A rogue node drained $10.7 million from a single THORChain vault on May 15. Eight days later, the protocol is still offline, and a governance vote is now deciding what comes next.
The proposal on the table is ADR-028, authored by Aaluxx Myth, a core contributor to the recovery effort. Node operators are voting on whether to give developers the green light to build out version 3.19, the update that would allow the network to restart.
The Vote That Keeps RUNE Holders Whole
The recovery math in ADR-028 works in layers. Protocol-Owned Liquidity takes the first hit, dropping to zero. Whatever remains after POL is exhausted gets spread across synth holders by reducing synth supply proportionally. Regular RUNE holders, TCY holders, and Secured Asset users are not touched.
No new RUNE gets minted. No RUNE gets sold into the market. Circulating supply stays where it is.
That was a deliberate design choice. Aaluxx Myth wrote in the ADR that protecting the internal economy and maintaining TVL required keeping RUNE issuance flat, regardless of the size of the loss. Cross-chain DeFi users holding positions on THORChain should note that trade assets and arb positions are unaffected under the current plan.
To rebuild POL over time, 7.5% of system income gets redirected until the reserve recovers. Based on current projections from the ADR, that puts full recovery somewhere between 18 months and three years depending on network performance.
One Vault Down. Four Others Still Standing.
The exploit touched only one of five Asgard vaults. Aaluxx Myth pointed to this directly in the ADR as evidence that the sharded vault design absorbed the attack. A single-vault design, which some in the community have proposed before for efficiency reasons, would have made the entire protocol’s liquidity a single target.
Patch v3.18.1 went live shortly after the attack, stopping immediate risk to the remaining four vaults. Version 3.19 is the next milestone. Trading, liquidity actions, and signing stay offline until v3.19 is deployed, the vulnerability patched, and a successful churn completed.
“Trading resumes only after the vulnerability is patched and a successful churn has occurred.”
The attacker’s node will be slashed in full. Innocent nodes that happened to be assigned to the compromised vault are explicitly protected under the ADR. Any RUNE recovered from the attacker’s slashed bond gets paired with recovered assets from the affected vault, and surplus RUNE gets burned.
The Bounty With No Enforcement Teeth
THORChain is offering the attacker a 10% bounty to return the remaining 90%. If partial funds come back, the recovery plan scales down proportionally. It is a clean mechanism on paper.
The community is not entirely convinced it holds. ThinkWhysly, posting on X under the handle @whys1, raised a pointed concern about it directly in the ADR thread:
“Consider removing the attacker section. Since the bounty has no enforcement mechanism behind it, it may be cleaner to keep it out of a binding ADR and handle recovery off-protocol through forensics and law enforcement.”
That criticism gets at something the mainstream coverage has largely skipped. The bounty offer is not backed by any on-chain enforcement. Whether the attacker returns anything depends entirely on their willingness to do so. THORChain confirmed the protocol remains neutral and permissionless, meaning the attacker’s swaps will not be censored once trading resumes. That is consistent with the protocol’s existing design principles, but it also means there is no on-chain pressure mechanism attached to the offer.
ThinkWhysly also flagged that the ADR rebuilds POL but does not fund anything against recurrence. The current text does not allocate system income toward a standing audit retainer or an adversarial review program for the TSS layer.
A Security Culture Shift, Not Just a Patch
The final section of the ADR says the release cadence outran security review. Aaluxx Myth called for a slower, more security-conscious process going forward and noted that discussions about replacing GG20 with DKLS or another cryptographic primitive should happen after the network is back online, not before.
For background on the cryptographic flaw that made the exploit possible, our earlier report covers the GG20 vulnerability in detail and what it could mean for other protocols using the same signing scheme.
THORSec, the protocol’s internal security team, has two active researchers. Aaluxx Myth wrote the door is open for anyone with relevant security skills to join.
A yes vote on ADR-028 does not finalize every number in the plan. It signals to developers that the direction is correct and allows them to begin coding v3.19. Parameters can still be adjusted later through Mimir. The binding consensus on the precise implementation comes when node operators accept or reject the actual v3.19 code.
