ThorChain’s “Chaosnet” Initially Reports a $25 Million Hack but Revised it to $4.9 Million Upon Investigation

ThorChain, a popular cross-chain decentralized exchange, suffered massive losses but assured its community that it has the means to cover the stolen amount.

Increased Frequency of Attacks

Thorchain’s chaosnet became the latest victim of an attack. The first estimation of losses was at approximately $25 million or 13,000 Ethereum. However, the estimations were subsequently revised to $7.6 million in losses. The final sum was confirmed to be approximately $4.9 million.

In an announcement in its Telegram group, ThorChain first estimated a much bigger loss to its community. It also announced that it has the necessary funds in its treasury to cover the losses from the July 15th exploit. 

Source: ThorChain Announcement Telegram    

The network was immediately halted to prevent further exploitation once the attack became apparent. The thief tricked the ETH Bifrost (a blockchain middleware) using a custom wrapper to read a deposit amount of 200 when it was actually zero. The developers promised to give a proper account in a post mortem blog. 

When a community developer discovered this exploit, nodes were voluntarily halted. Once more than one-third of the nodes are halted, the network stalls giving node operators the ability to take emergency action to protect the network.

Recovery Process

The ThorChain developers took immediate steps to work on a patch and it was released not shortly after. 

Source: A software patch was released within a short span of time after the exploit took place

A series of steps were prepared to ensure that ThorChain can operate without fear of another exploit. First, after the release of the patch, the network will be restarted, and solvency will be restored. 

The developers will donate the funds to the ETH pool from its treasury to restore the stolen funds. The developers will also release an auto-solvency checker as a preventive measure. It also suggested an audit with security firms to identify weaknesses in the protocol.    

Community Reaction

Many users are shocked and alarmed by this exploitation. The developers stepped in to assure their community and the users that there will be no losses from this hack. 

Andre Cronje, the founder of Yearn Finance, wrote in his tweet that innovation leads to exploitation, and that is why we see more exploitations happen in new developing sectors. 

Interchain Liquidity and Fallout

Providing interchain liquidity in a decentralized network is challenging, and ThorChain is charting new territories by being a platform that links various chains. 

Chaosnet is designed to be the battleground to deal with these rough patches. This also means that there is an increased risk as this innovation navigates itself forward. 

The silver lining in this attack is taking comfort in knowing that the node operator can halt the network as a preventive and as a stop-gap measure. An attack is less costly now compared to an attack in the future. 

ThorChain has also requested the attacker get in touch with the team. The attacker could receive a bounty that commensurates with the discovery. 

Halborn Security has submitted a proposal to ThorChain and its community to have Advance Persistent Protection ‘Always-on’. Halborn proposes to have 4-6 security engineers working to break every update to ThorChain.  


Key Takeaways

This exploit will not be the last. Crypto innovation ventures into unchartered territories, and the security risk is higher. What matters most are the precautions to minimize such losses when an exploit takes place and how the developers and its community react to the incident. Trust and support from the community are essential to every project, and accountability by the developers in handling the aftermath is critical.

Source :

Leave a Reply

Your email address will not be published. Required fields are marked *