I am posting this as Bitcoin_Army regarding the recent attempted compromise of Kintsugi's sudo key by an account posing as "Kazimierz Nowak": https://kintsugi.subsquare.io/democracy/referenda/149
User kkalii initially identified the malicious nature of the referendum, noticing that it contained a sudo.setkey call, and promptly alerted the community. Upon receiving this alert, I (Bitcoin_Army) amplified the message, mobilizing both the Interlay team and the broader Kintsugi community. Thanks to the rapid response, the malicious referendum was successfully rejected. Special thanks go to founder Dom, who swiftly engaged the Technical Committee to prepare and expedite a new referendum that effectively canceled the malicious proposal.
Leemo initially suggested rewarding this effort through a tip and attempted to propose it himself but encountered balance issues. Here is the system remark from Leemo supporting my tipping: https://kintsugi.subscan.io/extrinsic/7036937-2
Therefore, this proposal recommends tipping $500 each to kkalii and myself (Bitcoin_Army), plus an additional compensation of $250 for my time spent on communications and drafting this proposal. This is in recognition of proactively reviewing governance referenda, promptly identifying critical issues, and mobilizing community engagement to prevent potential damage to the network. This action aims to encourage continued vigilance and active participation in community governance processes.
System remarks confirming identities for transparency:
Leemo confirming he is Kazimierz Nowak: https://kintsugi.subscan.io/extrinsic/7105122-2
Kazimierz Nowak confirming he is Leemo: https://kintsugi.subscan.io/extrinsic/7105123-2
Relevant AAG Clip highlighting the incident: https://x.com/TheKusamarian/status/1889766430952055295
Proposal Context
Incident Overview
The attack consisted of two interconnected proposals, strategically designed to mislead governance participants and hide malicious intent:
1️⃣ First FAKE Proposal – Referendum 149 (View Proposal)
The attacker inserted blank spaces in the proposal text, making it difficult to identify the real purpose of the extrinsic/call function.
This proposal contained a hidden Sudo.setKey function, which would have granted full control over Kintsugi’s governance.
The formatting trick bypassed casual review, as the malicious function was camouflaged within seemingly harmless content.
2️⃣ Second FAKE Proposal – Referendum 150 (View Proposal)
After attempting to gain governance control, the attacker submitted a separate funding request for an apparently legitimate activity.
This second proposal was meant to reinforce credibility, making it seem like a standard governance request.
If both proposals had passed, the attacker could have diverted funds and manipulated governance without immediate suspicion.
Social Engineering & Deception Tactics
The attacker relied on human oversight by making Referendum 149 difficult to analyze at a glance.
The secondary proposal created a false sense of legitimacy, making it less likely that governance participants would question Referendum 149.
This was not a simple technical exploit—it was a highly coordinated attempt to manipulate decentralized governance using psychological tactics.
Response & Resolution
Bitcoin_Army immediately flagged the attack before execution.
Discussions with Kintsugi stakeholders took place to reinforce governance security.
This case triggered a reevaluation of governance monitoring and review processes in Kusama parachains.