On May 15, 2026, a malicious node exploited a vulnerability and drained ~$10.7M in protocol-owned funds from one Asgard vault (user/LP funds safe). Trading, signing, and churning remain halted. Patch v3.18.1 released; v3.19.0 in testing. Nodes approved ADR-028 for recovery + security upgrades. Staged restart expected soon.
Not reviewed by the team
Official website and swap interface for THORChain, a decentralized cross-chain liquidity protocol. Swap native assets across supported blockchains without creating an account or handing custody to a centralized exchange. The official interface is non-custodial, but its own terms, privacy practices, analytics, and jurisdiction restrictions apply. This listing refers to thorchain.org / swap.thorchain.org specifically, not to all third-party THORChain clients.
THORChain.org is an exchange and dex service that accepts Bitcoin. It has a guaranteed no-KYC policy and has a score of 8/10. There are 2 user ratings averaging 5/5.
Scores
- Guaranteed no KYC
- Terms explicitly state KYC will never be requested.
- Own liquidity 0 +2
The service runs its own liquidity, so there is no third-party LP that could independently demand KYC or block funds.
The service runs its own liquidity, so there is no third-party LP that could independently demand KYC or block funds.
0 Privacy+2 Trust
- Service Termination Policy 0 -4
The service provider can terminate access to services at any time without notice, at their sole discretion.
The service provider can terminate access to services at any time without notice, at their sole discretion.
0 Privacy-4 Trust - Data Sharing -3 0
Personal and account data may be shared with authorities and third-party providers for compliance, fraud prevention, and service provision.
Personal and account data may be shared with authorities and third-party providers for compliance, fraud prevention, and service provision.
-3 Privacy0 Trust - Usage can be detected on public blockchains -2 0
On transparent blockchains, it may be possible to tell that a wallet used this service and approximately when it happened.
On transparent blockchains, it may be possible to tell that a wallet used this service and approximately when it happened.
-2 Privacy0 Trust - Guaranteed no KYC +25 0
Terms explicitly state KYC will never be requested.
- Non-custodial wallet +3 +5
A non-custodial wallet is a type of crypto wallet where the user holds and manages the private keys to the wallet and the assets in custody. The user is responsible for safeguarding their funds, and they are the only ones with access to their private keys. Using a non-custodial wallet requires no trust in any institution.
A non-custodial wallet is a type of crypto wallet where the user holds and manages the private keys to the wallet and the assets in custody. The user is responsible for safeguarding their funds, and they are the only ones with access to their private keys. Using a non-custodial wallet requires no trust in any institution.+3 Privacy+5 Trust - Open source code 0 +7
The source code of the service is publicly available and licensed as open-source. This allows the community to audit the service, though it doesn't guarantee security or quality.
The source code of the service is publicly available and licensed as open-source. This allows the community to audit the service, though it doesn't guarantee security or quality.
0 Privacy+7 Trust - No registration needed +5 0
Users can access and use the service without creating an account. This enables a faster and more convenient user experience while also offering enhanced privacy and anonymity.
Users can access and use the service without creating an account. This enables a faster and more convenient user experience while also offering enhanced privacy and anonymity.
+5 Privacy0 Trust - Audited 0 +5
The service has been audited by an independent 3rd party.
- Decentralized network 0 +5
A decentralized network is a system where data, control, and decision-making are distributed across multiple independent nodes, rather than being managed by a single central authority.
A decentralized network is a system where data, control, and decision-making are distributed across multiple independent nodes, rather than being managed by a single central authority.
0 Privacy+5 Trust - Mature service 0 +5
This service has been operational for 5 years. While this indicates stability, it is not a future-proof guarantee.
This service has been operational for 5 years. While this indicates stability, it is not a future-proof guarantee.
0 Privacy+5 Trust - Source available code 0 +4
The source code of the service (or an important part of it) is publicly available but not open-source. This allows the community to audit the service, though it doesn't guarantee security or quality.
The source code of the service (or an important part of it) is publicly available but not open-source. This allows the community to audit the service, though it doesn't guarantee security or quality.
0 Privacy+4 Trust - Community contributed 0 0
Listed, but not yet reviewed by the team. Read more about the listing statuses.
Listed, but not yet reviewed by the team. Read more about the listing statuses.
0 Privacy0 Trust - API available 0 0
An API is available for programmatic interaction with this service.
An API is available for programmatic interaction with this service.
0 Privacy0 Trust - JavaScript needed 0 0
The service requires the user to enable JavaScript in order to access and use its features.0 Privacy0 Trust - Telegram bot available 0 0
The service has a Telegram bot available.
- Some countries are restricted 0 0
Offered services may not be available in some countries due to logistics, regulations or arbitrary decisions. Please check for any restrictions before use.
Offered services may not be available in some countries due to logistics, regulations or arbitrary decisions. Please check for any restrictions before use.
0 Privacy0 Trust - Base score +50 +50
Overall = 60% Privacy + 40% Trust (Truncated)
Terms of Service Review
Not available on community contributed services
Events
View all-
Ongoing since
Trading Paused After $10.7M Exploit
SourceOn May 15, 2026, a malicious node exploited a vulnerability and drained ~$10.7M in protocol-owned funds from one Asgard vault (user/LP funds safe). Trading, signing, and churning remain halted. Patch v3.18.1 released; v3.19.0 in testing. Nodes approved ADR-028 for recovery + security upgrades. Staged restart expected soon.
-
Attribute added
Attribute "Usage can be detected on public blockchains" was added to THORChain.org
-
Service updated
Service URLs updated from https://thorchain.org to https://thorchain.org, https://swap.thorchain.org. KYC level changed from 1 to 0. Description was updated
-
Attribute removed
Attribute "Frontend policies vary" was removed from THORChain.org
-
Attribute added
Attribute "Service Termination Policy" was added to THORChain.org
-
Attribute added
Attribute "Data Sharing" was added to THORChain.org
-
Attribute added
Attribute "Frontend policies vary" was added to THORChain
-
Description update
Description was updated
-
Attribute removed
Attribute "Refunds do not require KYC" was removed from THORChain
-
Attribute removed
Attribute "Atomic Swaps" was removed from THORChain
-
KYC update
KYC level changed from 0 to 1
-
Description update
Description was updated
-
Service updated
KYC level changed from 1 to 0. Description was updated
-
Attribute removed
Attribute "Personal info is not verified" was removed from THORChain
-
Attribute removed
Attribute "Data Sharing" was removed from THORChain
-
Attribute added
Attribute "Audited" was added to THORChain
-
Description update
Description was updated
-
Attribute added
Attribute "Some countries are restricted" was added to THORChain
-
Attribute added
Attribute "Own liquidity" was added to THORChain
-
Attribute added
Attribute "Unclear refund policy" was added to THORChain
-
Attribute added
Attribute "May suspend your account" was added to THORChain
-
Attribute added
Attribute "Telegram bot available" was added to THORChain
-
Attribute added
Attribute "Data Sharing" was added to THORChain
-
Description update
Description was updated
-
Attribute removed
Attribute "Audited" was removed from THORChain
-
Attribute change
An attribute was removed (details unavailable)
-
Attribute change
An attribute was removed (details unavailable)
Evidence and Review History
Listed, but not yet reviewed by the team.
- No review checks have been published yet
- Last review Unknown
- Listed May 31, 2025
- Operating since Apr 13, 2021
Always worked for me the times I've used it, but realize these are on chain transactions so caution is advised regarding privacy.