sudo rm -rf --no-preserve-root /|Jun 25, 2026 12:46
the latest tornado cash proposal 67 is _malicious_: https://bafybeie5hxovqc4ifcnrnhvmjbefxgeix6oqvzaspyytdxiyscji22v5pu[.]ipfs[.]inbrowser[.]link/governance/67
decompilation of the proposal: https://app.dedaub.com/ethereum/address/0x0d0be561052d4cf419575e35de4e60163a55185b/decompiled
the try to set the governance address to a vanity address that looks almost like the governance address:
- spoofed version: `0x5EFDa50f22D34F272c7077689d6ABc42F15E285f`
- real governance address: `0x5efda50f22d34F262c29268506C5Fa42cB56A1Ce`
same for the staking governance proxy:
- spoofed version `0x2fc93484614a34f7dbf98d7f7e997f6424e54a32`
- real staking address: `0x2FC93484614a34f26F7970CBB94615bA109BB4bf`
furthermore, worth mentioning the function `nullifyBalance` checks against the spoofed governance address above; so whoever controls that vanity address can zero out any relayer's balance at will.
this is a governance attack on Tornado Cash and i ask all TORN tokenholders to reject this proposal(sudo rm -rf --no-preserve-root /)
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink