On May 20, 2023, Tornado Cash fell victim to a governance attack, resulting in a loss of approximately $1 million. The attacker initiated the attack by submitting a malicious proposal with a misleading description, which was later approved by the voters. Once the malicious proposal was executed, the attacker gained control over the governance of Tornado Cash.
Let's analyze how this attack unfolded and examine the underlying reasons behind it.
By examining the transaction records, we can trace the details of the attack. The attacker used two addresses: Attacker A (https://etherscan.io/address/0x092123663804f8801b9b086b03b98d706f77bd59) and Attacker B (https://etherscan.io/address/0x592340957ebc9e4afb0e9af221d06fdddf789de9).
The transaction details can be found here: https://etherscan.io/tx/0x65fa5b475f34a954a10f88f2c84f316a048a0e67d273c7abb098717b1a4a46a3.
The code for the malicious proposal is stored at the following address: https://etherscan.io/address/0xc503893b3e3c0c6b909222b45f2a3a259a52752d#code.
The contract that was attacked is TornadoVault (https://etherscan.io/address/0x2f50508a8a3d323b91336fa3ea6ae50e55f32185#code).
The attack unfolded as follows:
1. Attacker B created the malicious proposal at address 0xc503893b3e3c0c6b909222b45f2a3a259a52752d
2. Attacker B submitted a deceptive proposal labeled as #20.
3. Attacker A manipulated multiple accounts to lock 0 TORN tokens.
4. Deceived users voted for proposal #20.
5. After reaching the required number of votes, the attacker launched the attack:
- The old proposal was destroyed. Attacker B invoked the emergencyStop function, destroying the old proposal at address 0xC50389 (https://etherscan.io/tx/0xd3a570af795405e141988c48527a595434665089117473bc0389e83091391adb
- The proposal contract was updated. Attacker B created a new proposal contract at the same address 0xC50389 (https://etherscan.io/tx/0xa7d20ccdbc2365578a106093e82cc9f6ec5d03043bb6a00114c0ad5d03620122
- Proof of Concept: A test file (https://github.com/MetaTrustLabs/SmartContractAttackPoC/blob/main/test/TornadoCash) was created to simulate the attacker's steps, including the creation and destruction of malicious contracts and the creation of new contracts at the same address.
6. Token transfers
- Attacker B transferred tokens to Tornado.Cash: Governance Staking.
- Attacker A transferred tokens to the attacker-controlled account.
Eventually, Attacker A obtained tokens worth $1 million through this attack.
The root causes of this governance attack can be attributed to two factors: the approval of a malicious proposal and the destruction and recreation of the proposal contract by the attacker.
Firstly, the attacker lured voters into making a misjudgment by creating a malicious proposal, leading them to approve it without fully understanding its potential risks. This deceptive description may have concealed the true intentions of the attack and misled voters into believing that the proposal was beneficial or harmless.
Secondly, the attacker took measures to destroy the original proposal contract and recreate it at the same address. By invoking the emergencyStop function, the attacker successfully disrupted the logic of the original proposal, causing its execution results to deviate from expectations. This action provided the attacker with an opportunity to seize control of the governance and laid the foundation for subsequent attacks.
The combination of these two factors enabled the attacker to successfully carry out the governance attack and take control of Tornado Cash. The approval of the malicious proposal and the destruction and recreation of the proposal contract paved the way for the attacker to utilize the controlled governance for further operations.
This attack highlights the importance of security and risk management in decentralized governance processes. Developers and communities should strengthen the review of proposals to ensure accurate and transparent descriptions, as well as enhance the security audit of contracts to prevent attackers from exploiting vulnerabilities and engaging in malicious activities. Additionally, users and voters need to carefully evaluate proposal content and ensure they understand the potential risks and consequences.
For projects like Tornado Cash and similar ones, this governance attack should be considered a lesson to strengthen their governance processes and security mechanisms, thereby improving the overall system's security and resilience against risks. Only through continuous security audits, risk assessments, and increased community participation and awareness can we establish a safer and more reliable blockchain ecosystem.
About Us
At MetaTrust, our primary focus is on creating a secure infrastructure that caters to the needs of developers in the WEB 3.0 space. We offer an array of AI-Driven automation tools and security services to assist Web3 developers and project stakeholders in achieving a secure development environment.
All Comments