An update on the THORChain exploit affecting one Asgard Vault, recent dev findings, and the expected impact on Rujira.
Key points:
An update on the THORChain exploit affecting one Asgard Vault, recent dev findings, and the expected impact on Rujira.
Key points:
A recent livestream from the THORChain devs reported the exploit link to a GG20 bug and one malicious node. Investigations continue with relevant agencies to identify the attacker.
In the coming days the devs will determine the security path forward and a community/nodes vote will decide how lost funds are handled.
Multiple node operators executed a pause; block production has resumed and native transfers are expected to follow. The pause will remain until the chosen fix (patching GG20 or moving to DKLS) is implemented.
Patching is faster but carries a small risk of incomplete coverage; DKLS is considered a cleaner, more secure option and was already on the roadmap.
What this means for Rujira users:
Assets deposited as Secured Assets are stored in Asgard Vaults without clear buckets, so on paper losses would be shared across PoL, LPs, Trade Assets, and Secured Assets.
Roughly 1/5th of the Secured Assets TVL (~$1M) is exposed, with nearly half of that in BTC from the THORChain treasury.
Current path being discussed is using Protocol Owned Liquidity to compensate Trade and Secured Assets so users are made whole.
This implies Secured Assets on Rujira are expected to retain full value and be withdrawable once Base Layer trading resumes.
Regarding bRUNE: the contract has been bonding RUNE to whitelisted Nodes. The malicious Node was not whitelisted and had no bRUNE bonded, though other Nodes in the compromised Asgard Vault do have bRUNE.
If Nodes can agree and vote on the malicious Node, that Node’s RUNE could be fully slashed and partially used to cover the loss, with the remaining Nodes in the compromised vault refunded. This would keep RUNE bonded via bRUNE safe.
Rujira will assist THORChain where possible and continue participating in discussions around accounting for the lost funds.
Development efforts and product improvements will continue, maintaining commitment to a fair, decentralized financial system.
Updates will be provided as more information about the exploit and next steps becomes available, including when native asset transfers and Rujira activity resume.