Tornado Crash Governance Hack

in crypto •  last year 

Attacker hijacks Tornado Cash governance via malicious proposal

The total control over Tornado Cash governance allows the attacker to withdraw all of the locked votes, drain all of the tokens in the governance contract and brick the router.

Hilarious! So how did he manage that!?

yeah, OK, but still, how exactly?

Did nobody read the code?

Decentralised stupidity.

Tornado Cash attacker to potentially give back governance control, proposal reveals

An attacker who sparked community-wide panic by hijacking the Tornado Cash governance is now proposing to undo their hack — and while not everyone feels the hacker can be trusted, they apparently have little choice in the matter.

This does highlight one of many problems with so-called decentralised governance - the stupidity or laziness of voters. The reason many democracies have a bicameral system is to try and stop and truly dreadful legislation hoodwinking both houses.

Apart from the obvious mathematics that control can be gained with enough will to power, it can also be pissed away through ignorance. That proposals are voted on once and implemented if passed is just plain dangerous. Tornado is just one of many examples.

crypto news tornado cash hack governance decentralisation
last year by
111.33 BLURT
  • Past Payouts 111.33 BLURT
  • - Author 55.67 BP
  • - Curators 55.67 BP
7 votes $0.16
6
Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE BLURT!
Sort Order:  
  • Trending
    • [-]
      ·  last year  ·  

    Decentralisation is a belief system, similar to democracy.
    Both are weak forms of governance designed to have covert control over an ignorant population.
    Why do so many buy into that a rudderless ship is a good idea?
    Show me a governance system that doesn't suck.

    66.98 BLURT
    • Past Payouts 66.98 BLURT
    • - Author 33.49 BP
    • - Curators 33.49 BP
    2 votes    $0.19
    [-]
      ·  last year  ·  

    Plenty of people stating the obvious - where is a robust process? Why is governance so naive?

    Even a very simple two-step process may have revealed this. Have a preliminary vote, then an investigation, then a final vote. And NOT gov proposals with 3 days to vote (or whatever) - that's also childish.

    65.62 BLURT
    • Past Payouts 65.62 BLURT
    • - Author 32.81 BP
    • - Curators 32.81 BP
    2 votes    $0.19
    [-]
      ·  last year  ·  

    robust? oh, look, there's a rainbow!

    61.87 BLURT
    • Past Payouts 61.87 BLURT
    • - Author 30.93 BP
    • - Curators 30.93 BP
    2 votes    $0.18
    [-]
      ·  last year  ·  

    That's like asking for a democracy that doesn't suck. Switzerland comes close, with power devolved and referenda as standard, but even that isnt fail-proof.
    Ultimately, it is up to the people to be awake and aware - and not woketard believers.

    64.62 BLURT
    • Past Payouts 64.62 BLURT
    • - Author 32.31 BP
    • - Curators 32.31 BP
    2 votes    $0.19
    [-]
      ·  last year  ·  
    65.58 BLURT
    • Past Payouts 65.58 BLURT
    • - Author 32.79 BP
    • - Curators 32.79 BP
    2 votes    $0.19
    [-]
      ·  last year  ·  

    Again and again we see this. I know the code is complex, but there must be a diagram of the network of contracts that can be checked for consequences of algo changes.
    It's just so brittle... and fragile.

    66.74 BLURT
    • Past Payouts 66.74 BLURT
    • - Author 33.37 BP
    • - Curators 33.37 BP
    2 votes    $0.19