THORChain Drained for $10.7M. Cryptographers Are Pointing at an Old Vulnerability

THORChain is a cross-chain liquidity protocol that lets users swap native assets directly between Bitcoin, Ethereum, BNB Chain, Avalanche, Cosmos Hub, Dogecoin, Bitcoin Cash, Litecoin, Base, Ripple, and TRON without wrapping tokens or trusting an intermediary. It is secured by RUNE, its native token, which provides economic security to the network. Ledger, Bitget Wallet, ShapeShift, Token Pocket, Keplr, and dozens of other wallets and exchanges plug into it as a non-custodial swap provider. It is, in short, infrastructure.

On Friday morning, that infrastructure was compromised.

THORChain confirmed the incident in an official statement, saying one of its six Asgard vaults appears to have been breached and current estimates place the loss at approximately $10.7 million. The network's automatic abnormal-behavior detection halted signing activity before the attacker could continue, and node operators participating in the affected vault had their bonded RUNE slashed as a result of the unauthorized outbound transactions. Churn activity has been paused. Onboarding additional chains has been delayed. RUNE fell roughly 12 percent on the news.

The first public alert came from on-chain investigator ZachXBT, who flagged suspicious activity across Bitcoin, Ethereum, BSC, and Base, and tied the drained funds to a set of theft addresses now labelled "THORChain Exploiter" by Arkham Intelligence. PeckShield independently confirmed roughly 36.75 BTC, hundreds of ETH, and a long list of stablecoins, wrapped tokens, and altcoins moved out of the vault and consolidated into a single Ethereum address.

THORChain has not released a post-mortem. But several cryptographers and security researchers have already pointed at the same culprit: the protocol's threshold signature scheme.

Charles Guillemet, CTO of Ledger, posted a detailed analysis pointing to a possible MPC exploit. THORChain's vaults rely on TSS, a flavor of multi-party computation where a quorum of nodes jointly produces a signature without ever reconstructing the private key. The protocol uses GG20, on a fork of Binance's tss-lib. GG20 has shipped two well-publicized critical bugs in recent years: CVE-2023-33241 and the TSSHOCK class of attacks discovered by Verichains in 2023.

In every published GG18 and GG20 attack, Guillemet wrote, a single malicious or compromised co-signer is enough to extract the other parties' key shares and reconstruct the full private key. THORChain has patched these vulnerabilities before. In August 2023, it paused signing activity after the original TSSHOCK disclosure, and was credited at the time for handling the response responsibly.

The pattern Guillemet outlines for this week's drain looks structurally similar: compromise one operator, wait for it to churn into an active vault, send malformed proofs during keygen or signing, reconstruct the key offline, and sweep in a single transaction. He flagged a deeper concern: AI-driven vulnerability discovery is lowering the bar to compromise one of N validators, and the multi-month windows of safety these systems used to enjoy are getting shorter.

Vladimir S. of Officer's Notes pointed at a specific THORNode patch referenced by researcher banteg, noting that validators may have been signing too little data, which would let a proposer change how THORChain interpreted an observation without invalidating signatures.

The harshest take came from Tay, who wrote that THORChain was running a version of tss-lib roughly three years and two major security releases behind current.

Adam Back, CEO of Blockstream, added context that landed harder coming from him than from most: as one of the few people who actually understood the cryptography of MPC for DSA signatures, his read is that the system is too complex to make work securely. Adaptive cryptography attacks, implementation bugs, and a small pool of qualified reviewers make the surface enormous. And, he noted, the shards are all online in software servers.

The exploit comes against a backdrop THORChain has not been able to shake. The protocol has previously been used as a laundering route for funds tied to the Bybit hack, attributed to North Korea's Lazarus Group, and the KelpDAO incident, where attackers moved nearly $80M in ETH to BTC through THORChain combined with Umbra to obscure the trail.

ZachXBT addressed that history directly in a public response to a now-deleted post, asking whether the person on the other end had just inadvertently confirmed THORChain was centralized "for all of those years while DPRK laundered hundreds of millions while raking in millions of fees with an admin key" held in their possession.

The protocol's official statement says no individual user swaps were affected and that the loss was confined to protocol-owned funds. The investigation continues. Node operators have been asked to audit their infrastructure, key management, and operational security for signs of compromise.

We'll update this story as the post-mortem lands.