Key Points:
Decentralized autonomous organizations (DAOs) allow token holders to lock up their holdings as votes to propose changes to a project. These changes can range from deploying treasury funds to purposes that benefit the project to expansion on other networks.
The attacker floated a malicious proposal that hid a code function to grant them fake votes that can now be used to handle some aspects of Tornado Cash, such as torn (TORN) tokens held in the main governance contract or withdrawal of locked torn tokens. This was done by putting forth a proposal that imitated an earlier version, except with some malicious code that allowed for the update of logic, giving the attacker access to all governance votes.
As a result, the attacker now has all votes, which means that they have complete control over the DAO. Security researcher @samczsun tweeted on Sunday that “Now that they have all the votes, they can do whatever they want. In this case, they simply withdrew 10,000 votes as TORN and sold it all.” This is a serious issue that puts the future plans of the Tornado Cash DAO at risk.
However, it is important to note that this attack does not impact the actual Tornado Cash protocol. The protocol allows users to pass funds through the service to mask or obscure the movements of funds and crypto addresses. This attack was not an exploit of any smart contracts or technology related to the working of Tornado Cash.
Tornado Cash community has put up newer proposals seeking to revert changes made to the code. One community member observed that the attacker had maliciously minted over 1 million torn for themselves, worth over $4 million at current prices. Despite this, the community is determined to keep the Tornado Cash project going and is taking steps to ensure that such an attack does not happen again in the future.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Annie
Coincu News
Discover the best cryptos to buy and hold today: Qubetics leads with 1000x potential, Ethereum…
With the platform facing a cracked whip, Trump Media company is expanding into new business…
Major crypto firms, including Ripple, Kraken, and Circle, are competing for spots on President-elect Donald…
Analysts highlight a breakout alert as Shiba Inu (SHIB), and Dogecoin show signs of recovery…
SEC Chair Gary Gensler will step down on January 20, 2025, coinciding with President-elect Donald…
The MicroStrategy convertible notes offering, initially set at $1.75 billion, was increased to $2.6 billion…
This website uses cookies.