THORChain, which has been stolen multiple times, wants to make a comeback after a year of silence?

23-10-18 12:05
Read this article in 13 Minutes
总结 AI summary
View the summary 收起

Table of Contents:

· THORChain Vulnerability Exploitation Incident

· FTX attackers continue to use THORChain.

· THORChain has been actively operating its ecosystem in the past six months.

BlockBeats News, October 18th, decentralized cross-chain trading protocol THORChain announced that its token RUNE has been fully distributed to the protocol and reserves. The Treasury holds only 7 million (2% in circulation) to support the ecosystem. All tokens of OG seeds/teams/investors were unlocked months ago, and all participating venture capitalists have exited.

THORChain Vulnerability Exploitation Incident

THORchain has been seen as a "project that is always being hacked" due to a vulnerability exploit incident.

Related reading: "THORchain's non-custodial lending may be the ace up DeFi's sleeve"
"The essence of THORchain is still a cross-chain of information. Users send assets from the BTC network to THORchain nodes, and after the nodes confirm receipt of the information, they send an equivalent amount of assets to the user on the ETH mainnet. However, if there is a problem in this routing process, it will result in asset loss."

According to SlowMist Zone, on June 29, 2021, the decentralized cross-chain trading protocol THORChain announced that it had discovered a malicious attack against THORChain. THORChain nodes have responded by isolating and defending against the attack. The SlowMist security team intervened immediately and found that this was a "false deposit" attack against the cross-chain system.

Related reading: "Review of Thorchain's "False Recharge" Vulnerability".

On October 28, 2022, cross-chain liquidity protocol THORChain released a statement indicating that it had addressed network interruptions and stopped non-deterministic sources between nodes in the distributed state machine, preventing ledger damage. In an update, it was stated that the consensus issue had been resolved. The code now pushes cosmos.Uint (rather than uint64) into strings, allowing for the retrieval of arbitrarily large integers instead of actual values, which caused memo strings to differ across nodes. Subsequently, it was announced that the protocol had been relaunched and was producing blocks.

On March 28th of this year, decentralized cross-chain trading protocol THORChain released a statement stating that a dependency of THORChain may have a potential vulnerability or impact on THORChain, and trading has been suspended and investigated out of caution. Subsequently, the official stated that the development team and security team have confirmed the credibility of the potential vulnerability report (related to TSS), but no node can currently exploit the vulnerability.

FTX attackers continue to use THORChain

Although the THORChain project has made positive progress in token distribution, ecosystem development, and decentralization, since October, the FTX attacker has continuously exchanged large amounts of ETH for BTC through THORChain cross-chain transactions.

On October 1st, according to Scopescan monitoring data, the FTX attacker with the address starting with 0x3E95 transferred 4750 ETH (7.97 million USD) to the address starting with 0xcd82. After a series of transfers, the funds ultimately ended up in THORChain. The data was reported by Scopescan.

On October 4th, according to PeckShieldAlert monitored by Paiduin, the FTX attacker transferred 5625 ETH (approximately $9.28 million) to the BTC network via ThorChain bridge about 2 hours ago.

On October 5th, according to on-chain analyst Yu Jin's monitoring, the FTX attacker transferred 15,000 ETH (approximately $24.75 million) and exchanged it for BTC through THORChain. Since September 30th, the FTX attacker has transferred a total of 60,000 ETH (approximately $99 million) through four addresses, and currently holds 125,735 ETH (approximately $207 million) through nine addresses on the Ethereum mainnet.

Regarding this, THORSwap, a cross-chain DEX aggregator based on THORChain, announced on its social media platform on October 6th that the team has decided to temporarily switch the protocol to maintenance mode. The team further stated that maintenance mode has actually suspended trading operations. However, services such as lending, borrowing, and staking are still in operation.

However, on October 7th, according to Lookonchain's monitoring, the FTX attacker once again deposited 1247 ETH (approximately $2.05 million) into THORChain.

THORChain has been actively operating its ecosystem in the past six months

In the past six months, THORChain has launched several new projects. It has now been announced that all participating venture capitalists have exited, or implied that THORChain has achieved a greater degree of decentralization.

On July 27th, THORChain announced the launch of Streaming Swaps, which allows users to split bulk trades into sub-trades to obtain better execution prices. Users can choose between time optimization or price optimization. The announcement was reported by The Block Beats.

On August 21st, the official announcement stated that the THORChain lending protocol has gone live. The team mentioned that the new protocol may have some bugs and vulnerabilities, which may require the chain to pause, stop, or be fixed. The new protocol will add a mechanism for destroying RUNE, which will promote deflation of RUNE.

THORChain Lending is a project that took over a year to design in the encryption industry. The official claim of this lending protocol is "interest-free, non-forced liquidation, and no maturity date."

Related reading: "THORChain New Lending Protocol (Lending) Official Interpretation".
"THORChain uses Layer 1 assets as collateral to issue USD-denominated debt, with collateral as equity holdings. The more collateral relative to the pool depth, the higher the collateral ratio. The higher the collateral ratio, the safer the system. Without liquidation or interest, users have no incentive to repay the loan, which increases the equity value of the protocol. By removing RUNE loans from the pool, THORChain can increase its total locked value (TVL), enhance liquidity and security."

Yilan from LD Capital discovered the shadow of Terra LUNA after delving into this new lending module, but also pointed out that there would be no systemic risk similar to Terra LUNA under the mechanism of Thorchain Lending.

Related reading: "THORChain lending: revealing the shadow of Terra LUNA".
"Specifically, if a user over-collateralizes 200% of collateral to borrow 50% of the required asset, the other 50% will be minted based on the exchange rate of RUNE collateral upon redemption. This step is essentially similar to LUNA, but under the mechanism of Thorchain Lending, due to the fact that only 50% of the Rune back is available and the product capacity is smaller, the overall risk is relatively small and will not generate systemic risks similar to Terra LUNA. This risk is isolated, and even if a negative spiral occurs, it will not affect other functions of Thorchain."

On September 21st, according to the official announcement, the decentralized cross-chain trading protocol THORChain will support BNB Smart Chain (BSC). BNB and BEP-20 assets are now available for all users to provide liquidity and swap.

欢迎加入律动 BlockBeats 官方社群:

Telegram 订阅群:

Telegram 交流群:

Twitter 官方账号:

举报 Correction/Report
Choose Library
Add Library
Add Library
Visible to myself only