THORChain’s Recovery Phase
In a crucial development for THORChain, the protocol is embarking on a pivotal phase of recovery following a significant security breach on May 15, which resulted in the loss of approximately $10.7 million from one of its vaults. This incident involved a vulnerability in the GG20 threshold signature system, exploited by a recently added node, while four other vaults remained secure.
Software Update and Security Enhancements
To address this situation, THORChain has introduced version 3.19.0 of its software, which includes critical security updates and a loss-recovery strategy known as ADR-028.
The latest version aims to enhance security measures by implementing a feature designed to quarantine compromised vaults. According to THORChain, this new setting will prevent the affected vault from conducting transactions, yet will allow it to remain visible to the network, thus preserving transparency in operations.
Validator Approval and Governance Plan
In their sixth incident update, THORChain emphasized the necessity for validators to review and approve this upgrade before it can be deployed across the network. This approval marks the first step in what they describe as a structured approach to restore normal operations.
Once the validators give their consent for the upgrade, they will proceed to validate the migration of data related to ADR-028. This governance plan, previously accepted by validators, utilizes protocol-controlled liquidity to mitigate financial losses, ensuring that those impacted by the exploit are compensated without diluting the holdings of existing RUNE owners. Future revenues generated post-relaunch will be directed towards rebuilding this protocol liquidity.
Integrity Checks and Validator Operations
Additionally, a temporary process known as keyverify will be initiated to ensure the integrity of keyshares, which are essential for validators to sign transactions safely without any single operator holding complete access. Once the integrity checks are completed successfully, validator operations will resume, leading to an asset churn that refreshes the validator set and transfers funds into newly established vaults.
Phased Recovery Approach
THORChain’s phased approach for recovery includes the restoration of secured and traded assets first, followed by liquidity provider activities, culminating in a relaunch of trading. This gradual reintroduction will ensure that each step is validated and that the network operates securely post-attack.
Bounty and Penalties
Furthermore, as part of the protocol’s response to the hack, a bounty has been established for the attacker, while full penalties will be imposed on the implicated node, safeguarding innocent nodes that may have inadvertently interacted with the affected vault. THORChain’s automated solvency checks played a vital role in detecting the imbalance quickly, halting signing operations within minutes to prevent further losses.
Conclusion
In summary, THORChain is making significant strides in its recovery efforts, with its validator community key to the approval of critical upgrades that will help reaffirm the platform’s stability and security going forward.
