DeFi’s spectacular growth continues to bring limitless opportunities and financial perils to cryptocurrency users. Exploits and hacks have been very common in this fast-growing segment.
As THORChain has suffered its second security breach in less than a month, questions regarding the decentralized nature of this decentralized finance project were raised for the millionth time. The attackers reportedly siphoned off $7.6 million or more in crypto-assets. The official numbers are still disputed.
It is important to note that this DeFi protocol is built for the purpose of trading cryptocurrency assets like Bitcoin [BTC] and Ether [ETH], across various blockchains. However, there is no use of third party or a middleman. Instead, it uses the native token, RUNE, in every trade. Meaning, users will have to swap to RUNE to go from one asset to another.
For example, if a user wants to go from Ether to Bitcoin, he would have to swap Ether for RUNE, then RUNE for Bitcoin. Its “chaosnet” is essentially a cross-chain decentralized exchange. This extra step is what ensures decentralization and the elimination of a central figure. But apart from that, is there really a centralized figure missing in the whole functioning of the protocol? Maybe not.
Is THORChain truly decentralized?
What caught the attention of many is that how it was simple for the decentralized project to have a leadership halting chain activities.
What happened to @THORChain was horrible, but this is what decentralized leadership in action looks like
halting the chain, open/clear communication to the community, and ensuring LP's that were impacted are taken care of
This is leadership in action through tough times. https://t.co/neqjF5VkVh
— Boz 🛡️ (@boz_menzalji) July 15, 2021
As the developers investigated the exploit, the protocol remained halted. Many in the community were quick to question the level of meaningful decentralization on the protocol.
Despite these debates, THORChain responded,
“When a centralised exchange is hacked, users don’t find out months later until their withdrawals are blocked or delayed. When THORChain suffers insolvency, everyone immediately knows. Which do you prefer?”
Earlier in June this year, THORChain was first targeted by malicious entities during the Chaosnet deployment. The attackers had reportedly drained $140k.
Following the latest breach, the decentralized exchange stated that the liquidity providers and nodes will not be unaffected after the funds have been recovered and restored, and also added that this event is likelt to make “the network stronger and more resilient.”
Road to recovery
After the vulnerability was identified, THORchain’s developers have already put out a fix and are urging node operators to update their software. Since then, its native token RUNE used for swapping assets shed more than 20% of its value in less than 24-hours.
Soon after which, dev Andre Cronje tweeted,
“Innovation leads to exploitation. Its why hardened protocols often stop innovating, very little upside to increase risk by innovating. Its why we also see more exploits in new developing sectors.”