It’s bad enough that one of Tornado Cash’s developers got arrested amid accusations of the crypto transaction masking service being used by North Koreans and others to launder money stolen in hacking and used in other illegal activities.
Then last week, Tornado Cash got hacked in the most nightmarish way for a DAO — by having its governance process subverted by a malicious actor who got the unsuspecting community to give him the power of 1,200,000 votes while the entire TORN community only has around 700,000 votes.
Once the proposal passed, the hacker effectively received sole power over all governance decisions, including those over Tornado Cash’s treasury. In an ironic move that surprised no one, the hacker then used Tornado Cash’s own mixer to obfuscate the movement of the 483,000 TORN tokens he stole from their treasury, netting around $890,000 in ETH with another $160,000 still held in TORN.
But this saga had another plot twist: the hacker put forward a proposal to give back governance control to the community. Today, this proposal was unanimously accepted by every voting community member. And thus, the Tornado Cash DAO is set to receive back control of their own governance at the bargain price of over $1M.
The lessons here are hard to swallow but very important for anyone who creates or participates in a DAO: the autonomous and decentralized nature of DAOs means that there are no “do-overs” if members vote in a malicious proposal. This is why it’s crucial to set up airtight governance rules that catch and prevent malicious behaviors. Some of the currently explored solutions for that are appointing validators (trusted community members or experts in subject matter) who can have a secondary vote or somehow veto proposals they deem damaging to the DAO. It could include setting very specific quorum and/or voting length requirements. Another approach is to vet DAO members better via soulbound tokens or others systems of making sure that the votes who count the most belong those most invested into the DAO (not in the sense of physically investing the most money, necessarily, but rather those who put in the time, reputation, and other resources into showing that they are constructive builders of the DAO and wish it no harm).
Seems like Tornado Cash now has some time to rethink its governance along those lines. Maybe, it can be aided by its arrested developer, Alex Pertsev, who — while not being released anytime soon — at least got court approval to cross-examine Chainalysis, the crypto sleuth company that provided forensic evidence supposedly linking him to criminal money. For Tornado Cash and all other DAOs, cross-examining their own governance setup may be a great idea before crafty criminals get their hands on their treasuries.