THORChain Investigation Continues: Community Vote on Recovery Approach Coming
THORChain Investigation Continues: Community Vote on Recovery Approach Coming
🔍 THORChain Recovery Vote
THORChain developers and THORSec continue investigating the vault compromise that resulted in approximately $10.7M in losses. The team has identified how the attack was executed but is not yet disclosing technical details publicly.
Key Updates:
- The attack vector appears unrelated to known GG20 exploits
- Version 3.18.1 expected to release tomorrow for node operators
- Team still assessing if other GG20 implementations are at risk
Recovery Process:
- Community governance will decide how to handle lost funds
- New Discord channel created: adr-028-tss-exploit-recovery
- Node operators will vote on recovery approaches in coming days
- Selected approach will be implemented in version 3.19 update
Network Status:
- Trading and sensitive operations remain paused
- Team leaning toward staying on GG20 short-term for faster recovery
- Long-term cryptographic security discussions postponed until network stabilizes
The investigation involved cryptographers and security researchers, including original GG20 developers. Developers emphasized the process will not be rushed despite pressure to restore full functionality.
THORChain incident update #1 THORChain contributors shared a new update in the dev discord regarding the ongoing incident. TLDR - Current evidence points toward a newly churned node linked to the attack, likely operated by a single malicious actor - The leading theory is an
Important Announcement Trading on THORChain is currently halted after a vault was compromised. Initial indications are user funds are safe and only protocol owned funds are affected. The network automatically detected abnormal behavior and halted signing activity, which alerted
THORChain incident update #3 The developers and THORSec teams have been hard at work throughout the weekend continuing the investigation to fully understand the events that took place, while also planning the road to recovery. It’s important to note that the investigation is
THORChain Releases Full Exploit Report on May 15 Security Incident
THORChain has published a comprehensive post-mortem report detailing the May 15, 2026 security exploit. The report covers: - Complete timeline of the incident - How the protocol's security layers detected and responded to the breach - Technical analysis of the vulnerability - Proposed solutions outlined in ADR-028 The team has also released a two-part video analysis providing additional context on the exploit. [Read the full report](https://thorchain.org/blog/thorchain-exploit-report-1)
Why Bridge Hacks Keep Happening and How Atomic Swaps Solve It
**Bridges don't actually move your assets** - they lock them in vaults and issue wrapped tokens as IOUs. When you bridge ETH to Solana, your real ETH sits locked while you receive a synthetic token representing a promise to unlock it later. **This architecture creates a critical vulnerability**: the system must maintain perfect synchronization between locked assets and minted synthetics. Major exploits include: - Wormhole: $320M lost - Ronin: $600M lost - Nomad: $190M lost **THORChain uses a different approach** with atomic swaps. When swapping ETH for SOL, your Ethereum enters a threshold-signature vault while native Solana from a separate vault goes to your address. No wrapped tokens exist. **Key differences**: - Bridge hack → your wrapped tokens become worthless - Atomic swap → transaction either completes or refunds, no synthetic tokens at risk **The tradeoff**: Native swaps are slower and more expensive than bridges, but eliminate the failure mode where users discover their wrapped tokens have no backing. With atomic swaps, you never hold someone else's promise.
THORChain Reports $4B Swap Volume in Q4, Plans Solana and ZCash Integration
THORChain released its Q4 2025 ecosystem report showing significant activity across its decentralized liquidity protocol. **Key Metrics:** - $4.02B in swap volume - 108,000 unique swappers - 1.22M total trades - $5.02M collected in swap fees - Beta launch of swap.thorchain.org **2026 Roadmap Highlights:** - Solana integration - ZCash support - Rapid Swaps feature The numbers represent a slight decrease from Q3's $4.5B volume and 1.8M swaps, though the platform maintained strong user engagement with over 100,000 active swappers. [Read the full report](https://blog.thorchain.org/thorchain-q4-2025-ecosystem-report-2026-roadmap/)
THORChain v3.14.0 Fixes Critical Swap Delays and Vault Issues
**THORChain v3.14.0** addresses several critical issues affecting user experience and network operations. **Key Fixes:** - **Swap Speed Restored**: Fixed bug causing trade assets (BTC~BTC) and secured assets to take ~13 minutes instead of instant settlement - **Vault Recovery**: Automated retry system for failed refunds from retired vaults, eliminating manual intervention - **Quote Consistency**: Removed randomness in quote queries to ensure same inputs always return identical results - **Outbound Safety**: All transactions now checkpointed immediately to prevent silent failures **Technical Improvements:** - Retired vault balances automatically recovered and refunded - Streaming swap time estimates now accurate for rapid swaps - Enhanced node safety with automatic retry mechanisms These updates resolve operational overhead, improve swap reliability, and strengthen the overall network infrastructure for cross-chain liquidity.