The governance token holders of Tornado Cash will soon regain control over the protocol’s operations, thanks to an unexpected proposal put forth by the individual responsible for the attack. This development allows the community to regain authority and steer the protocol toward recovery and improved security measures.
On May 26, the proposal to restore control to the original governance holders of Tornado Cash passed successfully. A total of 517,000 token votes were in favor of the proposal, with none opposing it. At the time of writing, the time remaining for the execution to take place was 2 hours 40 mins. This resolution brings a swift conclusion to a governance takeover that, fortunately, did not impact the protocol itself but did lead to the theft of certain governance tokens.
By successfully orchestrating a takeover of the protocol’s governance system, the attacker maneuvered a malicious proposal that granted them 1.2 million votes. Leveraging this significant voting power, they proceeded to pass additional proposals, ultimately seizing control over previously vested governance tokens. Their tactics allowed them to manipulate the governance structure, resulting in a transfer of authority in their favor.
In a surprising turn of events, just a few hours after the hack, the attacker unexpectedly made contact with the Tornado Cash community, presenting a new proposal that purportedly aimed to restore governance control. This unexpected gesture took many by surprise, raising curiosity and prompting further scrutiny of the attacker’s intentions and motivations.
As reported by Martin Lee, a data journalist from the crypto analytics site Nansen, the attacker managed to pilfer a significant sum of 483,000 TORN tokens. Subsequently, they conducted a series of swaps, converting the majority of the stolen tokens into 485 ETH, equivalent to approximately $890,000. This strategic maneuver left them with 39,000 TORN, valued at around $160,000. To obfuscate the origin of the funds, a portion of the ether was cleverly routed through Tornado Cash, adding an additional layer of anonymity to the transaction.
Related: Crypto hacks falling in Q1 is but a ‘temporary reprieve’ — Blockchain firm
Tornado Cash, the Ethereum blockchain-based mixing service, found itself embroiled in controversy when it was officially sanctioned by the U.S. Treasury in August 2022. The sanction stemmed from allegations that the protocol had been utilized for money laundering purposes.
Magazine: Should crypto projects ever negotiate with hackers? Probably