Cross-chain liquidity protocol THORChain has paused its network due to new claims of a potential network vulnerability.
THORChain took to Twitter on March 28 to announce it has halted all trading amid reports of a potential vulnerability with a THORChain dependency that may affect the network. The decision was taken as a precautionary measure while the reports are verified, THORChain said.
The announcement came soon after social media reports indicated THORChain’s liquidity platform Nine Realms and the dedicated security team THORSec received “credible reports” of a potential vulnerability affecting THORChain. The THORChain network has reportedly been subsequently halted globally.
**THORChain Globally Halted**@ninerealms_cap and THORSec have received credible reports of a potential vulnerability affecting @THORChain. Out of an abundance of caution, steps have been taken to halt THORChain globally.
— Pluto (9R) ⚡️ (@Pluto9r) March 28, 2023
Stand by for more information.
“Network preemptively paused by NO’s to investigate the report; updates will follow,” Nine Realms tweeted.
Amid the news, THORChain’s native token Rune (RUNE) has tumbled about 5%, according to data from CoinGecko. At the time of writing, the token is trading at $1.32, down 18% over the past 30 days.
Founded in 2018, THORChain is a decentralized cross-chain liquidity protocol that allows users to swap assets between different blockchain networks without using centralized exchanges. THORChain’s settlement layer currently offers swaps between eight chains, including Bitcoin, Ethereum, BNB Chain, Avalanche, Cosmos, Dogecoin, Litecoin and Bitcoin Cash.
Related: DeFi exploits and access control hacks cost crypto investors billions in 2022: Report
The latest halt on THORChain’s network is not the first. The network was paused in October 2022 due to a software bug causing “non-determinism between individual nodes.” The network resumed and became fully functional after 20 hours of maintenance.
In 2021, THORChain also halted its network after the protocol suffered a breach, with hackers stealing $7.6 million in crypto assets.
Magazine: Unstablecoins: Depegging, bank runs and other risks loom
In about eight hours after the initial announcement, THORChain reposted a halt update on Twitter, indicating that developers and the security team have managed to identify the disclosure as credible. “However, it would require a malicious node in the last churn,” the update said, adding that that THORChain has resumed trading because “no nodes can exploit the current vulnerability.”
We can confidently assume, then, that no nodes can exploit the current vulnerability and as such the network (trading) has been unhalted. LP actions are resumed. Churn will remain halted pending a coordinated root cause fix.
— Pluto (9R) ⚡️ (@Pluto9r) March 28, 2023
Standby for more details.