• Forex Expo Dubai Adds New Features for Verified Traders and Introducing Brokers
  • Blockchain Futurist Conference Returns with Major Industry Announcements, Product Demos, and New Launches
  • Gibraltar Minister to Open Europe’s 1st Prediction Markets Summit Following New Regulation
  • 3 Weeks Until SPiCE Southeast Asia 2026: Spotlight on QTech Games
  • Europe’s First Dedicated Prediction Markets Summit Comes to Gibraltar
2026-07-16
Coins by Cryptorank
Bitcoinworld Bitcoinworld
Bitcoinworld Bitcoinworld
  • Crypto News
  • AI News
  • Forex News
  • Sponsored
  • Press Release
  • Media Kit
  • Advertisement
  • More
    • About Us
    • Learn
    • Exclusive Article
    • Reviews
    • Events
    • Contact Us
    • Privacy Policy
Bitcoinworld
  • Crypto News
  • AI News
  • Forex News
  • Sponsored
  • Press Release
  • Media Kit
  • Advertisement
  • More
    • About Us
    • Learn
    • Exclusive Article
    • Reviews
    • Events
    • Contact Us
    • Privacy Policy
Skip to content
Home Crypto News Suspicious governance proposal puts $23M in Tornado Cash tokens at risk
Crypto News

Suspicious governance proposal puts $23M in Tornado Cash tokens at risk

  • by Dhaval
  • 2026-06-26
  • 0 Comments
  • 2 minutes read
  • 91 Views
  • 3 weeks ago
Facebook Twitter Pinterest Whatsapp
Computer monitor displaying smart contract code with a red warning symbol in a dimly lit server room

A governance proposal submitted to the Tornado Cash (TORN) protocol is suspected of containing malicious code, potentially putting $23 million worth of the token at risk of theft. Blockchain security researcher Sergey Shemyakov reported the finding via X, urging the community to exercise caution before voting.

Unverified code and privacy tool funding raise red flags

Shemyakov noted that the proposal’s contract code remains unverified, a significant departure from standard practice in decentralized autonomous organization (DAO) governance. Typically, proposal code is publicly auditable to ensure transparency. Additionally, the proposer received initial funding through Railgun, a privacy-focused tool that obscures transaction histories, making it difficult to trace the source of funds.

The researcher explained that the proposal is structured in a way that could allow the proposer to seize control of the DAO’s governance mechanisms. While the Tornado Cash mixing pool itself remains safe, the attack appears to be aimed directly at the protocol’s governance layer, potentially enabling the theft of TORN tokens held in the DAO treasury.

Implications for DAO security and user funds

This incident highlights a growing vulnerability in decentralized governance systems. Malicious actors can exploit the often-complex proposal process to insert hidden code that, if approved, grants them administrative control. For Tornado Cash, which has already faced significant regulatory and technical challenges, this represents another threat to its operational integrity.

What users should know

The immediate risk is limited to the DAO treasury, not the mixing pools or user funds. However, if the proposal were to pass, the attacker could drain the treasury of its TORN tokens. The community is advised to reject the proposal and for the DAO to implement more rigorous code verification processes before any vote.

Conclusion

The discovery of a potentially malicious governance proposal underscores the importance of security diligence in decentralized finance. As DAOs become more common, so do targeted attacks on their governance structures. The Tornado Cash community must act swiftly to neutralize this threat and reinforce its security protocols to prevent future incidents.

FAQs

Q1: Is my Tornado Cash mixing pool safe?
Yes, the mixing pool itself is not affected. The risk is limited to the DAO treasury and governance tokens.

Q2: How can the community stop this attack?
By voting against the malicious proposal and implementing stricter code verification before any future votes.

Q3: What makes this proposal suspicious?
The contract code is unverified, and the proposer funded their address through a privacy tool, making it difficult to identify them.

Disclaimer: The information provided is not trading advice, Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Related Reading

  • Airbnb CEO: Trust, Not Technology, Will Decide the Winners in Real-World Asset Tokenization
  • Sablier Labs Pauses Active Development, Enters Maintenance Phase Amid Crypto Downturn
  • South Korea to Pilot Tokenized Government Bonds on CBDC-Linked Blockchain
  • Why is Concordium (CCD) Trending? What You Need to Know
  • Securitize Hits $5 Billion in Tokenized Assets as Institutional Demand Accelerates

Tags:

BLOCKCHAINCryptocurrency SecurityDAOTornado Cash

Share This Post:

Facebook Twitter Pinterest Whatsapp
Dhaval

Dhaval

Author
Dhaval Aggarwal covers cryptocurrency markets and Web3 venture investing for BitcoinWorld. His reporting focuses on funding rounds, exchange listings, on-chain treasury activity, and the partnerships connecting crypto-native firms with traditional finance. Since joining the desk in 2023, he has tracked the deal flow behind major Layer-2 networks, Bitcoin treasury programs, and institutional adoption stories. He writes daily news pieces for active traders and longer analyses for readers following where the next cycle of crypto growth is heading.
Previous Post

US Dollar Index Holds Steady Above 101.50 as Market Awaits Key PCE Inflation Data

Next Post

Indian Rupee Gains Capped by RBI Policy and Trade Risks: Societe Generale

Categories

92

AI News

Crypto News

Bitcoin Treasury Ambition: The Blockchain Group Seeks Staggering €10 Billion

Events

97

Forex News

33

Learn

Press Release

Reviews

Google NewsGoogle News TwitterTwitter LinkedinLinkedin coinmarketcapcoinmarketcap BinanceBinance YouTubeYouTubes

Copyright © 2026 BitcoinWorld | Powered by BitcoinWorld