On May 18, the Tornado Cash DAO accidentally voted in the malicious proposition after failing to properly audit its contents.
Tornado Cash is a privacy-preserving mixer on the Ethereum (ETH) network.
The attacker was then able to provides themselves 1.2 Million TORN crypto tokens, giving them control over the DAO. They then swapped 380,000 of the newly-gotten TORN crypto tokens for 372 Ethereum (ETH) and ran it back through the privacy protocol.
A DAO, or decentralized autonomous organization, is a way for a project to organize itself without the need for a specific company or individual to be in power. Governance tokens—such as Tornado Cash’s TORN token—are distributed to the community to make and vote on numerous proposals for the project in question.
The proposition had nothing to do with handing over crypto tokens to any members. Instead, it asked community members to vote for or against increasing the amount of staked TORN crypto tokens required to become a Tornado Cash relayer and penalize relayers trying to avoid having their stake slashed.
The attacker claimed to have the same logic as an earlier proposition that had already been passed.
Nonetheless, the malicious proposition added a self-destruct function which, once used, replaced the original proposition with a new, malicious one.
“Self devastation is, as one can imagine, one of the scariest things one can casually add as an additional function,” a smart contract engineer at Immunefi Gonçalo Magalhães informed Decrypt. “Changing the logic of a contract provides endless possibilities.”
With the malicious proposition now in place, the attacker was able to withdraw all locked governance votes and drain all the crypto tokens from the governance contract.
” In conclusion, the attacker drained the TRON crypto tokens from the governance vault meaning they then had all the voting power,” a spokesperson for security company PeckShield informed Decrypt. “They then swapped part of the stolen TORN for Ethereum (ETH) and deposited it into the Tornado Cash protocol.”
Shortly after the proposition was revealed to be malicious, another proposition was made to revert the changes.
“Because the attacker now has a bulk of voting power, governance mechanisms are essentially meaningless,” Magalhães said.
The attacker likewise submitted another new proposal that would return the TORN crypto tokens they had given themself. After swapping 380,000 TORN for Ethereum (ETH), the attacker still holds 820,000 TORN crypto tokens, which means they still have total control over the DAO.
Twitter user 0xdeadf4ce has suggested, on the other hand, that this could all be a “gigatroll,” saying the new proposition to revert the changes was simply a means to boost the token’s price.
TornadoCash attacker deployed new proposition that, if executed, would seemingly revert the damage done to the Governance functionality. Either they’re giga trolling or it will end up being an expensive but not catastrophic lesson in Governance security.
— 0xdeadf4ce (@0xdface) May 21, 2023
How do DAOs stay safe?
This sparked debate online about DAO proposals not being properly audited, if at all.
“This is not the 1st case of governance attack this year,” Snapshot’s head of growth Nathan van der Heyden informed Decrypt. “The Beanstalk governance attack is one of the largest hacks of the year, and this Tornado one is probably one of the most high-profile.”
In this case, the proposition was well-crafted to be non-descript and unsuspecting.
Numerous, if not all, voters would have simply cast their vote without diving deeper into the contract’s code.
“Auditing all critical processes is certainly a good measure, but we do not see it often being implemented,” Immunefi’s Magalhães informed Decrypt. “It is hard already to see comprehensive audits being done on all smart contract proxy upgrades.”
A spokesperson at PeckShield confirmed that the company receives proposition audit requests and that they “believe many of famous protocols have their proposals audited.”
PeckShield declined to reveal who pays for proposition security audits or what projects opt to audit their proposals.
On the other hand, what’s a DAO to do?
“DAOs should promote the active review of proposals and participation from holders. Essentially, malicious code like this should not go unnoticed by all DAO members,” Magalhães stated. “An individual voter should have a deep understanding of whatever they are voting for. On-chain proposals, though digital, are definitely real, and have real consequences.”
Although while this attack was crafty, anyone with a keen eye reviewing the code should have seen the self-destruct function. “A self- devastation function in a contract should have fired all headquarter sirens,” he said.
This attack should act as a learning lesson, albeit an expensive one, for DAOs and their members to prevent is still another governance attack from happening this year.
” We must generalized onchain governance frameworks that allow these exploits to be teaching moments to the community that then adapts their own frameworks to this new knowledge,” van der Heyden stated, “If we do not learn collectively, then we’re forced to repeat similar mistakes individually.”