Tornado Cash Governance Hacked: Attacker Takes Over with Malicious Proposal
Tornado Cash, a popular decentralized protocol for private transactions, was hit by a significant security breach on May 20th, 2023. The protocol’s governance structure effectively ceased to exist when an attacker successfully executed a malicious proposal, granting themselves full control over the platform.
At 07:25:11 UTC, the attacker managed to acquire a staggering 1,200,000 votes through the malicious proposal. This number surpassed the legitimate votes, which amounted to approximately 700,000, thereby allowing the attacker to gain complete governance control.
On 2023/05/20 at 07:25:11 UTC, Tornado Cash governance effectively ceased to exist. Through a malicious proposal, an attacker granted themselves 1,200,000 votes. As this is more than the ~700,000 legitimate votes, they now have full control.https://t.co/nY87XmrYgT pic.twitter.com/h9qjc3xRqz
— @samczsun.com (@samczsun) May 20, 2023
This breach enables the attacker to carry out several actions within Tornado Cash. They have the power to withdraw all locked votes and drain all tokens stored in the governance contract. Additionally, the attacker can also render the router inoperable, causing disruptions to the protocol’s functionality.
However, it’s important to note that the attacker does not possess the ability to drain individual pools within Tornado Cash, limiting the extent of their control.
The attacker’s strategy involved deceiving the governance system by claiming that their proposal followed the same logic as a previously successful proposal. However, this claim turned out to be false, as the attacker had added an extra function to the proposal.
Once the proposal was passed by the legitimate voters, the attacker utilized the emergencyStop function to update the proposal logic, effectively granting themselves the counterfeit votes. This manipulation of the governance mechanism allowed the attacker to take over Tornado Cash’s decision-making process.
Following their newfound control, the attacker quickly withdrew 10,000 TORN votes from the system and subsequently sold them. The transaction details reveal the immediate consequences of the breach and the attacker’s attempt to capitalize on their illicit control.
This incident serves as a reminder to exercise caution when participating in governance processes. While it is commonly understood that proposal descriptions can be misleading, this breach highlights that proposal logic itself can be deceptive. Relying solely on verified source code is not sufficient if the contract contains the potential to self-destruct.
The Tornado Cash team is undoubtedly working to address the breach and restore the platform’s governance functionality. However, the incident underscores the ongoing challenges faced by decentralized protocols and emphasizes the need for robust security measures and diligent oversight in the blockchain ecosystem.
Read more:
- Coinbase Supports Legal Challenge Against US Govt Sanctions On Tornado Cash
- Tornado Cash DAO Has Been Shut Down As It “Can’t Fight The US” And Contributors Are Scared Of Being Prosecuted