Despite facing US government sanctions, Tornado Cash, a decentralized autonomous organization (DAO) operating as a smart contract mixer on Ethereum, continues to function. A recent hack attempted to bring it down, but the outcome took an unexpected twist.
The Tornado Cash smart contract is currently under sanctions, with the US Treasury Department blacklisting the mixer that anonymizes Ethereum coins using zero-knowledge proofs. Developer Alexey Pertsev was arrested in Amsterdam, and the website was shut down.
In theory, Tornado Cash should have been extinguished by these measures. The intention was to prevent the laundering of Ether and ERC20 tokens through the mixer. However, the nature of a decentralized mixer allowed it to persist. Unlike a centralized mixer, where arresting the operator and shutting down the server terminates its operations, a smart contract mixer continues to function even if the developer is arrested and the website is taken offline.
A blockchain like Ethereum operates independently of sanctions and arrests. It follows the consensus rules block by block. What the consensus supports remains alive, while what it disapproves of cannot survive. This is the inherent nature of Tornado Cash’s code—it remains oblivious to external factors.
However, the sanctions did have some impact. The closure of the standard website interface made it more challenging to access Tornado Cash. Additionally, the prospect of linking funds through the mixer to addresses blacklisted by the US Treasury Department deterred users. Immediately after the sanctions were imposed in August 2022, Tornado Cash activity plummeted, as observed in Dune Analytics’ dashboard, with deposits, withdrawals, Ether in the pool, and the number of unique users per week all dropping by 40-80 percent. Despite the initial decline, these metrics eventually stabilized and have been gradually increasing.
Whenever one access point is closed, another emerges. When a node blocks a smart contract, users simply align their wallets with a different one. The Tornado Cash community has found ways to bypass these blockades, as illustrated in a tutorial on the Tornado Cash forum.
Tornado Cash’s resilience to government sanctions is a remarkable example of a blockchain’s resistance. However, it has not been immune to the impact of such measures.
In recent weeks, the mixer faced another threat. If defeating it through consensus was not possible, perhaps defeating it with consensus could work.
On May 20, a hacker targeted the Tornado DAO—the Decentralized Autonomous Organization behind Tornado Cash. In the DAO, TORN token holders vote on the project’s development and changes.
Here’s what transpired: A TORN token holder, who possessed 10,000 tokens (worth just under $7 each at the time), proposed a change to the smart contract. This was the usual process within the DAO. The proposal claimed that certain operators of Tornado’s routers were being cheated out of their fair earnings, making it appealing for them to support the proposal.
The seemingly unremarkable code contained a malicious function, making this attack particularly intriguing. It was a “metamorphic contract.”
A metamorphic smart contract undergoes changes after activation. Technically, using the “create2” opcode, a smart contract can refer to another contract that does not yet exist. If the initial contract is later destroyed using the self-destruct feature (often an emergency switch), it is replaced by the new, released contract. In this case, the initial contract acts as a larva from which an altered contract emerges—a metaphorical butterfly or, in this case, a malevolent moth.
After its metamorphosis, the smart contract attributed 1.2 million votes to the attacker within the Tornado DAO. It was akin to a coup, as the attacker suddenly became the sole ruler by passing a law in parliament that bestowed absolute power upon themselves.
The Tornado DAO had only 700,000 legitimate votes, so the hacker had complete control. They had achieved what the most powerful country’s government could not.
“It looks like the end of Tornado Cash,” remarked Dr. Nick on Twitter. But was it truly the end? The story takes an unexpected turn from here.
The hacker became the sole ruler of the Tornado DAO with their metamorphic attack. They were able to withdraw all tokens from the governance contract, manipulate the router, and execute other attacks. However, they could not empty or shut down the individual pools or censor them.
The attack had the power to dismantle the DAO and seize its reserves but could not prevent users from depositing and withdrawing funds from the pools. Tornado Cash continued to function as usual despite the attack.
On 2023/05/20 at 07:25:11 UTC, Tornado Cash governance effectively ceased to exist. Through a malicious proposal, an attacker granted themselves 1,200,000 votes. As this is more than the ~700,000 legitimate votes, they now have full control.https://t.co/nY87XmrYgT pic.twitter.com/h9qjc3xRqz
— @samczsun.com (@samczsun) May 20, 2023
A day later, the new dictator—the hacker—submitted their first proposal. To everyone’s surprise, they rectified the damage they had caused and restored normal governance to the DAO. They reset the balance of votes they had assigned to themselves to zero and voluntarily stepped down from power.
Shortly after, the voting process commenced. Due to an overwhelming majority of votes, the new dictator’s dismissal was enforced. The Tornado DAO quickly returned to its normal state after a brief yet eventful episode. The hacker had revealed the potential dangers associated with certain smart contracts, particularly those featuring a self-destruct function. They had become the king of the DAO for a day and then abdicated.
The hacker withdrew the 10,000 TORN tokens from the governance contract, converted them into Ether, and privately retained them—using Tornado Cash, of course.
In the community, this unexpected twist was met with relief. Speculation arose regarding the identity of the benevolent attacker. It was unlikely to be a government entity, as they would likely aim to destroy or damage Tornado Cash rather than issue a warning through code changes involving self-destruct functions.
Could it have been a hacker? From a self-interest perspective, a hacker would want to exploit Tornado Cash to launder their ill-gotten gains. However, wouldn’t a hacker take more than just 10,000 TORN tokens? They could have taken a significantly larger amount without causing substantial harm to the DAO.
A plausible theory suggests that the attacker might have been an insider—an individual from the Tornado Cash team or even someone within the DAO itself. It could have potentially been Alexey Pertsev, considering the timing. Pertsev was released on bail in late April, preparing for his trial under surveillance.
Unfortunately, the identity of the DAO’s temporary king remains unknown for now.