Cryip
  • Home
  • News
  • Research & Analysis
  • Reviews & Comparisons
  • Learn Crypto
  • Features
  • Events
No Result
View All Result
Cryip
  • Home
  • News
  • Research & Analysis
  • Reviews & Comparisons
  • Learn Crypto
  • Features
  • Events
No Result
View All Result
Cryip
No Result
View All Result
Home News Security & Hacks

Security Researcher V12 Accuses THORChain of Silent Fix on Critical Vulnerability, Sparking Bounty Program Controversy

THORChain faces criticism after security researcher V12 alleged the protocol silently fixed a major vulnerability while refusing bounty compensation and public acknowledgment.

Saravana Kumar Mahendran by Saravana Kumar Mahendran
June 2, 2026
in Security & Hacks
0 0
Security Researcher V12 Accuses

Created By Cryip

Share on FacebookShare on Twitter
MakeCryipCryippreferred onGoogle

V12 Security has ignited a sharp controversy in the DeFi space by accusing THORChain of silently fixing a major loss of funds vulnerability that the firm had responsibly disclosed in late April, while offering neither credit nor any bounty reward.

The accusation, detailed in posts on X and supported by shared chat screenshots and a public proof of concept repository, highlights ongoing challenges around bug bounty programs in decentralized protocols, especially amid rising AI generated spam submissions.

We reported a critical loss of funds bug to @Thorchain (32M TVL, 150M FDV)

They silently patched it and told us their bug bounty program is permanently retired.

We have more Thorchain chain halt DoS vulns. We intend to release them (open disclosure) in the coming few days pic.twitter.com/R2jyej5Pnh

— V12 (@v12sec) June 1, 2026

The Disclosed Vulnerability

On April 28, V12 says it reached out to the THORChain team with details of a critical flaw in the protocol’s attestation and finality mechanism. According to the researcher, a single malicious validator acting as a CometBFT block proposer could forge unsigned finality data, bypassing confirmation requirements and triggering premature outbound fund releases before source chain deposits were fully verified.

This issue reportedly impacted every external chain connected to THORChain and could be exploited during routine validator proposer rotations. V12 provided a detailed report, patch suggestion, and working proof of concept.

Link to May Exploit and Patch Timeline

The disclosure came just weeks before THORChain suffered a real world 10.7 million dollar exploit on May 15, when attackers drained funds from one of its Asgard vaults across multiple chains including Bitcoin, Ethereum, BSC, and Base.

Related Story

Airbnb CEO Brian Chesky Confirms X Account Hack After Fake Crypto Thread

Airbnb CEO Brian Chesky Confirms X Account Hack After Fake Crypto Thread

July 17, 2026
Summer.fi to Wind Down After $6.04 Million Vault Exploit

Summer.fi to Wind Down After $6.04 Million Vault Exploit

July 16, 2026

THORChain developers merged a related patch titled “sign full ObservedTx wrapper to prevent proposer forgery” on May 6. However, the fix reportedly failed automated testing and was not deployed in time, contributing to the successful attack. The protocol maintains that the bug reported by V12 is unrelated to the May 15 incident.

Bug Bounty Dispute Intensifies

When V12 followed up regarding compensation, a THORChain representative allegedly informed them that the protocol’s bug bounty program had been permanently retired. THORChain has confirmed the program was closed prior to V12’s submission due to an overwhelming number of low quality, AI generated reports. The decision was publicly documented in the project’s GitLab repository.

This marks another chapter in THORChain’s bumpy history with security disclosures. The protocol previously ran a 500,000 dollar bug bounty on Immunefi after earlier exploits but moved away from the platform amid past controversies.

Broader Context and THORChain’s Security Track Record

THORChain, which facilitates native cross chain swaps and currently holds around 30 million dollars in TVL, has faced repeated security incidents since its early days. The May 15 exploit led to a network wide halt lasting approximately 13 hours, with no direct impact on individual user swaps. The team has since released patches and opened community governance discussions (ADR 028) on fund recovery through Protocol Owned Liquidity without minting new RUNE tokens.

RUNE token reacted sharply to the May exploit, dropping as much as 15 percent in a single day and trading near 0.49 dollars recently, reflecting lingering investor concerns.

Upcoming Disclosures and Community Reaction

V12 has already published one proof of concept repository and warns it holds additional chain halt denial of service vulnerabilities affecting THORChain, which it plans to open source in the coming days. The firm criticized the overall code quality of the protocol.

The incident has divided the crypto security community. While some defend THORChain’s decision to curb low effort submissions, others including on chain investigators have pointed to persistent weaknesses in the protocol’s validator and signature systems.

What’s Next?

As THORChain works on recovery proposals and further hardening its infrastructure, this episode underscores the delicate balance between encouraging responsible disclosure and managing operational realities in public bug bounty programs. The DeFi space continues to grapple with sophisticated attacks and the sustainability of security incentives.

THORChain has not issued a full public response to V12’s latest claims beyond confirming the bounty program status.

Disclaimer: Cryip is an independent media and research outlet providing news, data, and analysis on the cryptocurrency industry. Content is for informational and research purposes only and does not constitute financial, legal, tax, or investment advice. Cryptocurrency markets are volatile and past performance is not indicative of future results. References to specific assets, platforms, or incidents are for journalistic purposes only and do not imply endorsement, and readers assume full responsibility for their decisions.
Tags: Crypto HacksTHORChain

Related Posts

Airbnb CEO Brian Chesky Confirms X Account Hack After Fake Crypto Thread
Security & Hacks

Airbnb CEO Brian Chesky Confirms X Account Hack After Fake Crypto Thread

by Saravana Kumar Mahendran
July 17, 2026

Airbnb co-founder and CEO Brian Chesky has confirmed that his X account was hacked after unauthorized posts presenting a positive...

Read moreDetails
Summer.fi to Wind Down After $6.04 Million Vault Exploit

Summer.fi to Wind Down After $6.04 Million Vault Exploit

July 16, 2026
Ostium Keeps Trading Paused After $18 Million Oracle Exploit

Ostium Keeps Trading Paused After $18 Million Oracle Exploit

July 16, 2026
Cascade CLS Vault Incident Triggers Trading and Withdrawal Freeze

Polychain Backed Cascade CLS Vault Exploit Drains $1.34M in USDC

July 16, 2026
LayerZero-Linked Executor Wallets Suspected of Losing $2.4 Million Across Multiple Chains

LayerZero-Linked Executor Wallets Suspected of Losing $2.4 Million Across Multiple Chains

July 15, 2026 - Updated on July 16, 2026
Hacked SpaceXAI and Starlink Accounts Promote SCATMAN Token Before 73.7 ETH Sales

Hacked SpaceXAI and Starlink Accounts Promote SCATMAN Token Before 73.7 ETH Sales

July 13, 2026
Suspected Hedera DeFi Hack Moves $5.8 Million to Ethereum

Bonzo Lend Oracle Exploit Triggers Cross-Chain Fund Transfers on Hedera

July 11, 2026
Next Post
Kelp DAO Exploit

Kelp DAO Exploit Aftermath: Hacker Launders $220 Million in Record Time, Recovery Hopes Nearly Vanish

Solo Bitcoin Miner Wins Block 951771

Solo Bitcoin Miner Wins Block 951771, Earns Around $232,000 Reward With Home Mining Setup

Recommended

  • All
  • News
Venezuela’s USDT Trading Volume Reaches $1.39 Billion, Approaching Oil Export Scale

Venezuela’s USDT Trading Volume Reaches $1.39 Billion, Approaching Oil Export Scale

July 17, 2026
Citadel Securities Leads $400 Million Investment in Crypto.com, Valuing Exchange at $20 Billion

Citadel Securities Leads $400 Million Investment in Crypto.com, Valuing Exchange at $20 Billion

July 17, 2026
Airbnb CEO Brian Chesky Confirms X Account Hack After Fake Crypto Thread

Airbnb CEO Brian Chesky Confirms X Account Hack After Fake Crypto Thread

July 17, 2026

Trump Media Unveils Truth API for Wall Street as Trump’s Truth Social Posts Move Markets

July 17, 2026

Trump Media Unveils Truth API for Wall Street as Trump’s Truth Social Posts Move Markets

July 17, 2026
MoonPay Acquires Glide in All-Equity Deal to Strengthen Crypto Deposit Infrastructure

MoonPay Acquires Glide in All-Equity Deal to Strengthen Crypto Deposit Infrastructure

July 16, 2026
Alpaca Raises $135 Million to Expand AI-Native Brokerage and Tokenized Market Infrastructure

Alpaca Raises $135 Million to Expand AI-Native Brokerage and Tokenized Market Infrastructure

July 16, 2026
Summer.fi to Wind Down After $6.04 Million Vault Exploit

Summer.fi to Wind Down After $6.04 Million Vault Exploit

July 16, 2026

Cryip focuses on crypto research and on-chain analysis, supported by coverage of markets, regulation, security events, and blockchain ecosystems.

Recent Posts

  • Aquads Builds Full Stack Project Hub to Close Crypto’s Post-Launch Gap
  • Dutch Crypto Platform Knaken Declared Bankrupt Over €7M Customer Fund Shortfall
  • Venezuela’s USDT Trading Volume Reaches $1.39 Billion, Approaching Oil Export Scale

Categories

  • AI × Crypto
  • Data & Dashboards
  • DeFi Basics
  • Investing Basics
  • Market & Price
  • Market Updates
  • On-Chain Analysis
  • OpSec
  • Policy & Regulation
  • Post Mortems
  • Press Release
  • Reports
  • Scams & Fraud
  • Security & Hacks
  • Stablecoins
  • Tokenomics
  • VC & Funding
  • Wallets & Custody

Company

  • About Us
  • Contact Us
  • Editorial Standards & Integrity
  • Our Team
  • Privacy Policy
  • Review Methodology
  • Terms and Conditions
  • Trust, Disclosures & Independence

© 2026 Cryip - Research-Driven Crypto Analysis & News by Hashlays.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

No Result
View All Result
  • Home
  • News
  • Research & Analysis
  • Reviews & Comparisons
  • Learn Crypto
  • Features
  • Events

© 2026 Cryip - Research-Driven Crypto Analysis & News by Hashlays.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.