we don't check if infra is down
+    require(msg.sender == router, "ERC20TornadoCloneable: onlyRouter");
-    if (router != address(0)) {
-      require(msg.sender == router, "if infrastructure not dead, router must be caller");
-    }
-
-    // This check should make sure that a user doesn't doom his refund by chance
-    if (_relayer == address(0)) {
-      require(_fee == 0 && _refund == 0, "no fees and refunds if no relayer");
-    }
-
     // Call the regular super version of the function
     super._processWithdraw(_recipient, _relayer, _fee, _refund);
   }