The $10.7 million THORChain exploit was caused by a GG20 vulnerability, which allowed a malicious node to reconstruct a full private key to one of its vaults.
THORChain said a malicious node operator exploited a vulnerability in its GG20 threshold signature system to drain about $10.7 million from one of the protocol’s vaults.
The GG20 threshold signature scheme is used to secure THORChain vaults by splitting key control across multiple node operators, meaning no single node normally holds the full private key.
The vulnerability allowed the malicious node operator to reconstruct a full private key for one vault, through “progressive key material leakage,” the protocol said in a post-mortem report released on Wednesday.
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments