THORChain

THORChain is the native cross-chain liquidity protocol — the only production-grade DEX that lets users swap BTC↔ETH↔XMR↔BCH↔LTC without wrapping, bridging via custodial intermediaries, or trusting a centralised operator with the swap output. XMR was added natively in 2025; the protocol is the structural inverse of the no-KYC aggregators (Exolix, StealthEX, SideShift) — instead of routing through upstream centralised exchanges, THORChain is its own settlement layer. Listed at Grade A for the unique architecture and the multi-year operational track record. Critical context: an active security incident is in progress — see the dedicated section below. The Grade A is currently held *conditionally* pending verifiable post-mortem and pool resumption; if you're considering a swap right now, verify the live pool status at our /thorchain page or the protocol's own dashboard before committing funds.

Active incident (2026-05-15). On 2026-05-15 a TSS-key cryptography flaw in THORChain's threshold-signing infrastructure was exploited, draining approximately $10.8M from Protocol-Owned-Liquidity (POL) vaults across BTC, ETH, BNB-Chain, and Base. The protocol responded by pausing trading and signing. As of the last curator verification (2026-05-21), recovery is in progress with a published incident report at thorchain.org/blog/thorchain-exploit-report-1. Curator advice: do not open new trades until THORChain unpauses the affected pools. The XMR pool may resume earlier than EVM legs (different signing surface); confirm pool status on our /thorchain page or the protocol's dashboard before any swap. This incident is the reason the Grade A is held *conditionally* — the protocol's response (rapid pause, public post-mortem, no user-fund losses claimed for non-POL liquidity) is well-handled, but the underlying TSS vulnerability is a serious architectural concern that requires verifiable remediation.

ADR-028 update (2026-05-22). The THORChain team released ADR-028 (architecture decision record) seven days after the incident, currently up for Node Operator vote. Key points: (1) no new RUNE minted — recovery doesn't dilute existing token holders, (2) losses absorbed by Protocol-Owned Liquidity (POL) — not user funds; the protocol's own liquidity reserves take the loss, (3) focus shifting to slower, more security-focused development — explicit acknowledgement that the post-incident velocity will be lower than pre-incident. The network remains paused pending the vote passing and the vulnerability patch deploying. This is the response privacy infrastructure wants to see from incident-handling — no token-dilution rug, no user-fund socialisation, public commitment to slower-development tradeoff. It does not retroactively erase the underlying TSS vulnerability, but it does materially improve the case for the conditional A grade being editorially defensible.

Background. THORChain has been operating as a cross-chain liquidity protocol since the late-2010s, building toward the native-asset DEX architecture that went live in production around 2021. The protocol uses threshold signature schemes (TSS) to manage multi-chain custody — vault keys are split across protocol nodes, and a threshold of nodes must cooperate to sign withdrawals. Native chain support is the structural differentiator: most "cross-chain" protocols bridge via wrapped tokens (wBTC, wETH, etc.), which adds bridge-risk to swap-risk. THORChain settles swaps using the actual chain's native assets — real BTC, real XMR, real ETH. Open-source codebase, public node operation, RUNE token aligns node-operator incentives. XMR was integrated in 2025; the kyc.rip aggregator routes through THORChain with the affiliate code "kycrip" (referral revenue shared back into the directory).

What you trust. TSS multi-node signing — vault keys are sharded across the validator set; no single node can move user funds. BFT consensus on the THORChain L1 — node operators are economically aligned via RUNE staking and slashing. Open-source code + public node operation — anyone can audit the code, anyone can run a node. Native asset settlement — when you swap BTC→XMR, real BTC enters a TSS-managed BTC vault and real XMR is paid from a TSS-managed XMR vault, no bridge tokens involved. Non-custodial UX — the wallet user signs each swap; the protocol custody is only for the in-flight routing window. The 2026-05-15 incident exposed: that the TSS layer itself has a cryptographic surface that's not infallible. The trust model isn't broken (no single-party custody, no operator-rug) but it does mean "TSS = mathematically secure" is a stronger claim than the empirical track record now supports. Post-incident, treat TSS-protected DEX vaults as "high-grade-but-not-zero-trust."

Operational specs. Native chain support: BTC, ETH, BCH, LTC, XMR (added 2025), BNB-Chain, Base, AVAX, Cosmos. Rate model: slip-based AMM — fee is proportional to swap size relative to pool depth, with a small outbound fee on top. Spread: typically ~0.3-1% on large swaps ($1k+); much higher on small swaps where the slip-fee dominates (best avoided for sub-$200 trades). Trade size sweet spot: $1k-$1M depending on pool depth; very large swaps require checking the per-pool TVL to avoid slip-fee blowups. Confirmations: chain-native — Monero side uses standard XMR confirmation count (~10 blocks); BTC side uses native-BTC confirmation (~6 blocks recommended); other chains per their consensus requirements. kyc.rip integration: this directory's aggregator UI routes through THORChain with affiliate code "kycrip" — revenue share back to xmr.club. Status feed live at kyc.rip/thorchain showing pool status, incident-mode flags, and live quotes. No KYC under any circumstances — protocol-level architecture, not operator policy; there's no centralized party to demand KYC even if pressured.

Philosophy. THORChain's editorial differentiator is the native-asset cross-chain protocol model. Aggregators (Exolix, StealthEX, SideShift) route through upstream centralised exchanges and inherit those exchanges' AML/KYC stances — THORChain is a protocol, not a service, so the trust model is structurally different. Compared to other cross-chain bridges: most bridges use wrapped tokens (wBTC etc.) which introduces bridge-asset risk *on top of* swap risk; THORChain settles in native assets so the only failure mode is the protocol itself. The 2026-05-15 incident proves that "the protocol itself" *is* a failure mode worth taking seriously — the TSS layer is the protocol's trust frontier, and TSS cryptography is harder than "it works in theory, so it works in practice" suggests.

Grade rationale. Grade A reflects: unique architecture (only production native-asset cross-chain DEX with XMR); multi-year operational continuity; open-source codebase and public node operation; native XMR support since 2025; broad chain coverage (BTC / ETH / BCH / LTC / XMR / BNB / Base / AVAX / Cosmos); excellent fee profile on large swaps (~0.3-1%); kyc.rip integration with affiliate revenue share back to the directory. The Grade A is held conditionally pending the 2026-05-15 TSS-incident resolution — specifically: (1) verifiable post-mortem confirming the exact root cause, (2) public confirmation that TSS-vulnerability remediation is shipped to production, (3) sustained operation post-resumption without secondary incidents. Re-evaluation trigger: xmr.club will reassess this grade by 2026-08-15 (90 days post-incident) or earlier if the protocol resumes full operation with public post-incident remediation. If the protocol fails to provide verifiable remediation by 2026-08-15, the grade is at risk of downgrade. Last verified 2026-05-12, incident verified 2026-05-21.

Useful when. (Post-incident-resolution only) you're doing a large swap ($1k+) between two native assets and want the protocol-grade trust model rather than aggregator-routes-via-Binance. You want native XMR ↔ BTC ↔ ETH cross-chain liquidity without wrapped tokens. You're swap-routing through the kyc.rip aggregator and THORChain is one of the engines (affiliate code "kycrip" set). You're a developer building cross-chain UX and want the canonical native-asset DEX as the underlying protocol. You hold RUNE or operate a node and have direct stake-aligned exposure to the protocol's economic security. For now (while incident is active): do not open new trades unless the relevant pool is explicitly resumed.

Caveats. ACTIVE 2026-05-15 INCIDENT — see dedicated section above; verify pool status before any swap. Fees are slip-based and punitive on small swaps — sub-$200 trades may see 5-15%+ effective spread because the slip-fee dominates; use aggregator engines for retail-sized swaps and THORChain for the large-size sweet spot. TSS architecture has a non-trivial cryptographic surface — the May 2026 incident exposed a real flaw; treat post-incident TSS as "high-grade-but-not-zero-trust" rather than infallible. Cross-chain settlement times vary — XMR side is ~10-block standard; faster chains finalise sooner; expect 20-40 minutes end-to-end for typical swaps. Slip-fee depends on pool depth — a swap that's large relative to the pool gets a high slip; for >$50k swaps, check per-pool TVL or split the trade across multiple legs. RUNE token volatility — the protocol's economic security depends on RUNE's market cap relative to the locked liquidity; RUNE has had significant price volatility historically. Protocol-paused-state surprises — when pools are paused (e.g. post-incident), depositing into a paused pool can result in funds being held until resumption; check live status before each trade. Affiliate disclosure — kyc.rip earns a referral share from swaps routed through THORChain via the "kycrip" affiliate code; this revenue flows back to the directory and the curator's editorial separation policy is documented at /transparency.