THORChain.org Community Contributed

• Exchange DEX

Watch

Contribute

Edit Review

• Monero
• Bitcoin
• Lightning
• Fiat
• Cash

• thorchain.org
• +1 more
• swap.thorchain.org

Scores

-12 trust from active incidents. See details

• Service Termination Policy 0 -4

  The service provider can terminate access to services at any time without notice, at their sole discretion.

  The service provider can terminate access to services at any time without notice, at their sole discretion.

  0 Privacy

  -4 Trust

  With this Without this
• Data Sharing -3 0

  Personal and account data may be shared with authorities and third-party providers for compliance, fraud prevention, and service provision.

  Personal and account data may be shared with authorities and third-party providers for compliance, fraud prevention, and service provision.

  -3 Privacy

  0 Trust

  With this Without this
• Usage can be detected on public blockchains -2 0

  On transparent blockchains, it may be possible to tell that a wallet used this service and approximately when it happened.

  On transparent blockchains, it may be possible to tell that a wallet used this service and approximately when it happened.

  -2 Privacy

  0 Trust

  With this Without this
• Guaranteed no KYC +25 0

  Terms explicitly state KYC will never be requested.

  Terms explicitly state KYC will never be requested.

  +25 Privacy

  0 Trust

  With this or better
• Non-custodial wallet +3 +5

  A non-custodial wallet is a type of crypto wallet where the user holds and manages the private keys to the wallet and the assets in custody. The user is responsible for safeguarding their funds, and they are the only ones with access to their private keys. Using a non-custodial wallet requires no trust in any institution.

                  A non-custodial wallet is a type of crypto wallet where the user holds and manages the private keys to the wallet and the assets in custody. The user is responsible for safeguarding their funds, and they are the only ones with access to their private keys. Using a non-custodial wallet requires no trust in any institution.
                
  

  +3 Privacy

  +5 Trust

  Search with this
• Open source code 0 +7

  The source code of the service is publicly available and licensed as open-source. This allows the community to audit the service, though it doesn't guarantee security or quality.

  The source code of the service is publicly available and licensed as open-source. This allows the community to audit the service, though it doesn't guarantee security or quality.

  0 Privacy

  +7 Trust

  Search with this
• No registration needed +5 0

  Users can access and use the service without creating an account. This enables a faster and more convenient user experience while also offering enhanced privacy and anonymity.

  Users can access and use the service without creating an account. This enables a faster and more convenient user experience while also offering enhanced privacy and anonymity.

  +5 Privacy

  0 Trust

  Search with this
• Audited 0 +5

  The service has been audited by an independent 3rd party.

  The service has been audited by an independent 3rd party.

  0 Privacy

  +5 Trust

  Search with this
• Decentralized network 0 +5

  A decentralized network is a system where data, control, and decision-making are distributed across multiple independent nodes, rather than being managed by a single central authority.

  A decentralized network is a system where data, control, and decision-making are distributed across multiple independent nodes, rather than being managed by a single central authority.

  0 Privacy

  +5 Trust

  Search with this
• Mature service 0 +5

  This service has been operational for 5 years. While this indicates stability, it is not a future-proof guarantee.

  This service has been operational for 5 years. While this indicates stability, it is not a future-proof guarantee.

  0 Privacy

  +5 Trust
• Source available code 0 +4

  The source code of the service (or an important part of it) is publicly available but not open-source. This allows the community to audit the service, though it doesn't guarantee security or quality.

  The source code of the service (or an important part of it) is publicly available but not open-source. This allows the community to audit the service, though it doesn't guarantee security or quality.

  0 Privacy

  +4 Trust

  Search with this
• Community contributed 0 0

  Listed, but not yet reviewed by the team. Read more about the listing statuses.

  Listed, but not yet reviewed by the team. Read more about the listing statuses.

  0 Privacy

  0 Trust

  With this Without this
• API available 0 0

  An API is available for programmatic interaction with this service.

  An API is available for programmatic interaction with this service.

  0 Privacy

  0 Trust

  Search with this
• JavaScript needed 0 0

                            The service requires the user to enable JavaScript in order to access and use its features.
                          
  

  0 Privacy

  0 Trust

  Search with this
• Telegram bot available 0 0

  The service has a Telegram bot available.

  The service has a Telegram bot available.

  0 Privacy

  0 Trust

  Search with this
• Some countries are restricted 0 0

  Offered services may not be available in some countries due to logistics, regulations or arbitrary decisions. Please check for any restrictions before use.

  Offered services may not be available in some countries due to logistics, regulations or arbitrary decisions. Please check for any restrictions before use.

  0 Privacy

  0 Trust

  Search with this
• Base score +50 +50

Terms of Service Review

• Medium · Ongoing · Started May 15, 2026

  Node exploit drained $10.7M, trading halted

  -12

  trust

  On May 15, 2026, a malicious node exploited a flaw in THORChain's threshold-signature scheme to rebuild a vault's signing key and drain about $10.7M from one Asgard vault. The funds were protocol-owned; user swaps and LP positions stayed safe.

  THORChain halted trading, signing, and churning, slashed the attacker's bond, and patched the flaw in v3.18.1 and v3.19.0. Node operators approved the ADR-028 recovery plan, which absorbs the loss through protocol-owned liquidity without minting RUNE or diluting holders. As of mid-June the network runs a staged restart and trading remains paused.

  Full penalty applies until resolved.

  ~$10.7M protocol funds (users safe) Source

1. Apr 14

   Attribute added

   Attribute "Usage can be detected on public blockchains" was added to THORChain.org

2. Apr 14

   Service updated

   Service URLs updated from https://thorchain.org to https://thorchain.org, https://swap.thorchain.org. KYC level changed from 1 to 0. Description was updated

3. Apr 14

   Attribute removed

   Attribute "Frontend policies vary" was removed from THORChain.org

4. Apr 14

   Attribute added

   Attribute "Service Termination Policy" was added to THORChain.org

5. Apr 14

   Attribute added

   Attribute "Data Sharing" was added to THORChain.org

6. Apr 14

   Attribute added

   Attribute "Frontend policies vary" was added to THORChain

7. Apr 14

   Description update

   Description was updated

8. Apr 14

   Attribute removed

   Attribute "Refunds do not require KYC" was removed from THORChain

9. Apr 14

   Attribute removed

   Attribute "Atomic Swaps" was removed from THORChain

10. Apr 14

    KYC update

    KYC level changed from 0 to 1

11. Apr 14

    Description update

    Description was updated

12. Apr 14

    Service updated

    KYC level changed from 1 to 0. Description was updated

13. Apr 14

    Attribute removed

    Attribute "Personal info is not verified" was removed from THORChain

14. Apr 14

    Attribute removed

    Attribute "Data Sharing" was removed from THORChain

15. Apr 14

    Attribute added

    Attribute "Audited" was added to THORChain

16. Feb 3

    Description update

    Description was updated

17. Feb 3

    Attribute added

    Attribute "Some countries are restricted" was added to THORChain

18. Feb 3

    Attribute added

    Attribute "Own liquidity" was added to THORChain

19. Feb 3

    Attribute added

    Attribute "Unclear refund policy" was added to THORChain

20. Feb 3

    Attribute added

    Attribute "May suspend your account" was added to THORChain

21. Feb 3

    Attribute added

    Attribute "Telegram bot available" was added to THORChain

22. Feb 3

    Attribute added

    Attribute "Data Sharing" was added to THORChain

23. Jul 4, 2025

    Description update

    Description was updated

24. Jul 4, 2025

    Attribute removed

    Attribute "Audited" was removed from THORChain

25. Jul 1, 2025

    Attribute change

    An attribute was removed (details unavailable)

26. Jun 11, 2025

    Attribute change

    An attribute was removed (details unavailable)

Comments