Tornado Cash hackers deploys a new proposal to reverse action

Tornado Cash

Tornado Cash is the latest network to suffer an attack. On May 20, a Twitter user, @Samczsun, announced via a Twitter post that Tornado Cash governance no longer existed because an attacker granted themselves 1,200,000 votes, effectively taking over the network. The 1.2 million votes are 500 more than the officially recognized 700,000 legitimate votes. The implication of the attack was not lost on the crypto community: the attacker had control of the network.


Moved TORN tokens

In a subsequent post, @Samczsun said that the attacker was free to do what they wanted with the network since they controlled all the votes. They added,

“In this case, they simply withdrew 10,000 votes as TORN and sold it all.” But the attacker was not done with the network. They would later obtain

483,000 TORN from the network’s governance vault and move 6,000 TORN into the Bitrue exchange. 379,300 TORN were sold, generating 375 ETH for the hacker. This is about $680,000, leaving 97,700 TORNs.

Access to pool ether

Another Twitter user, @CellierLael, correctly observed that Tornado Cash Nova was deployed on the Gnosis chain as a governance-administered proxy, noting that the attacker can take control of the ETH in the pool by simply upgrading the contract.

Meanwhile, Binance has announced that it has stopped accepting TORN deposits because of the governance attack on Tornado Cash.

A turn around that could end well

Things took a dramatic turn on Monday, when the wallet address associated with the attack put forth a proposal to revert back to the state of governance—a form of status quo. The announcement was made in the Tornado Cash forum by a member of the TC community, Tornadosaurus-Hex, who said that the attacker was restoring the tokens they gave to themselves during the attack. He added that the attacker was likely going to execute the new proposal.

Author: Jofor Humani

Jofor is a crypto journalist with passion for investigative reviews.