ADR028 has passed. The $10.7 million loss protocol was borne by ourselves—so whose responsibility is it for the GG20 vulnerability? After the node upgrade, get into Stagenet testing as soon as possible—playing it safe is definitely the right move, but the plot where attackers can still return some of the stolen funds is rather interesting.

Thorchain has approved ADR028, and RUNE holders are eagerly awaiting a network restart. For secure restoration, the team emphasizes steady, prudent progress—avoiding rushing or cutting corners. The incident resulted in losses of approximately USD 10.7 million: one new node operator exploited a GG20 threshold signature vulnerability two days ago to drain the affected vault, while the other four vaults were not impacted. The nodes have been upgraded to v3.18.1. The next step is to test v3.19.0 and transition to Stagenet the following day. After ADR028 is approved, recovery will move into the next phase. The attacker may have an opportunity to return part of the stolen funds, and the remaining losses will be covered by the protocol’s own liquidity. Final data will be released later.