Other-News
By Dan Saada
1 / 15
What the Proposal Actually Does. On the surface, the proposal looks almost reasonable.
2 / 15
The 2023 Attack Left Scars. It's worth remembering this isn't the first time someone tried to hijack Tornado Cash governance.
3 / 15
Legal Trouble Isn't Going Away Either. The governance drama is happening alongside an unresolved legal situation that won't let the…
4 / 15
A new governance proposal inside the Tornado Cash DAO is drawing serious alarm. Researchers flagged it fast — and the more they looked, the worse it got.
5 / 15
L2BEAT researchers were among the first to call out the proposal, pointing to one glaring red flag: it references an unverified contract.
6 / 15
On the surface, the proposal looks almost reasonable. It lays out a new fee structure and claims to bring a "dynamic deflationary economic model" to Tornado Cash.
7 / 15
Pascal Caversaccio from the Security Alliance went further. He didn't just call it suspicious. He called it malicious.
8 / 15
And there's a second problem buried in the proposal: it could zero out relayer balances across the network. Relayers are critical infrastructure for Tornado Cash users.
9 / 15
Caversaccio has been direct: TORN holders should reject this proposal. Full stop.
10 / 15
It's worth remembering this isn't the first time someone tried to hijack Tornado Cash governance. In 2023, a near-identical playbook played out.
11 / 15
See also: $5.1 Million Hits Tornado Cash in 20 Transactions After jaredfromsubway.eth Exploit
12 / 15
There were other incidents too. At some point, front-end interfaces for the platform were hit with malicious scripts that leaked sensitive user data to an attacker-controlled…
13 / 15
The pattern here is pretty clear. Tornado Cash has been a recurring target, and the governance structure has proven vulnerable more than once.
14 / 15
Storm's case probably matters beyond just Tornado Cash. How courts treat the developers of privacy protocols has implications across the whole sector.
15 / 15
Back to the current proposal — the timing is what makes it especially suspicious. The proposer's wallet got funded by Railgun shortly before submission.
The Currency Analytics
Want the full story?