THORChain Resumes Trading After $10.7 Million Exploit

THORChain has resumed all network activities following a $10.7 million exploit that occurred on May 15, 2026. The exploit was attributed to a vulnerability in the GG20 threshold signature scheme, allowing a malicious node operator to reconstruct a private key. After implementing multiple security upgrades and migrating to new vaults, THORChain confirmed the safety of its vaults and completed verification of all node keyshares. The protocol has also announced plans for new integrations, including support for Zcash and Monero. The recovery process took over a month, with trading, signing, swaps, and liquidity provider actions now restored. THORChain is one of the largest cross-chain trading protocols, facilitating swaps between major cryptocurrencies. The incident has drawn scrutiny from blockchain investigators due to the use of THORChain by hackers to move stolen funds.

Key Points: • THORChain resumed trading after a $10.7 million exploit linked to a GG20 signature scheme vulnerability. • The recovery process included multiple security upgrades and vault migrations over a month. • New integrations for Zcash and Monero are planned as part of THORChain's recovery strategy.