Key Points:
Decentralized autonomous organizations (DAOs) allow token holders to lock up their holdings as votes to propose changes to a project. These changes can range from deploying treasury funds to purposes that benefit the project to expansion on other networks.
The attacker floated a malicious proposal that hid a code function to grant them fake votes that can now be used to handle some aspects of Tornado Cash, such as torn (TORN) tokens held in the main governance contract or withdrawal of locked torn tokens. This was done by putting forth a proposal that imitated an earlier version, except with some malicious code that allowed for the update of logic, giving the attacker access to all governance votes.
As a result, the attacker now has all votes, which means that they have complete control over the DAO. Security researcher @samczsun tweeted on Sunday that “Now that they have all the votes, they can do whatever they want. In this case, they simply withdrew 10,000 votes as TORN and sold it all.” This is a serious issue that puts the future plans of the Tornado Cash DAO at risk.
However, it is important to note that this attack does not impact the actual Tornado Cash protocol. The protocol allows users to pass funds through the service to mask or obscure the movements of funds and crypto addresses. This attack was not an exploit of any smart contracts or technology related to the working of Tornado Cash.
Tornado Cash community has put up newer proposals seeking to revert changes made to the code. One community member observed that the attacker had maliciously minted over 1 million torn for themselves, worth over $4 million at current prices. Despite this, the community is determined to keep the Tornado Cash project going and is taking steps to ensure that such an attack does not happen again in the future.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Annie
Coincu News
Senator Cynthia Lummis criticizes the Biden administration's stance on Bitcoin and decentralized finance, fearing rights…
O'Leary's track record speaks volumes about his prowess in the business world. Today, let's join…
Many have been fascinated by Michael Burry, famous for his prescient predictions in the financial…
Berlin, Germany, May 1st, 2024, ChainwireThe Nektar Network is excited to announce the commencement of…
The surge in Tether profits was primarily driven by approximately $1 billion in net operating…
London, UK, May 1st, 2024, ChainwireThree days into its existence, $ROCKY, the latest meme coin…
This website uses cookies.