thorchain gg20/tss attack path i reproduced the suspected gg20 leakage mechanics against the tss-lib version they used. it accepts malformed paillier material, exposes a type 5 / type 7 oracle shape, and the go-tss wrapper misses some important checks.

Build a drumming game with @threejs using Amfitrack's 6DoF sensors. I wrote a tsSDK for their sensors so the hardware talks directly to the browser using WebHID api. Watch me rip a crazy solo 👇 #threejs# #threejsjourney#

THORChain incident update #1# THORChain contributors shared a new update in the dev discord regarding the ongoing incident. TLDR - Current evidence points toward a newly churned node linked to the attack, likely operated by a single malicious actor - The leading theory is an exploit in the GG20 TSS implementation, allowing vault key material to leak over time. The attacker may have reconstructed the vault private key and executed unauthorized outbound txs - Current network status: -- The network is paused after multiple node operators executed make pause -- RUNE transfers and chain observation may resume within ~12h unless decided otherwise by the nodes. -- Trading, LP actions, signing, and sensitive operations remain paused for now - Recovery discussions currently include slashing affected node bonds, using POL to absorb losses, or other community-driven solutions The investigation is still ongoing alongside THORSec and Outrider Analytics. ## Full Announcement ## Developers and THORSec have been investigating today’s incident continuously throughout the day. While new information may still emerge, I want to provide the community with an update based on what we currently know. The goal of this update is to clarify the current understanding of the situation as accurately and transparently as possible. A newly churned node, thor16ucjv3v695mq283me7esh0wdhajjalengcn84q, which entered the network several days ago, is currently believed to be associated with the attack. Developers have identified links between Ethereum addresses used to acquire and bond RUNE for this node, and Ethereum addresses that later received the stolen funds. Based on current evidence, it is believed this was conducted by a single malicious operator, though the investigation remains ongoing. At this time, the leading theory is the attacker exploited a vulnerability within the GG20 TSS implementation which allowed sensitive key material from vault participants to leak over time. By accumulating enough leaked information, the attacker was ultimately able to reconstruct the vault’s TSS private key and execute unauthorized outbound transactions. The Treasury is actively collecting forensic data and coordinating with Outrider Analytics and relevant law enforcement agencies in an effort to identify the attacker and pursue recovery of stolen funds where possible. Due to multiple node operators executing make pause, the network is currently paused. Unless further action is taken, the pause state will automatically expire in approximately 12 hours. At this time, the development team is comfortable allowing the pause to expire in order to restore RUNE transfers and chain observation activity. However, trading, signing, LP actions, and other sensitive operations will remain paused until the network and community align on a comprehensive recovery and remediation plan. The recovery process will likely require node governance decisions regarding how losses are ultimately handled. Several potential approaches are already being discussed, including: Slashing the bond of nodes participating in the affected vault Allowing Protocol-Owned Liquidity (POL) to absorb the loss Additional recovery proposals that may emerge from the broader community At this stage, no final decisions have been made. The team is continuing to work on a complete recovery and restart plan for the network. Bringing trading and full functionality back online will likely take several days, and potentially longer depending on the complexity of the chosen remediation path. We will continue to provide updates as more information becomes available. Finally, I want to thank the developers, node operators, security contributors, and the broader THORChain community for the enormous amount of work done today. One of THORChain’s greatest strengths has always been the community’s ability to come together under pressure, collaborate quickly, and solve difficult problems together.

The latest TC release 3.18 was done as a private binary (something we had done before when patching crits). There was a long-standing practice that if a node requested, by signing a message with their validator key, devs would send them the validator-key encrypted diff of the security patch. That’s exactly what the malicious node did in this case. It’s possible even that the private release spooked them into speeding up their timeline for the attack. I find this class of attack very interesting. Networks need to be designed maximally defensive, even against their own validators. In this case, a malicious validator can still get the source code for patches and exploit them before the code goes out. I wonder if this puts an end to that practice. It all exists on a spectrum of decentralization. I actually don’t disagree with @jpthor that closed source TSS might be the move from here. Anyone who is saying that’s “the end of the experiment” is either a crypto-anarchistic maxi that lost the plot or an NK hacker astro-turfing protocols into not making sound trade-offs between security and decentralization.