THORChain $10.7 million vulnerability exploited due to GG20 flaw, malicious nodes can reconstruct the full private key. This is not an isolated attack but a structural crack in the cross-chain bridge security model.

GG20 is a multi-party computation (MPC) protocol used to distribute private key control. But the flaw means nodes can collude to recover the complete private key, directly breaking into the vault.
THORChain's architecture—nodes running their own full nodes and holding fragments—amplifies this risk.
Institutional investors are already questioning the risk-reward ratio of DeFi.
Symbiotic's Putiatin recently pointed out that frequent cross-chain bridge attacks and shrinking yields are shaking institutional confidence.
The THORChain vulnerability precisely confirms this: even if the protocol logic is correct, the underlying cryptographic implementation can become Achilles' heel.
Market reaction has been relatively muted, but the structural risk remains.
Cross-chain bridges are still the most vulnerable link in the crypto ecosystem—funds are concentrated, attack surfaces are broad, and recovery costs are high.
The disclosure of the GG20 flaw may accelerate industry migration toward more secure MPC solutions (like GG22) or entirely different trust models.
Counter risk: after details of the vulnerability are made public, other protocols using GG20 face similar attack threats; liquidity may withdraw during the fix, worsening THORChain's slippage and transaction failures.
#defi #ai #区块链 #Crypto Market #CryptoCircle