THORChain has restarted trading and swaps on its network, more than a month after a $10.7 million exploit forced operations to halt. The protocol patched the vulnerability that enabled the theft and has now outlined plans to add support for Zcash (ZEC) and Monero (XMR).
The exploit, which drained $10.7 million from the protocol, was traced to a flaw in the GG20 threshold signature scheme. This mechanism is designed to secure vaults by splitting private key control among multiple node operators. However, the vulnerability allowed a malicious node operator to gradually leak key material and eventually reconstruct a full private key, according to THORChain.
Emergency patch and recovery
THORChain deployed an emergency patch on May 20 to protect the remaining vaults, followed by a full upgrade on June 9 that fixed the exploited vulnerability. A second upgrade on June 11 added stability improvements and fixes to the KeyVerify protocol. With the recovery largely complete, the network has resumed normal operations.
New integrations on the horizon
THORChain plans to launch native swaps and vaults for the privacy-focused cryptocurrency Zcash (ZEC) within the next two weeks, followed by support for Monero (XMR). The protocol also intends to integrate the Bittensor (TAO) token in about six weeks after the network restart. These additions aim to expand THORChain's cross-chain swapping capabilities.