THORChain has opened a recovery portal for users hit by a $10 million exploit that compromised 12,847 wallets. The cross-chain protocol said refunds are backed by its treasury and will be available until June 4. Affected users can now submit claims through the portal.
The scope of the breach
The attack drained $10 million in assets from THORChain’s decentralized exchange, targeting wallets across multiple chains. The team confirmed that 12,847 wallets were affected in total. Investigators have not yet publicly identified the attacker or the specific vulnerability used.
THORChain runs on the RUNE token and facilitates swaps between different blockchains. The exploit marks one of the larger incidents for the protocol, which has faced security issues before. But this time the team acted quickly to set up a refund process.
Treasury-backed refunds
Refunds are coming from THORChain’s own treasury, not from external insurance or a rescue fund. That means the protocol itself is covering the losses. The recovery portal is live now, and users have until June 4 to file their claims. After that date, the window closes.
The team didn’t disclose exactly how much treasury capital is available, but they said all affected wallets will be made whole. Users need to connect their wallets to the portal to verify eligibility. No additional documentation is required, according to the announcement.
What happens after June 4
Once the June 4 deadline passes, THORChain will process the claims and distribute refunds. The protocol hasn’t said how long that will take. Meanwhile, developers are working on a post-mortem to understand exactly how the exploit worked and to prevent a repeat.
For now, the message is clear: if your wallet was affected, you have two weeks to claim your money back. After that, the treasury-backed offer expires.
