Connect with us

DeFi News

Tornado Cash Attacker Submits Proposal to Undo the Attack; Community Remains Skeptical



Tornado Cash Attacker Submits Proposal to Undo the Attack; Community Remains Skeptical

The decentralized cryptocurrency mixer dApp, Tornado Cash, was hijacked in past Saturday, yet now the attacker who did it has submitted a proposal to undo the attack to give the protocol’s governance back to TORN holders. However, many in the community are skeptical about the attacker’s intentions.

According to a post on the Tornado Cash community forum by pseudonymous user Tornadosaurus-Hex, the attacker linked to the Tornado Cash’s governance attack has shown a willingness to reverse the malicious changes that allowed him to steal the voting power of protocol’s native TORN holders.

Tornado Cash Governance Attack

According to Samczsun of research-driven technology investment firm Paradigm, on Saturday, May 20th, the attacker posted a malicious proposal on Tornado Cash. Through a malicious function, the attacker was able to grant 1.2 million votes to the proposal. The attacker gained total control over Tornado Cash governance because the proposal received more than 700,000 legitimate votes.

As Samczsun explained, the attacker claimed that the proposal used a logic similar to that the community had previously passed. “However, that wasn’t exactly the truth because they added an extra function,” Samczsun added. Instead:

“Once the proposal was passed by voters, the attacker simply used the emergency Stop function to update the proposal logic to grant themselves the fake votes.”

This gave the perpetrator complete control over Tornado Cash, allowing him to withdraw all of the locked votes, drain all of the tokens in the governance contract, and brick the router. According to Wu Blockchain, the Tornado Cash attacker obtained a total of 483,000 TORN from the Tornado Cash governance vault.

Per the user Tornadosaurus-Hex, the attacker is ready to undo the attack. “I think that there is a good chance he’s going to execute it,” he added. The proposal has now been the subject of voting until May 26th. If passed, the malicious code integrated into the protocol will be removed, and Tornado Cash’s governance will go back to token holders. But many in the community do not agree that it’s a benevolent plan.

Tornado Cash Governance Attack

As a result, TORN was up as much as 10% before settling back down to nearly 6% in the last 24 hours. Therefore, many in TORN community believe that the attacker is trying to pump the price before selling the tokens.

A community member, 0xdeadf4ce, pointed out that this might all be a “gigatroll” to depress the token’s price to increase their holdings at a discount.

He wrote:

“This might just be an attempt to spark confidence and pump the price as others have rightfully noted. Don’t gamble on a recovery for your own sanity.”

The proposal has received 517K votes in favor as of his tweet. The final decision regarding the proposal will be announced after the closing of voting on Friday, May 26th.