THORChain dev exits after failed bid to halt North Korean transactions

A THORChain developer says he’s stepping away from the crypto protocol after a vote to block North Korean hacker-linked transactions was reverted — while another validator has also threatened to call it quits over the saga.

“Effectively immediately, I will no longer be contributing to THORChain,” the crosschain swap protocol’s core developer, only known as “Pluto,” wrote in a Feb. 27 X post.

Pluto said they would remain available “as long as I am needed and to ensure an orderly hand-off of my responsibilities.”

Pluto’s exit comes after THORChain validator “TCB” said on X that they were one of three validators that voted to stop Ether (ETH) trading on the protocol to cut off North Korean hacking collective Lazarus Group.

That vote “was reverted within minutes,” THORSwap developer Oleg Petrov said. “Halting a chain is an operational setting. It requires 3 node votes to be effective. 4 for be reversed,” he explained.

TCB later wrote on X that they’d also exit “if we don’t rapidly adopt a solution to stop NK [North Korean] flows.”

The Lazarus Group has been using THORChain to move some of the $1.5 billion worth of crypto it stole from the crypto exchange Bybit on Feb. 21. Lookonchain posted to X on Feb. 28 that the group has sent $605 million worth of ETH through THORChain.

THORChain’s volumes have rocketed, with the protocol having processed nearly $860 million in swaps on Feb. 26 — its biggest-ever daily volume. The increased volumes continued into Feb. 27, finishing the day at around $705 million.

Meanwhile, the FBI has urged crypto validators and exchanges to cut off the Lazarus Group and confirmed earlier reports that North Korea was behind the record Bybit hack.

“When the huge majority of your flows are stolen funds from North Korea for the biggest money heist in human history, it will become a national security issue, this isn’t a game anymore,” TCB said.

THORChain founder John-Paul Thorbjornsen told Cointelegraph he has no involvement with THORChain but said that none of the sanctioned wallet addresses listed by the FBI and the US Treasury’s Office of Foreign Assets Control “has ever interacted with the protocol.”

“The actor is simply moving funds faster than any screening service can catch. It is unrealistic to expect these blockchains to censor, including THORChain,” he added.

In separate X posts, Thorbjornsen said he has “not been served by any authority, nor aware of any node that has” and that the protocol “does not launder money.” He added Lazarus Group’s ETH to Bitcoin (BTC) swaps typically end up at centralized exchanges “where they are swapped for fiat.”

He told Cointelegraph that THORChain nodes are churned out if they don’t follow the protocol’s rules, which include processing inbound swap transactions.

“If any node no longer feels comfortable participating in the network, they can churn out,” he said. “THORChain can expand or contract as required easily.”

In their post, TCB wrote that THORChair is “not decentralized enough to survive a regulatory attack” as it’s not a blockchain like Bitcoin with a larger validator base.

They added that certain design choices made it complicated to onboard new validators, and as a result, “there isn’t that many actors running things.”

“You can say as many times as you want that a blue car is red, but it won’t make THORChain truly decentralized, censorship-resistant and permissionless,” they added. “It’s a handful of actors running all the infra and a handful of corporate actors providing all the user flows.”

TCB said those corporate actors “ALL already censor transactions on their front ends.”

“It is my understanding that a lot of them will be moving on if THORChain keeps this going,” they said.

Magazine: THORChain founder and his plan to ‘vampire attack’ all of DeFi