Tornado Cash attacker creates proposal that could restore governance Tornado Cash attacker creates proposal that could restore governance
The seemingly benevolent plan could be a selfish attempt to boost token prices.
2 min read
Updated: Feb. 24, 2024 at 7:38 pm UTC
Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.
An attacker who gained control over Tornado Cash put forward a proposal on May 21 that could reverse his original exploit.
Exploiter could undo his attack
Tornadosaurus-Hex, a community member, wrote:
“The [Tornado Cash] attacker posted a new proposal to restore the state of Governance. I think that there is a good chance heโs going to execute it.”
Tornadosaurus-Hex also noted that, because the attacker has control over Tornado Cash, other governance members have no choice in whether the proposal passes.
Other members of the community have warned that the attempt to restore the project’s default governance may not be benevolent. On Twitter, 0xdeadf4ce said that the plan could be an attempt to further manipulate the price of Tornado Cash’s TORN token.
A recovery could allow the attacker to capitalize on the fact that his original attack led the value of TORN to drop significantly. TORN fell from $6.08 to as low as $3.57 in hours, marking a decline of 41%. The price has only partially recovered to $4.73 as of May 21, and even a brief recovery could make any stolen cryptocurrency more valuable.
If the recovery proposal is not an attempt to raise prices, it could be an attempt at trolling or an “expensive but not disastrous” lesson, 0xdeadf4ce concluded. The outcome of the recovery proposal will not be clear until May 26, he added.
Tornado Cash attack began on Saturday
On May 20, an attacker gained control over Tornado Cash by creating and voting for a proposal that gave him sole control over the project’s governance.
Paradigm researcher Samczun said that this allowed the attacker to withdraw all locked votes and withdraw all tokens in Tornado Cash’s governance contract. Samczun said that though the attack allows the attacker to “do whatever they want,” the attacker ultimately chose to withdraw 10,000 votes as the TORN token and sell those assets.
It should be noted that Tornado Cash remains active in spite of the fact that the U.S. Treasury imposed sanctions on the project in August 2022.
The service is a decentralized coin mixer that handles only cryptocurrency. It seems that the U.S. government either is unable to directly enforce sanctions against Tornado Cash due to its lack of centralized operations or is uninterested in enforcement.
Author 
Mike Dalton
Before transitioning to crypto writing in 2018, Mike studied library and information sciences. Currently, he resides on Canada's West Coast.
In this article
Tornado Cash is a decentralized, non-custodial privacy solution built on Ethereum.