A flaw in THORChain's cryptographic signing infrastructure allowed an attacker to drain approximately $10.8 million from a protocol vault across four blockchains, the project confirmed on May 16, 2026. The exploit — initiated on May 11 but not publicly detected and reported until May 15, when ZachXBT's on-chain analysis and CoinDesk's coverage surfaced the drain — exposed a structural weakness in the GG20 threshold signature scheme (TSS) that underpins how THORChain controls cross-chain vault custody.
What actually happened
THORChain's Asgard vaults hold native assets on each supported chain. To authorize outbound transactions, multiple nodes must cooperate using a threshold signature scheme — a form of multi-party computation that produces a valid signature without any single party holding the full private key. THORChain uses GG20, a TSS protocol implemented on a fork of Binance's tss-lib.
The attack did not exploit a smart contract bug or forge a bridge message. According to a PeckShield post-mortem cited by THORChain, a vulnerability in the GG20 implementation allowed an attacker to gradually extract private key material from the vault. Preliminary on-chain analysis — corroborated by connections between node bonding addresses and wallets receiving stolen funds — points to a recently churned node as the vector. The attacker bonded RUNE, joined the network as a validator, and used the GG20 flaw to leak key shares over time. Once enough material was reconstructed, unauthorized outbound transactions were executed across Bitcoin, Ethereum, BNB Chain, and Base.
The drain hit 36.75 BTC (approximately $3 million) and roughly $7 million in tokens across the other three chains, totaling $10.7–10.8 million in protocol-owned assets. Blockchain.news reported the breach affected 12,847 wallets. Node operators detected the drain and paused trading and outbound signing within eight minutes, limiting further losses.
The churning problem
"Churning" is THORChain's scheduled rotation of its active validator set. Nodes regularly leave and join the signing group; when a node exits, new vault key material is generated with the updated set. The mechanism exists to prevent any single validator cohort from holding keys indefinitely. The problem is that each churn cycle introduces new participants whose GG20 implementations are trusted to behave honestly. A malicious or compromised incoming node that can exploit a flaw in the key generation protocol — such as CVE-2023-33241 or TSSHOCK, two previously disclosed bugs in GG20 — gains a foothold that persists until the next churn. Ledger's CTO has publicly flagged systemic MPC risks of this type.
This is not a theoretical concern. The attack began May 11, and the network did not detect unauthorized outflows until May 15 — a four-day window during which the attacker operated without interruption.
The compensation portal
THORChain launched a recovery portal on May 16, backed by a $10 million treasury-funded refund pool. Affected users can check their compensation amount and submit claims through June 4, 2026. Unclaimed funds after the deadline roll into the protocol's insurance fund. THORChain said its treasury is coordinating with on-chain analytics firm Outrider Analytics and law enforcement to pursue the attacker.
As of May 16, RUNE traded at $0.4382 — down roughly 11–13% from levels before the exploit. By May 18, the token had partially recovered, adding 3.8% over the prior 24 hours, per the brief. The May 16 market cap stood at approximately $157 million, according to blockchain.news.
A pattern, not an incident
This is not THORChain's first serious security failure. The protocol suffered at least four major incidents since 2021: two exploits in mid-2021 (each blamed on smart contract bugs), a re-entrancy attack in 2022, and now this TSS key leak. Each incident prompted a post-mortem, a compensation mechanism, and assurances of improved security. The current exploit is different in kind — it targets the cryptographic layer, not application logic — which raises a harder question than "was the code audited."
The GG20 protocol has known, publicly documented vulnerabilities. THORChain's use of a Binance tss-lib fork means improvements in the upstream MPC research (the successor protocol CGGMP21/cggmp24 addresses several GG20 weaknesses) are not automatically inherited. For a protocol whose security model depends on distributed key management working correctly at every churn, using a TSS scheme with two published critical CVEs is a structural posture, not a one-time oversight.
Four incidents in five years is not a run of bad luck. It is evidence about the difficulty of running threshold-signature vault custody at production scale with open validator sets. Whether that difficulty is solvable within THORChain's current architecture — or whether it is an inherent property of GG20-based TSS with permissionless node entry — is the question the protocol's treasury and community now have to answer.
Sources: blockchain.news (Timothy Morano, May 16, 2026); MEXC/blockchain.news compensation portal report (May 16, 2026); CoinDesk exploit report (May 15, 2026); PeckShield post-mortem (cited by THORChain); ZachXBT on-chain analysis; Ledger CTO public commentary on MPC systemic risk; THORChain Foundation X post (May 16, 2026).