THORChain Says $10 Million Hack Was Caused by Malicious Node Exploiting Flaw
Summary
- THORChain (RUNE) said a malicious node operator exploited a vulnerability in the GG20 threshold-signature scheme, resulting in a $10 million hack.
- THORChain said its automated security system was triggered within minutes, preventing further outflows, and that it applied an emergency patch after halting network transactions and signing.
- THORChain said it is discussing, through a governance vote, a plan to cover losses using protocol liquidity without issuing new tokens, and it also proposed paying the hacker a bounty if the stolen funds are returned.
Forecast Trend Report by Period
THORChain said a recent $10 million hack was caused by a malicious node operator exploiting a vulnerability.
Cointelegraph reported on May 22 that, in a post-incident report, THORChain said the operator exploited a flaw in the GG20 threshold-signature scheme to reconstruct the private key for one of the protocol's vaults. GG20 distributes key control across multiple node operators so that no single node holds the full private key.
THORChain said a vulnerability in the threshold-signature system allowed the attacker to reconstruct the full private key.
Its automated security system was triggered within minutes and prevented further outflows, the protocol added. THORChain then halted network transactions and signing before applying an emergency patch.
The community is now conducting a governance vote on recovery measures. THORChain said it is considering a plan to absorb the losses using protocol liquidity without issuing new tokens.
The project also offered the hacker a bounty in exchange for returning the stolen funds.
Uk Jin
wook9629@bloomingbit.ioH3LLO, World! I am Uk Jin.
