Skip to content
Blockchain Posts

governance

Tornado Cash DAO flagged for malicious proposal swapping lookalike addresses; ~$23M TORN at stake

Researchers flagged a June 25 Tornado Cash governance proposal that swaps the DAO treasury address for a lookalike — ~$23M in TORN and relayer balances at risk.

by 5 min read
governanceexploitethereumtornado-cashdao

A governance proposal submitted to the Tornado Cash DAO on June 25, 2026 has been flagged by multiple security researchers as a deliberate hijack attempt. The proposal — surfaced first by L2BEAT researchers and amplified on X by ZK researcher Sergey Shemyakov and Pascal Caversaccio of the Security Alliance — purports to install a new fee structure and a "dynamic deflationary economic model." The reviewers' reading: under that cover, it swaps the DAO's core governance address — which currently controls roughly $23M in TORN — for an attacker-controlled lookalike sharing the same opening characters, and zeroes out the relayer balances the protocol depends on. The proposal's executable contract is unverified, a departure from standard practice that researchers flagged as the single clearest tell.

What the proposal actually does

Stripped of cover text, the proposal makes two changes:

  1. Governance address swap. The current DAO governance address (custody of ~$23M in TORN) is replaced with a separate address that shares the first 15 hexadecimal characters of the legitimate one. A parallel swap is made on the staking governance proxy contract. Anyone glancing at the address in a wallet UI — which truncates to the first and last few characters — would see a match.
  2. Relayer balance wipe. A second change buried later in the call data zeroes balances of the protocol's relayers — the off-chain operators users route through so their own wallet addresses aren't exposed to the mixer's deposit contract. Wiping relayer balances does not steal them by itself, but it removes the privacy plumbing the rest of the protocol depends on.

The combined intent the researchers describe: capture the treasury via the swap, and degrade the protocol's privacy substrate at the same time.

Why researchers flagged it

- Date submitted             : 2026-06-25
- TORN value at risk         : ~$23M (current DAO governance address holdings)
- Lookalike prefix match     : first 15 hex characters
- Executable contract        : unverified on Etherscan
- Proposer funding           : recently funded by a Railgun-tagged address
                               (~4 days before submission)
- Researchers raising alerts : L2BEAT, Sergey Shemyakov (ZK researcher),
                               Pascal Caversaccio (Security Alliance)
- Second buried change       : zeroes relayer balances

Two operational signals beyond the call-data review pushed reviewers from "suspicious" to "treat as malicious":

  • Unverified contract. Tornado Cash governance proposals customarily ship with the executable contract verified on Etherscan so any DAO voter can read the bytecode being authorized. The June 25 proposal did not. Caversaccio called the omission a clear indication the proposal should be treated as hostile.
  • Proposer funding trail. The submitting address was funded shortly before the proposal by an address tagged on-chain as belonging to Railgun, a competing zk-privacy protocol. That funding link does not itself prove Railgun's involvement — Railgun's contracts are routinely used by third parties unaffiliated with the project — but it removes any clean attribution to a long-standing TORN holder and aligns with the proposal's "outsider with cover story" shape.

Skeptical attribution

We are not naming an actor. The on-chain signal is a recently-funded address with a Railgun-tagged funding source; the cover is a generic "deflationary tokenomics" pitch; the executable contract is unverified. Anyone who tells you which group wrote this proposal at this point is guessing. The pattern fits known DAO governance-takeover playbooks — among them the 2023 Tornado Cash governance attack — but pattern-match is not attribution.

What to watch

  1. Vote tally and execution window. Governance proposals on Tornado Cash carry a voting window and an executable delay. If the proposal is on track to pass, TORN holders need to vote no or organize a counter-proposal that revokes the change before the execution call is made.
  2. Relayer status. Operators of registered relayers should track whether the proposal — if it executes — would zero their staked balances. Reorg-resistant relayer infrastructure is what keeps Tornado Cash usable without doxxing the depositor.
  3. Etherscan label updates. Whether and how Etherscan, L2BEAT and the major analytics shops label the proposal contract and the proposer address over the next 72 hours will shape whether the vote attracts uninformed approvals.
  4. A clean counter-proposal. Past Tornado Cash governance attacks have been reversed by separate proposals re-pointing the governance addresses back to legitimate contracts; expect one if this proposal advances.

Context — second governance-via-lookalike attempt on a major DAO in three weeks

This is not an isolated pattern. The same primitive — buy or capture governance tokens, table a proposal whose call data does something different from what its text claims, ride the inattention through a vote — has now been documented multiple times in a short window on Blockchain Posts:

  • The TOP token Aragon governance takeover on June 9, 2026: an attacker funded a buying campaign with 664 ETH withdrawn from Tornado Cash, accumulated majority voting power on TOP, voted to mint themselves new tokens and exited for ~$1.58M into the protocol's DEX liquidity.
  • The 2023 Tornado Cash governance attack, in which a malicious proposal granted an attacker majority votes before the attacker later "restored" governance.

Two design features keep enabling it: small token floats relative to the treasury at stake, and proposals whose executable contracts can be passed unverified. Neither is a Tornado Cash–specific bug; both are governance-design choices many DAOs still make.

Sources:

Related stories