After gaining control over the Tornado Cash DAO through a malicious proposal on May 20, the anonymous individuals behind the attack appear to be undoing the damage.

The attackers put forth proposal 21, which called for restoring the normal state of governance and reverting their share of governance tokens back to zero. In the first malicious proposal, the attackers granted themselves 1.2 million governance votes to take control of the governance.

Proposal 21 passed on Friday with what looked to be unanimous support from the community, with 517,000 TORN used in the process of voting. However, it is worth noting that the attackers themselves voted in favor of the proposal with their self-assigned governance power.

The motive behind the attackers’ decision to restore the normal governance parameters remains unclear at the time of writing. One theory is that the attackers no longer have an interest in controlling the DAO, having already swapped 483,000 TORN tokens for ETH, which they promptly sent back to Tornado Cash to be laundered.

Another theory is that the move to give back governance control to the community is merely a ploy to increase TORN’s price, after which the attackers can sell the rest of the tokens they hold.