THORChain was drained of $10 million, and RUNE dropped 12%, which is no longer an isolated incident.

Attackers simultaneously targeted four networks: Bitcoin, Ethereum, BSC, and Base, converting funds into ETH and transferring them to a single address.
The core value of cross-chain liquidity protocols—assets flowing freely between chains—has now become the most vulnerable attack surface.
THORChain's design philosophy is "no bridges, no custody," relying on nodes to operate native cross-chain swaps.
But this vulnerability exposed a structural contradiction: the more complex the cross-chain logic, the more attack vectors there are, while liquidation and stop-loss mechanisms lag behind.
After the protocol paused trading, RUNE's market cap fell below $200 million, and on-chain confidence eroded faster than the funds were lost.
What’s more worth pondering is that this attack occurred after the LayerZero trust crisis.
Several protocols had just migrated to Chainlink CCIP, and the narrative around cross-chain security is undergoing a brutal divergence—markets no longer believe that "one protocol solves all cross-chain problems."
For DeFi, every cross-chain attack reinforces a consensus: liquidity can be cross-chain, but trust cannot.
Users and funds will ultimately concentrate on a few infrastructures that are the most costly to secure but can withstand the most pressure tests.
$btc #eth #zro #link #rune