In a surprising turn of events, the individual responsible for hijacking Tornado Cash’s governance approached the community with a proposal to relinquish control. Despite lingering doubts about the attacker’s trustworthiness, the community has little choice but to consider the offer.
On May 21, the attacker successfully gained complete control over Tornado Cash’s governance through the passage of a malicious proposal. This granted them the power to potentially cause significant losses by withdrawing locked votes, depleting tokens in the governance contract, and disrupting the router.
Proactive Measures to Minimize Damage
Amidst the unfolding story, community member Tornadosaurus-Hex, also known as Mr. Tornadosaurus Hex, took proactive measures to mitigate potential damages. Hex published a subsequent proposal urging all members to withdraw their funds locked in governance.
However, given the attacker’s firm grip on the mixer’s governance, Hex remained skeptical about the effectiveness of the new proposal. Surprisingly, a few hours into the hack, the attacker reached out to the Tornado Cash community with a new proposal, suggesting their intention to restore governance control.
Attacker’s Proposal and Community Response
While the community is compelled to comply with the attacker’s method of returning governance control, Hex conducted due diligence in verifying storage layouts, which appeared to be in order.
While some community members express optimism about the attacker’s alleged change of heart, others speculate that it may be a ploy to increase the price of the TORN token before making a sudden exit.
A decline in Hacks, but Caution Remains
In a positive development, the crypto ecosystem has witnessed a significant decline in hacks during the first quarter of 2023. However, experience cautions against complacency, as the crypto industry experienced a surge in hacks in 2022 following a period of relative calm.