An attacker who sparked community-wide panic by hijacking the Tornado Cash governance is now proposing to undo their hack — and while not everyone feels the hacker can be trusted, they apparently have little choice in the matter.
On May 21, the passage of a malicious proposal allowed the attacker to gain complete control over Tornado Cash’s governance. With total control over the governance of the decentralized crypto mixer, the attacker was in a position to inflict massive losses, considering they could withdraw all of the locked votes, drain all of the tokens in the governance contract and brick the router.
While the story unfolded, community member Tornadosaurus-Hex or Mr. Tornadosaurus Hex, took proactive steps to minimize the potential damages by publishing a subsequent proposal requesting all members to withdraw all funds locked in governance, as shown below.
A Tornado Cash community member’s proposal for gaining control from the attacker. Source: Tornado Cash forums
However, Mr. Tornadosaurus Hex (Hex) was uncertain about the effectiveness of the new proposal considering the attacker’s grip over the mixer’s governance. A few hours into the hack, to everyone’s surprise, the attacker surprisingly reached out to the Tornado Cash community with a new proposal, hinting at their intent to give back the governance control.
The Tornado Cash attacker’s proposal. Source: Tornado Cash forums
As shown above, Hex communicated the attacker’s plan to the community, stating that:
“The attacker posted a new proposal to restore the state of Governance. I think that there is a good chance he’s going to execute it.”
Hex further pointed out that while the community has no other option other than complying with the attacker’s chosen method of giving back the governance control, his due diligence with regard to verifying storage layouts checks out.
Mr. Tornadosaurus Hex confirmed the slot matching. Source: Tornado Cash forums
While many community members showed optimism toward the attacker’s supposed change of heart, others speculate it was a move to pump the TORN token’s price before cashing out.
On the bright side, the crypto ecosystem has witnessed a sharp decline in the overall hacks in the first quarter of 2023.
Graph showing hacks and exploits from Q1 2022 - Q1 2023. Source: TRM Labs
However, history suggests that crypto users shouldn’t get complacent as 2022 witnessed a spike in crypto hacks soon after recording a slow phase.