By gaining complete control over Tornado Cash governance, the attacker exercises authority to withdraw all locked votes, deplete all tokens held in the governance contract, and render the router inoperable.
In addition to the existing challenges faced by the decentralized crypto mixer Tornado Cash, an attacker successfully took over the governance system by submitting a harmful proposal.
On May 20 at 3:25 ET, someone managed to give 1.2 million votes to a harmful proposal, taking advantage of the fact that the proposal had already received over 700,000 valid votes. This allowed the attacker to gain complete control over Tornado Cash’s governance.
On 2023/05/20 at 07:25:11 UTC, Tornado Cash governance effectively ceased to exist. Through a malicious proposal, an attacker granted themselves 1,200,000 votes. As this is more than the ~700,000 legitimate votes, they now have full control.https://t.co/nY87XmrYgT pic.twitter.com/h9qjc3xRqz
— samczsun (@samczsun) May 20, 2023
@samczsun from Paradigm, a research-driven technology investment firm, shared the information. According to him, the attacker claimed that they based their malicious proposal on a previously approved proposal using a similar approach. However, this time, the attacker included an extra function in the proposal.
After the proposal was approved by the voters, the attacker easily manipulated the situation by using the emergency Stop function to modify the proposal logic and give themselves fake votes.
Having full control over Tornado Cash governance enables the attacker to withdraw all locked votes, drain all tokens stored in the governance contract, and render the router inoperable. Currently, the attacker has easily withdrawn 10,000 votes as TORN and sold all of it, as mentioned by @samczsun.
Furthermore, the attacker made an effort to deploy a contract that might undo the modifications made, while simultaneously advising the community to withdraw their funds. Cointelegraph also discovered a plea for help from a developer within Tornado Cash’s community, who confirmed these events.
Earlier today, the protocol experienced an attack that you’re likely aware of. Throughout the day, another developer and I contemplated our options, but the situation appears quite dire. Presently, the attacker has full control over Governance, leaving us with limited hope for resolving the situation.
The team is actively seeking Solidity developers who can assist in saving the protocol from potential demise. They have also emphasized the importance of establishing contact with Binance, as this exchange possesses a greater number of tokens compared to the attacker.
According to reports, a former Tornado Cash developer is currently working on creating a brand new crypto mixing service from the ground up. This new service aims to fix the “critical flaw” that exists in Tornado Cash.
1/ We fixed @tornadocash 😇
v0 of https://t.co/Nt4b2Tgx1D is live on @optimismFND
test out the demo, but please note:
– this is experimental code
– it has not been audited
– the trusted setup is untrustedread the full story anon 🧵👇https://t.co/9nAU3RrgpN
— Ameen Soleimani (@ameensol) March 4, 2023
The developer hopes the solution will empower “the community to defend against hackers abusing the anonymity sets of honest users without requiring blanket regulation or sacrificing on crypto ideals.”
Important: This article is intended solely for informational purposes. It should not be considered or relied upon as legal, tax, investment, financial, or any other form of advice.