There was an incident that occurred on 9 September 2025 where private keys held by THORChain founder JP THOR were compromised. The team’s preventative security measures have successfully prevented the THORChain network from any adverse effect of the individual’s compromise.
No funds of THORChain, THORChain Treasury, or THORChain users were at risk or affected.
Since 2022, the team has worked to systematically remove any singular point of failure on the network and protect against key compromise. This is indicative of the decentralized architecture of the protocol and deliberately conducted by the team as part of Planned Obsolescence. These protections not only made the network more secure and decentralized, but also successfully protected against the exact attack vector they were designed to prevent.
This incident highlights the importance of using MPC to protect against key compromise, as well as sufficiently decentralizing the ecosystem to protect against such an attack.
Protocol Protections
Treasury funds held in MPC Wallet
The THORChain treasury funds are held on a multisig MPC wallet: Vultisig, so in the event of an individual key compromise funds from the treasury could not be stolen. The Treasury is custodied by a committee of key holders physically located in diverse geographic regions.
Treasury LP Positions locked
The THORChain treasury also seeded new liquidity pools, providing liquidity to new pairs on the network. In May 2024, the Treasury LP positions were locked in the protocol so that the single signature treasury keys could not be used to withdraw or move the LP positions. The liquidity is held by the network and can only be moved with a consensus of validators’ approval.
Relevant PR: !3562
Standby Reserve burned
At the beginning of 2023, the Standby Reserve, which was ~60m RUNE that was earmarked to be added to the network Reserve was burned. The RUNE in this wallet no longer exists as part of the supply.
Admin Mimir keys revoked
Early this year, the Admin Mimir keys were revoked. Mimir is used by the network to control constants and parameters. Admin Mimir existed from the early days of the network to be an actor that can change parameters without a consensus, to react to potential security events and also carry out operational duties. There was a whitelist of keys that could be changed by Admin Mimir. Admin Mimir decisions could always be overridden by a majority of validators.
As part of the planned obsolescence, Node Mimir was implemented, which allowed any 3 nodes to come to a consensus on “operational” parameters. Important economic parameters must still receive a consensus by 2/3 of the validators. After Mimir V2 was implemented, Admin Mimir code was removed completely from the network.
Relevant PRs: !2588 & !3177 & !3886
Other
Relevant X Posts:
- https://x.com/lookonchain/status/1966426219639144474
- https://x.com/P3b7_/status/1966426113967583603
- https://x.com/jpthor/status/1966450439437611484
- https://x.com/jpthor/status/1966440849438318937
- https://x.com/jpthor/status/1965366373682491647
Community
To keep up to date, please monitor community channels, particularly Telegram and X:
Website | Documentation | X | Telegram Community | Telegram Alerts | Community Discord | Developer Discord | Explorer | RuneScan | Reddit | Gitlab | Medium | Linktree | Thorcharts | RUNE Tools
Related articles
![THORChain x xolosArmy Ecosystem Podcast #210 thumbnail featuring Fernando of xolosArmy, Kenton and Patriotsounds discussing eCash's chain client integration with THORChain.]()
Jun. 20, 2026
xolosArmy Wants eCash ($XEC) on THORChain: Chain Client Ready, Liquidity Next
- Podcast
![THORChain Community Podcast #209 thumbnail featuring Chad Barraford, Kenton and Patriotsounds discussing the network restart timeline, Monero launch and Protocol Owned Liquidity.]()
Jun. 18, 2026
THORChain's Restart Is Days Away: Dynamic Fees, Rev-Share, and Protocol-Owned Liquidity
- Podcast
![THORChain x NanoGPT Ecosystem Podcast #208 thumbnail featuring Milan Dereede discussing NanoGPT's integration with Kenton and Patriotsounds.]()
Jun. 13, 2026
NanoGPT Coming to THORChain: Every AI Model, No KYC, Paid in Crypto
- Podcast
![THORChain Community Podcast #207 thumbnail featuring Chad Barraford, Kenton and Patriotsounds discussing the network restart timeline, chain integrations and POL fee split.]()
Jun. 11, 2026
THORChain Eyes Trading by Midweek: Chad Maps the Final Restart Steps, With Zcash and Monero Queued
- Podcast
![THORChain v3.19.0 protocol upgrade article thumbnail covering Monero support, affiliate revenue share, DASH InstantSend and the TSS security patches behind the network restart.]()
Jun. 9, 2026
Protocol Upgrade - V3.19.0
- Report
![THORChain Podcast #206 thumbnail.]()
Jun. 6, 2026
The Stablecoin That Survived a 95% Crash: Zephyr Comes to THORChain
- Podcast
![THORChain Podcast #205 thumbnail featuring co-founder Chad Barraford.]()
Jun. 4, 2026
THORChain Still Paused, Monero Targeted for Month-End, and the Limit Order Debate
- Podcast
![THORChain Podcast #204 thumbnail, presented by Raynalytics]()
May. 30, 2026
More Than a Block Explorer: Deving.zone Turns THORChain Into a Living Map
- Podcast
![THORChain Podcast #203 thumbnail featuring co-founder Chad Barraford discussing the v3.19 protocol update, Soda Labs, and vault hardening, presented by Raynalytics]()
May. 29, 2026
THORChain Path to Restart: v3.19, Soda Labs, and Hardening the Vaults
- Podcast
![THORChain May 15, 2026 Exploit Report #1]()
May. 20, 2026
THORChain Exploit Report #1
![]()
May. 14, 2026
Explanation of the 6 Preset Strategies to Help Create Your CCL Strategy
![]()
May. 13, 2026
The Casino Problem: When Crypto Forgets What It Was Built For
![]()
May. 12, 2026
THORChain Protocol Upgrade v3.18
![]()
May. 11, 2026
Dash is coming to THORChain
- Podcast
![]()
May. 8, 2026
Monero Merged, Reserve Burn, Marketing Update | Podcast #196
- Podcast
