A surprising turn of events has occurred in the Tornado Cash ecosystem, as the attacker responsible for hijacking the project’s governance has put forth a proposal to reverse their actions. While some members remain skeptical about trusting the attacker, they find themselves with limited options.
The Malicious Proposal and Community Response
On May 21, the attacker successfully passed a malicious proposal, granting them complete control over Tornado Cash’s governance. With this newfound power, the attacker had the ability to cause substantial losses by withdrawing locked votes, draining tokens from the governance contract, and disrupting the system.
Reacting swiftly, community member Mr. Tornadosaurus Hex took proactive measures to mitigate potential damages. They published a subsequent proposal, urging all members to withdraw their funds locked in the governance contract. However, the effectiveness of this proposal remained uncertain due to the attacker’s firm grip on governance.
The Surprising Twist: Attacker’s Proposal to Return Governance Control
Amid the unfolding situation, to everyone’s astonishment, the attacker reached out to the Tornado Cash community with a new proposal. This proposal hinted at their willingness to relinquish control over governance. Mr. Tornadosaurus Hex shared this development with the community, expressing a belief that the attacker might execute the proposal.
While the community finds itself compelled to comply with the attacker’s chosen method of returning governance control, doubts remain. Nevertheless, Hex conducted due diligence to verify the storage layouts, providing some reassurance.
Community Speculation and Caution
While many community members embrace optimism regarding the attacker’s change of heart, there are those who suspect ulterior motives. Some speculate that this move could be an attempt to artificially inflate the price of the TORN token before the attacker cashes out.
Despite the recent decline in overall hacks within the crypto ecosystem during the first quarter of 2023, caution remains essential. Past experience has shown that complacency can lead to a surge in crypto hacks after a period of relative calm.