THORChain Patches Its Way Back: Security Wins Over Speed

THORChain moves toward safe reactivation after a $10.7M exploit, with v3.19.0 staging tests, a bounty window open, and tss-lib now closed source.

Nodes have already upgraded. The patch is deployed. What comes next is the harder part.

THORChain published Incident Update #5 on May 27, confirming progress on a safe network return following the $10.7 million exploit that hit the protocol earlier this month. The team says security and stability come before any timeline.

v3.18.1 Is Live. The Real Test Hasn’t Started Yet.

According to @THORChain on X, node operators have upgraded to v3.18.1, a release that restores @RujiraNetwork’s credit account functions, specifically the borrow and repay capabilities that had been offline since the incident.

ADR028, the governance vote that formally activated the recovery bounty mechanism, passed at the node level. The hacker now has an open window to return a portion of the drained funds. Under the proposal, the protocol absorbs the remaining shortfall through Protocol Owned Liquidity.

No dilution. No emergency minting. The figures are still being worked out.

Stagenet First, Mainnet When Ready. Not Before.

The next version, v3.19.0, is where full swap activity could return. Additional code changes are being folded in before release. Stagenet testing is targeted for end of day May 28, though the team stopped short of locking in a hard timeline for mainnet.

Once that version is confirmed stable, all node operators will be expected to upgrade quickly. Speed at that stage, the protocol made clear, matters. The window between confirmation and mainnet adoption should be narrow.

Independent observer @fincontrarian on X put it plainly: devs and THORSec are patching, testing, and auditing at every step, not cutting corners. “This is what real resilience looks like in crypto,” the account wrote, pointing to the fact that most protocols never recover from events of this scale.

tss-lib Goes Dark. On Purpose.

One move drew attention. THORSec temporarily closed tss-lib, the core cryptographic library at the center of the GG20 vulnerability. The repository goes private while a full audit and remediation cycle runs, expected to last a few weeks.

The logic is straightforward enough. Leaving the remediation process exposed while it is still underway creates additional risk. Once secured, the repository reopens. The team framed it as a deliberate and temporary measure, not a retreat from open source principles.

The protocol’s broader position holds. More updates are expected as v3.19.0 testing progresses. How fast the hacker responds to the bounty window, if at all, remains the open question nobody has an answer to.

The post THORChain Patches Its Way Back: Security Wins Over Speed appeared first on Live Bitcoin News.