The governance tokenholders of Tornado Cash will soon regain control over the protocol’s operations, thanks to an unexpected proposal put forward by the attacker. This development allows the community to regain authority and steer the protocol toward recovery and improved security measures.
On May 26, the proposal to restore control to the original governance tokenholders of Tornado Cash passed successfully. A total of 517,000 token votes favored the proposal, with none opposing it. This resolution brings a swift conclusion to a governance takeover that, fortunately, did not impact the protocol itself, but did lead to the theft of specific governance tokens.
By successfully orchestrating a takeover of the protocol’s governance system, the attacker maneuvered a malicious proposal that granted them 1.2 million votes. Leveraging this significant voting power, they passed additional proposals, ultimately seizing control over previously vested governance tokens. Their tactics allowed them to manipulate the governance structure, resulting in a transfer of authority in their favor.
In a surprising turn of events, just a few hours after the hack, the attacker unexpectedly contacted the Tornado Cash community, presenting a proposal purportedly aimed at restoring governance control. This unexpected gesture surprised many, raising curiosity and prompting further scrutiny of the attacker’s intentions and motivations.
As reported by Martin Lee, a data journalist from the crypto analytics site Nansen, the attacker managed to steal 483,000 Tornado Cash (TORN) tokens. Subsequently, they conducted a series of swaps, converting the majority of the stolen tokens into 485 Ether (ETH), worth approximately $890,000. This strategic maneuver left them with 39,000 TORN, valued at around $160,000. To obfuscate the origin of the funds, a portion of the ETH was cleverly routed through Tornado Cash, adding an additional layer of anonymity to the transaction.
Tornado Cash, the Ethereum blockchain-based crypto mixing service, was embroiled in controversy when it was officially sanctioned by the United States Treasury in August 2022. The sanctions stemmed from allegations that the protocol had been used for money laundering.