THORChain has found itself at the center of a heated debate after processing nearly three-quarters of the stolen $1.4 billion from the Bybit hack. The decentralized exchange could have intervened but chose not to, sparking concerns about the balance between cypherpunk ideals and financial responsibility.
A Vote to Stop It—And a Vote to Reverse It
When it became evident that North Korean hackers, linked to the notorious Lazarus Group, were converting stolen ether into bitcoin via THORChain, an emergency vote was called to halt ETH-to-BTC swaps. The measure passed—briefly. Just as quickly, it was overturned by another set of voters, allowing the laundering to continue.
The decision—or lack of one—raised eyebrows across the industry. While THORChain’s defenders pointed to its commitment to decentralization, critics saw something else: a protocol that could freeze assets when it suited them but refused to act against stolen funds.
One stark number stood out. Bybit CEO Ben Zhou noted that 72% of the stolen funds were laundered through THORChain, making it the primary route for hackers to clean their illicit gains. Meanwhile, THORChain itself earned $5.5 million in fees from the activity, according to data from THORChain Explorer.
THORChain’s Response Boosted Its Token—Temporarily
For THORChain’s RUNE token, the controversy was initially a financial boon. It climbed 34% to $1.63 on Feb. 27, up from $1.21 when the hack occurred. But that momentum faded quickly. RUNE now sits back at $1.21, a far cry from its December peak above $7.50 or its 2024 high above $10.
The mixed reaction within THORChain’s own community was telling. Some viewed the surge in trading volume as a victory, including an X user named Diplo, who posted, “It’s all coming from Lazarus hackers. But who really cares, it’s a win for tc.”
That sentiment wasn’t universally shared. On Feb. 27, THORChain developer Pluto announced he was leaving the project, citing ethical concerns. Others, including Unchained Podcast’s Laura Shin, warned that THORChain’s actions—or inaction—might draw the scrutiny of regulators.
Can THORChain Freeze Funds? The Answer Isn’t So Simple
One argument in THORChain’s defense is that it operates like any other blockchain network. Erik Voorhees, founder of Venice AI, pointed out that Ethereum nodes and Bitcoin miners also processed the hackers’ transactions. “That’s how crypto works,” he said, arguing that enforcement should focus on catching criminals rather than blaming protocols.
But that logic has limits. Unlike a truly decentralized protocol like Tornado Cash—whose DAO governance structure prevents anyone from shutting it down—THORChain has demonstrated the ability to intervene when it wants to.
- In January, THORChain froze withdrawals from its lending and savings program after a $200 million insolvency, trapping nearly $100 million in user funds.
- The decision was compared to a “bankruptcy freeze” by Haseeb Qureshi of Dragonfly Capital, who questioned whether this was “the first on-chain restructuring.”
This contradiction wasn’t lost on critics. MetaMask developer Taylor Monahan didn’t mince words, calling THORChain a “horrific cult” and condemning its failure to freeze stolen funds while freezing user withdrawals.
A Growing Divide in DeFi’s Ethics
The THORChain controversy echoes past debates in the crypto industry. The collapse of Tornado Cash, which was sanctioned by the U.S. Treasury and led to the arrest of its developer, set a precedent. While THORChain hasn’t faced legal action, its choices have put it in the same ethical crosshairs.
Joe Flanagan, co-founder of DeFi lender Maple Finance, framed the issue as a challenge for the entire space. “No one expects these networks to act like banks with compliance teams, but ignoring the problem entirely isn’t a solution either,” he said.
The tension boils down to whether DeFi platforms should intervene when their infrastructure is exploited for crime. Some argue that doing so undermines the principles of decentralization. Others warn that failing to act will invite harsher regulations and erode public trust.
ParaSwap Faces a Similar Dilemma—But Takes a Different Approach
THORChain wasn’t the only DeFi protocol caught in the crossfire. Decentralized exchange aggregator ParaSwap found itself in a related controversy when Bybit requested the return of $100,000 in fees earned from transactions involving stolen funds.
The ParaSwap DAO debated three options:
- Return the funds as a goodwill gesture.
- Keep the funds and uphold the principles of decentralization.
- Offer a bounty as a middle ground.
One DAO participant, Citizen42, acknowledged the ethical gray area. “The cypherpunk within says we shouldn’t,” they wrote. “But the other half says we should help.”
Unlike THORChain, ParaSwap appeared willing to find a compromise, with some members advocating for a designated wallet to hold the funds while awaiting legal guidance.
The Search for a Third Option
THORChain’s handling of the Bybit hack has underscored a growing challenge for DeFi. How can decentralized platforms deter criminal use without becoming centralized gatekeepers?
Peter Nguyen, CMO of Autonomys Network, suggested that the industry focus on “smart contract-based circuit breakers, on-chain monitoring, and community-led governance mechanisms.” The goal, he said, should be to create deterrents that don’t compromise decentralization.
For now, the debate rages on. THORChain may have upheld its cypherpunk ideals, but in doing so, it may have alienated some of its own supporters—and put itself in regulators’ sights.
