- THORChain, the decentralized liquidity protocol, suffered a breach, in which hackers removed 4,000 ETH.
- The hack only targeted Ethereum liquidity users, and all funds have since been restored through the treasury.
- This is the second time a hack has been orchestrated since the ChaosNet was deployed.
DeFi protocols are the most popular blockchain products currently being utilized by traders, with the TVL on DeFi Protocols amounting to $54.96 billion at the time of writing. The swift expansion of a space that is actively developing and maturing inevitably draws scammers and hackers. Both new and established protocols are susceptible to digital threats as hackers see high financial incentives, with a new story of such events coming out every other week. THORChain is the latest protocol to have caught the spotlight after a hacker drained the ETH liquidity pool of 4,000 ETH tokens.
Chaos on ChaosNet
THORChain experienced its second security breach since releasing their ChaosNet in April. Initial records indicate that 13,000 ETH was stolen from the protocol, before the number was later amended to 4,000 ETH in total. Aside from the 2,500 ETH, the attacker also withdrew AAVE, SUSHI, and YFI, among other tokens.
One report found that the attacker managed to exploit a bug in the ETH bifrost. In short, the attacker paid huge slippage fees, approximately “$1.4 million in fees captured by nodes,” and managed to trick the system into using a custom wrapper token. The system detected a deposit value of 200, when in truth it was 0.
THORChain experienced a previous hack back in June in which one attacker managed to dupe the protocol out of $140,000. However, as THOR.Chain.BULL states, in the aftermath of the current attack, $6.8 million was saved from the queue.
The developers have since released a series of patches and fixes “artificially isolating” the ETH chain, as well as using treasury funds to replace the lost funds, further claiming that “refunds will be made whole in the coming weeks.” In a Telegram statement, the developers have requested that the attacker return the stolen funds in exchange for “a bounty commensurate with the discovery.”
On The Flipside
They Handled It with Care
Unlike the in-house rules of centralized governance, the transparency of blockchain makes all information readily available to everyone. As an unfortunate result, this makes exploits in young technologies possible, as stated by THORChain in a Twitter thread. They go on to use an example from Bitcoin, where a hack found in the code allowed Satoshi Nakamoto to fix the issue through a forum thread.
THORChain argues that their resolution process was similar. However, centralization concerns have arisen each time blockchain protocols are required to deploy bug fixes and prevent future losses.
The network has applied additional damage control exposure through its social media channels. In truth, their claims of transparency are well-founded, as shown in their tweet:
"When a centralised exchange is hacked, users don't find out months later until their withdrawals are blocked or delayed. When THORChain suffers insolvency, everyone immediately knows."
As claimed by Chris Blec, founder of DeFi Watch, in a tweet, THORChain’s “guarded launch approach,” placing caps on their liquidity pools, had prevented the company from incurring additional losses. Still, ShapeShift’s CEO, lamented that he “lost a bunch” of RUNE; he believes it is “worth it” though, as small malfunctions lead to a more stable and secure ecosystem.