An attacker who caused panic in the community by hijacking Tornado Cash's governance is now proposing to undo their hack and while not everyone thinks the hackers can be trusted, they clearly have no choice in the matter.
On May 21, the passage of the malicious proposal gave attackers full control over Tornado Cash's governance. By gaining full control over the governance of a decentralized crypto mixer, an attacker can cause huge damage as they can withdraw all locked votes, drain all tokens in the governance contract and brick routers.
While the story was unfolding, community member Tornadosaurus-Hex or Mr. Tornadosaurus Hex took proactive steps to minimize potential damage by issuing a follow-up proposal requiring all members to withdraw all funds locked in governance . ex (Hex) is not sure about the effectiveness of the new proposal, given the attacker's control over mixer governance. Hours after the hack, and to everyone's surprise, the attackers unexpectedly presented a new proposal to the Tornado Cash community, hinting at their intention to hand back governance control.
As shown above, Hex communicated the attacker's plans to the community, stating: "The attacker released a new proposal to restore governance. I think there is a good chance he will implement it." Hex further noted that while the community had no choice but to comply with the attacker's chosen method of return governance control, his due diligence in validating the storage layout was outdated. While many community members expressed optimism about the attacker's alleged change of heart, others speculated that it was a move to boost the price of TORN tokens before cashing out. On the bright side, the crypto ecosystem witnessed a sharp drop in overall hacking in Q1 2023.
