Tornado Cash subjected to a malicious governance attack! Governance token TORN massively withdrawn and dumped, causing a 30% crash.
The popular mixer protocol Tornado Cash was attacked by a malicious governance proposal on Saturday, which not only took control of the protocol's governance rights but also led to a significant drop in the governance token TORN's price.
On 2023/05/20 at 07:25:11 UTC, Tornado Cash governance effectively ceased to exist. Through a malicious proposal, an attacker granted themselves 1,200,000 votes. As this is more than the ~700,000 legitimate votes, they now have full control.https://t.co/nY87XmrYgT pic.twitter.com/h9qjc3xRqz
— @samczsun.com (@samczsun) May 20, 2023
Table of Contents
Tornado Cash Attacked by Malicious Governance Proposal
According to Paradigm researcher samczsun on Twitter, Tornado Cash was attacked by a malicious governance proposal on 5/20, resulting in the attacker gaining complete control over Tornado Cash's governance permissions.
The attacker had previously submitted a governance proposal, claiming to use the same program logic as previously approved proposals. However, this was not true as they added an additional function, emergencyStop, to the contract.
Samczsun stated that once the proposal is passed, the attacker can use this function to update the proposal logic and grant themselves a significant amount of fake votes.
As a result, after granting themselves 1.2 million votes, the attacker exceeded the original 700,000 valid votes, gaining control over the protocol's governance.
Impact of Tornado Cash Attack: Governance Compromised
By gaining governance control, the attacker can withdraw all locked votes, drain tokens from the governance contract, and even render the protocol's router unusable.
Fortunately, the attacker cannot withdraw tokens from individual liquidity pools, such as those used for mixing funds.
In response to the incident, samczsun reminded the crypto community, "While we all know governance proposal descriptions can be misleading, the proposal logic can lie too!"
Tornado Cash Token Plunges
After observing the attacker's address, it was found that the attacker withdrew 483,000 TORN tokens from the governance treasury in three contract interactions and proceeded to sell them in multiple transactions at prices ranging from 1.55 to 1.95 USD.
These transactions have earned the attacker approximately 492 ETH, and ironically, the profits gained by the attacker after attacking Tornado Cash were laundered through Tornado Cash.
Currently, the attacker's address still holds around 38,000 TORN tokens and 120 ETH. The significant token sell-off has caused a plunge in the TORN price, with a 30% decrease since the incident occurred.
Related
- "Fed Board Member Discusses Blockchain and U.S. Financial Development, Saying 'DeFi Can Improve Financial Efficiency'"
- Wintermute and dYdX announce launch of prediction market platform to compete for Polymarket market share
- Trump Organization's crypto project renamed "World Liberty Financial," Trump voices support in a post