Just a day after an attacker sparked community-wide panic after hijacking the Tornado Cash governance, a new proposal hints at the possible restoration of the state of governance.
On May 21, the passing of a malicious proposal allowed an attacker to gain complete control over Tornado Cash’s governance. With total control over the governance of the decentralized crypto mixer, the attacker was in a position to inflict massive losses considering they could withdraw all of the locked votes, drain all of the tokens in the governance contract and brick the router.
While the story unfolded, community member Tornadosaurus-Hex or Mr. Tornadosaurus Hex, took proactive steps to minimize the potential damages by publishing a subsequent proposal requesting all members to withdraw all funds locked in governance, as shown below.
Tornado Cash community member's proposal for gaining control from attacker. Source: forums.tornadocash.communityHowever, Mr. Tornadosaurus Hex (Hex) was uncertain about the effectiveness of the new proposal considering the attacker’s grip over the mixer’s governance. A few hours into the hack, to everyone’s surprise, the attacker surprisingly reached out to the Tornado Cash community with a new proposal, hinting at their intent to give back the governance control.
Tornado Cash attacker's proposal to return governance control. Source: forums.tornadocash.communityAs shown above, Hex communicated the attacker’s plan to the community stating that:
“The attacker posted a new proposal to restore the state of Governance. I think that there is a good chance he’s going to execute it.”Hex further pointed out that while the community has no other option other than complying with the attacker’s chosen method of giving back the governance control, his due diligence with regard to verifying storage layouts checks out.
Mr. Tornadosaurus Hex confirmed the slot matching. Source: orums.tornadocash.communityWhile many community members showed optimism toward the attacker’s supposed change of heart, others speculate it was a move to pump the TORN token’s price before cashing out.
Related: Allbridge offers bounty to exploiter who stole $573K in flash loan attack
On the bright side, the crypto ecosystem has witnessed a sharp decline in the overall hacks in the first quarter of 2023.
Graph showing hacks and exploits from Q1 2022 - Q1 2023. Source: TRM Labs.However, history suggests that crypto users shouldn’t get complacent as 2022 witnessed a spike in crypto hacks soon after recording a slow phase.
Magazine: ‘Moral responsibility’: Can blockchain really improve trust in AI?