What Is THORChain?
Founded in 2018, THORChain is a decentralized, automated market maker (AMM) that enables cross-chain trading. Yes, that’s a big deal. Usually, cross-chain swaps must rely on centralized intermediaries. First detailed in a whitepaper three years ago, THORChain promised users the ability to trade their cryptos across multiple chains without having to rely on a centralized third party. In fact, at the core of THORChain’s inception was the belief that decentralized exchanges (DEXs) were the way forward - given they could provide enough liquidity to prevent slippage.
Since then, a number of popular DEXs have entered the DeFi scene - Uniswap and SushiSwap on Ethereum, as well as PancakeSwap on BSC. And yet THORChain is unique in that it allows traders to swap real cryptocurrencies from entirely different blockchains. It manages this by using the protocol’s native token, RUNE, to go between different asset pools, as opposed to using wrapped coins.
THORChain properly launched its Multichain Chaosnet (MCCN) in April 2021, after preliminary development on testnets. While it has seen considerable growth so far, it has also notoriously been the recent target of some very unfortunate exploits. With this in mind, let’s take a closer look at how THORChain works.
Before we get into THORChain’s architecture, let’s go over the four major roles in the THORChain system. These are the liquidity providers, swappers, traders, and node operators.
Liquidity providers (LPs) are the ones that supply assets to the network’s liquidity pools. In return, they earn a yield consisting of fees from transactions and system rewards.
Swappers are the users that swap connected assets through RUNE (more on this in a bit). Users pay higher fees to LPs if they cause larger slippage, which protects LPs from risks of loss.
Traders help secure prices on THORChain by buying assets from markets at a low price and selling them on other markets at a higher price. By doing this, they importantly regulate THORChain exchange rates based on external markets. This arbitrage means THORChain does not rely on oracles, which are third parties employed to provide external real-world data to blockchains.
Node Operators, also known as THORNodes, are anonymous decentralized systems made up of a cluster of independent servers. THORNodes must bond a minimum of 1 million RUNE to become a validator for the network. A process called a “churning event” occurs every 3 days, in which one or more nodes are churned out of the network and replaced with new nodes. This ensures the network remains both competitive and more secure.
Now that we’ve outlined the key players in THORChain’s ecosystem, let’s explore its architecture. THORChain boasts quite a complex infrastructure, with a few central technological components we’ll explain below. These include the blockchain network it is built on, its liquidity pool model, unique cross-chain bridge system, and sharding mechanism. Don’t worry if this all sounds a bit complicated - we’ll walk you through it!
Cosmos Network: Tendermint & Cosmos SDK
THORChain is built using Cosmos, a decentralized ecosystem of independent blockchains. Similar to Polkadot, this self-proclaimed Internet of Blockchains aims to facilitate blockchain interoperability, with a key difference being that the protocols must provide their own security.
The Cosmos network provides two very important tools to THORChain: Tendermint and Cosmos SDK. Tendermint is the Proof-of-Stake (PoS) consensus protocol that powers Cosmos. Using its own Byzantine Fault Tolerance (BFT) mechanism, Tendermint allows a decentralized network to safely reach consensus with instant finality.
The Cosmos SDK (software development kit) is a framework that helps developers build applications on Tendermint-based chains. Applications built using Cosmos SDK connect to Tendermint via a socket protocol called the Application Blockchain Interface (ABCI), which powerfully supports any programming language.
Continuous Liquidity Pools (CLPs)
We mentioned earlier that THORChain is an AMM, which means that it uses an algorithm in order to price assets (instead of using order books to match makers and takers). Most of today’s leading DEXs use an AMM model as it offers better liquidity, as well as attractive incentives for LPs to provide liquidity to the protocol.
THORChain uses a new type of AMM called a Continuous Liquidity Pool (CLP), which was a concept first introduced by the Bancor protocol. The name refers to the continuous liquidity present across all pools through RUNE, because each CLP contains RUNE in a 1:1 ratio with a specific asset.
If you want to swap asset X for asset Y, the protocol will swap X for RUNE in the first pool and RUNE for Y in a second. This is executed by the THORChain state machine, making the swap non-custodial. And as the protocol keeps track of the asset to RUNE ratio in each CLP, there is an inbuilt on-chain price feed.
Bifröst Protocol (Cross-Chain Bridge System)
The Bifröst Protocol is THORChain’s cross-chain bridge system, astutely named after the rainbow bridge connecting Midgard (Earth) to Asgard (Heaven) in Norse mythology. Bifröst works by harnessing THORChain’s PoS mechanism, CLPs, and multi-signature accounts (multisig).
Multisig refers to a system in which multiple users must provide their signatures to validate transactions. Each bridge uses a number of THORNodes to confirm transactions. By randomly allocating nodes to transactions, Bifröst minimizes the risk of centralization. This security is further bolstered by THORChain’s PoS, which requires nodes to bond their assets and therefore incentivizes honest behavior.
The on-chain price feeds delivered by CLPs play a part here in transparently providing a bridge’s security profile. This allows THORChain users to choose bridges more carefully, and the network to monitor bridge security.
Yggdrasil Protocol (Sharding Mechanism)
Yggdrasil is THORChain’s sharding mechanism, implemented to help the network scale. While sharding usually implies horizontal scaling, Yggdrasil instead uses a vertical sharding system. This supposedly allows THORChain to use sharding on an ecosystem of chains, as opposed to a single one.
The Importance Of RUNE
Now, central to THORChain’s architecture is the RUNE token. These are its four key roles: liquidity, security, governance and incentives.
Unsurprisingly, RUNE is pivotal to THORChain’s liquidity because it offers itself as a settlement asset. This means that any asset can be swapped for another, leveraging liquidity across the entire network - instead of requiring each connected asset to be paired to another in separate pools.
THORChain also incorporates a mechanism known as the Incentive Pendulum in order to keep the network in a state of balance. Remember how there is a 1:1 ratio of RUNE to asset X in a pool? The Incentive Pendulum requires that bonded RUNE is always 2x the value of pooled RUNE - making the total value of RUNE to be 3x that of asset X.
RUNE ensures the security of the protocol through the use of its PoS system, or as THORChain puts it, Proof-of-Bond. As THORNodes must supply a bond of 1M RUNE to participate, any assets stolen by a malicious node are replaced by its bond.
Moreover, all assets are underwritten because of the Incentive Pendulum.
THORChain actually aims to be governance-minimal, in order to maintain node anonymity and impartiality. However, RUNE token holders will still be able to vote on listing/ delisting assets and chains, as well as submit THORChain Improvement Proposals (TIPs). Once the THORChain mainnet fully launches, this on-chain governance system - called the Æsir protocol - will be deployed.
As the native currency of THORChain, RUNE is used to pay for transaction fees as well as block rewards. Fees include a fixed network fee as well as a dynamic slip-based fee.
A Storm Of Exploits
Last, but definitely not least, are the recent series of THORChain exploits. While THORChain’s Chaosnet was first attacked in June (with a relatively minor loss of $140,000), it is the following two multimillion-dollar exploits in July that really made a mark. The first occurred July 16, 2021 and the second barely a week later on July 22nd. THORChain has recently released a post-mortem on both hacks, with a promise of covering all LP losses.
Both exploits relied on vulnerabilities in Bifröst, specifically by manipulating it to believe it received transfers of ETH.
July 16th Exploit
This first exploit occurred due to a bug in the code of the Bifröst ETH bridge. Initial reports set the loss at 13,000 ETH (around $25 million), which has most recently been revised to 4200 ETH or $8 million. The attacker achieved this by making multiple transfers of 0 ETH, but manipulating the code to set the transaction at 200 ETH. Then, they sent that back to their own address and repeated this path in a loop. While nodes intervened and paused the network, the updates were not thorough enough to prevent the asymmetric trading that followed.
July 22nd Exploit
Also taking place on the ETH bridge, this second exploit drained the protocol of $8 million worth of ETH. The hacker left a message suggesting they could have done more damage, and pointed out the existence of “multiple critical issues.” The exploit was accomplished by creating a fake router (contract), which the attacker sent ETH to. This registers as a deposit event. When the attacker requested the ETH back, they then received it from an actual Asgard vault.
While THORChain is still on its feet, with an impressive cushion of funds to fall back on, these hacks will definitely be ones for the books.
With great power comes great responsibility. THORChain has successfully created a cross-chain decentralized exchange, which is a huge accomplishment for the industry. However, the recent hacks have proven that it still has some ways to go.
As aptly put by Andre Cronje, the most innovative projects often risk exploitation - and yet, THORChain only has itself to blame for the significant (and unaudited!) vulnerabilities in its code. The team has, at this point, delivered a 5-Pronged Recovery Plan that includes audits, bounty programs and increased security. Only time will tell how it delivers on these promises.