As a researcher following THORChain, I’m seeing positive steps toward recovery after the recent $10.7 million exploit. The team has released version 3.19.0 for testing, and they’ve also opened a bug bounty program to further strengthen security. Interestingly, they’ve decided to make the ‘tss-lib’ code closed source as part of these improvements.
Nodes have already upgraded. The patch is deployed. What comes next is the harder part.
On May 27th, THORChain released its fifth update on the recent $10.7 million exploit. They confirmed they’re making progress towards safely restoring the network, emphasizing that security and stability are their top priorities, even if it means taking more time.
v3.18.1 Is Live. The Real Test Hasn’t Started Yet.
THORChain announced on X that node operators have completed an upgrade to version 3.18.1. This update fixes issues with Rujira Network’s accounts, restoring their ability to borrow and repay funds which had been unavailable since a recent incident.
As an analyst, I’m following the situation closely, and I can confirm that governance proposal ADR028 has passed. This officially activates the recovery bounty program, giving the hacker an opportunity to return some of the stolen funds. The proposal outlines that any remaining shortfall will be covered using funds from the protocol’s own liquidity reserves.
No dilution. No emergency minting. The figures are still being worked out.
Stagenet First, Mainnet When Ready. Not Before.
The upcoming version, 3.19.0, is expected to fully restore swap functionality. Developers are currently making final code adjustments before releasing it. Testing on the Stagenet is planned for the end of May 28th, but the team hasn’t committed to a specific date for the mainnet launch.
Once the new version is proven reliable, all node operators will need to update their systems promptly. The protocol emphasizes that a fast upgrade is crucial, and the time between confirmation and full implementation should be short.
According to X user @fincontrarian, the developers and THORSec team are meticulously patching, testing, and auditing their system every step of the way – they aren’t taking shortcuts. The account highlighted this as a sign of true resilience in the crypto world, noting that most projects don’t bounce back from incidents of this magnitude.
tss-lib Goes Dark. On Purpose.
A significant action occurred when THORSec made the core cryptographic library used in the GG20 vulnerability, tss-lib, temporarily unavailable. The library’s code has been made private to allow for a thorough security review and fixes, a process anticipated to take several weeks.
The reasoning is simple: keeping the fix-it process visible while it’s happening could create more problems. Once the issue is resolved, access will be restored. The team explained this was a planned, short-term step, and doesn’t change their commitment to open source.
The main plan is still in place. We anticipate further information as testing of version 3.19.0 continues. The big unknown is whether the hacker will respond to the reward offer, and if so, how quickly.
Read More
- Silver Rate Forecast
- Brent Oil Forecast
- USD CNY PREDICTION
- ETH PREDICTION. ETH cryptocurrency
- CNY JPY PREDICTION
- USD VND PREDICTION
- EUR USD PREDICTION
- Gold Rate Forecast
- DOGE PREDICTION. DOGE cryptocurrency
- FIL PREDICTION. FIL cryptocurrency
2026-05-27 21:31