Cross-chain DEX ThorChain suffers a multi-million dollar exploit on Chaosnet, offers bounty to hackers to return funds.
ThorChain Suffers Exploit, Network Activity Halted
Popular cross-chain decentralized exchange (DEX) and DeFi protocol ThorChain recently suffered a back whereby around 4000 ETH ($7.6 million) worth of digital assets (ETH/ERC20) were stolen from the protocol by sophisticated hackers.
Soon after the exploit, the ThorChain community got into action where it floated a recovery plan which is already in motion.
Per the recovery plan, ThorChain will release a patch to the targeted attack vector and restart the network. At the same time, it will also block the pending outbounds and restore solvency.
Further, the network will also donate funds back into the ETH pool (presumably from its treasury) to restore the lost funds to ETH LPs.
Finally, once the LPs have had their funds restored, ThorChain will engage security firms to audit its contracts.
It is worthy of note that while the ThorChain team has enough in its treasury to compensate the LPs. If its Telegram posts are anything to go by, it prefers the hackers to return the funds in exchange for a bug bounty.
“While the treasury has the funds to cover the stolen amount, we request the attacker get in contact with the team to discuss return of funds and a bounty commensurate with the discovery,” a Telegram post stated, adding that user funds “will be available when the issue has been patched & the network resumes.”
Bolstering the Security to Avoid Future Exploits
While the ChaosNet exploit is unfortunate, the ThorChain team is not letting the setback affect its productivity.
Erik Voorhees, who recently announced the decentralization of one of the oldest crypto exchanges ShapeShift was one of the several LPs who lost their RUNE due to the exploit.
Voorhees, however, emphasized that ThorChain’s long-term vision of enabling cross-chain decentralized trading with no intermediaries is “worth a great many stumbles.”
Similarly, blockchain cybersecurity company Halborn Security is in the middle of compiling a proposal to the ThorChain community for “Advance Persistent Protection” whereby it is offering a team of 4-6 ethical engineers “working to break every update on ThorChain.”
In related news, BTCManager reported that DeFi and NFT platform Bondly Finance fell victim to an exploit which caused the BONDLY token to plummet more than 60% within three hours of the attack.
Source: Read Full Article