2/ The black-hat exploiter began with a seemingly legitimate proposal via the CREATE2 deterministic deployment a week prior to executing their malicious code after the SELFDESTRUCT function on TC governance.

https://t.co/Q0NbHKRNGi
— Portal Gate (@portalgateme)
May 22, 2023

3/ Thereafter, Tornado Cash’s on-chain governance effectively ceased to exist due to the overwhelming grant of 1.2M votes, taking control of the withdrawal, function, and overall function of the pool.

https://t.co/TEiDio9DDZ
— Portal Gate (@portalgateme)
May 22, 2023

4/ This is evident with the immediate sale of the TORN token on the open market after they utilised the emergencyStop function to grant themselves fake votes.

I.https://t.co/zpBVfvupoO

II.https://t.co/Cd7jf4Opdr https://t.co/s9GqlzZO4m
— Portal Gate (@portalgateme)
May 22, 2023

5/ Tracing the transaction, approximately 10k $TORN has been compromised, with more potentially under the control of the black-hat exploiter.

https://t.co/iu32RNfpJv
— Portal Gate (@portalgateme)
May 22, 2023

6/ So far the exploit is limited to the control of TORN tokens within the governance pool - though researchers have reason to believe that the Classic Router is potentially compromised.
— Portal Gate (@portalgateme)
May 22, 2023

7/ For anyone keen on seeing the bird’s eye view of what exactly happened, @blocksecteam tweeted an encompassing function map to understand the current situation for $TORN holders:

https://t.co/UWM0BCCDc8 https://t.co/euycTjnYmW
— Portal Gate (@portalgateme)
May 22, 2023

8/ Furthermore an in-depth transactional analysis by the wonderful team at @slowmist_team shows and confirms @blocksecteam’s findings:

https://t.co/aHi1MOjrAj
— Portal Gate (@portalgateme)
May 22, 2023

9/ Tracking some notable addresses that the hacker could potentially control:

https://t.co/3FswPFJvkI

also highlighting this address:
https://t.co/3S6rTnU4Vi
— Portal Gate (@portalgateme)
May 22, 2023

10/ In addition, @samczsun highlighted a potential exploit on the #tornadocash Nova by proxy, effectively allowing the black-hat to DRAIN ALL $ETH in the pool via contract upgrades.

TORN Contract:
https://t.co/9vu6ISVmBc
— Portal Gate (@portalgateme)
May 22, 2023

11/ So what now? Currently, the black-hat just proposed a new proposal, effectively attempting to “restore” confidence within the governance contract:

https://t.co/GdnhzypkqB
— Portal Gate (@portalgateme)
May 22, 2023

12/ Time will tell (proposal deadline as of 26/05/23 11:53PM GMT) whether governance will be restored, but one thing is for sure - Security is paramount.
— Portal Gate (@portalgateme)
May 22, 2023

13/ As we’re building a compliant privacy solution at Portal Gate, to ensure that we will not experience the same exploit, our on-chain governance will potentially deviate from @tornadocash’s CREATE2 function.

https://t.co/NPhQfOGgui
— Portal Gate (@portalgateme)
May 22, 2023

14/ This also includes revisiting the requirement to separate ownership of the pool contract and governance contract, ensuring insulation of funds between Governance and TVL deposits.

Refer back to tweet 9/ from this thread.
— Portal Gate (@portalgateme)
May 22, 2023

15/ To top it all off, we are rooting for the @tornadocash governance team and community as we build together for a better privacy-centric future.

Read more about Portal Gate’s two core product components:

https://t.co/CZqmwXrsfb
— Portal Gate (@portalgateme)
May 22, 2023

New initiatives are being implemented in our Discord. If you haven't joined us yet, make sure you join now to be a part of the "🌟level-up" community.

As everything comes together, we are also making further plans to deliver our promise to reward early #portalgateme users.
— Portal Gate (@portalgateme)
May 23, 2023

👾Join now: https://t.co/1zESkysdGU
— Portal Gate (@portalgateme)
May 23, 2023

Building a compliant privacy solution for users to transact with enhanced privacy and anonymity, as well as meeting compliance requirements. https://t.co/O9iFtV0RNV
— Portal Gate (@portalgateme)
May 23, 2023

If you missed our 101 about Portal Gate:
https://t.co/qM98TcRXWU
— Portal Gate (@portalgateme)
May 23, 2023

Check out our latest Portal Gate video🔥project pitch at the ScalingX Demo Day
https://youtu.be/cF7poMjGclc

RT @jemma_xu: Great chatting with @maxparasol @Cointelegraph on the compliant and private defi stack we are building at @portalgateme with darkpool at its core https://t.co/lVTsTwp5dJ — Portal Gate (@portalgateme) Jun 9, 2023

June 09, 2023 at 02:35PM
via Twitter https://twitter.com/portalgateme

RT @chiraagreythorn: Lights out, trades on! Dark Pool trading is on its way to DeFi. 🔥 https://t.co/li4WaNUqvo — Portal Gate (@portalgateme) Jun 9, 2023

June 09, 2023 at 02:35PM
via Twitter https://twitter.com/portalgateme