A hacker attack hit the Haveno transaction protocol open-source upstream project of the Tor-based peer-to-peer multisig DEX RetoSwap on May 21. Haveno’s chief developer woodser reported it at the same time. RetoSwap blocked the attacker’s address and temporarily paused trading by setting the client’s minimum version. PeckShield monitoring confirmed losses of about 7,000 XMR.
Attack technical mechanism: forging an ACK message to hijack the arbitrator address
Haveno’s chief developer woodser has confirmed the specific exploitation method for this vulnerability. When initiating a transaction, the attacker sends a forged, out-of-order ACK message impersonating the arbitrator, causing the Haveno software to update the arbitrator’s node address to the attacker’s own address. This enables the attacker to create a compromised multisig wallet before funds are deposited, thereby taking control of the transaction funds. RetoSwap’s announcement cited woodser as saying the “specific issue has been identified,” and stated that the protocol is still accepting technical analysis.
Current status: response measures are complete, but no compensation plan has been announced
RetoSwap has completed response measures including blocking the attacker’s onion address and pausing all trading through client version restrictions. PeckShield confirmed that the stolen funds were transferred to another wallet address; as of the time of this report, no activity by the attacker using known mixing services to launder money has been detected. RetoSwap said the team is “evaluating various options to help affected traders restore trading,” but as of this report, no official post-incident analysis or user compensation plan has been released. The Haveno protocol is still under analysis, and RetoSwap has not disclosed a specific timeline for service restoration.
FAQ
What is RetoSwap, and what is its relationship with Haveno?
RetoSwap is a Tor-network peer-to-peer multisig DEX decentralized exchange based on Monero (XMR), running on top of the Haveno open-source transaction protocol. This vulnerability is a problem at the Haveno protocol layer; in its announcement, RetoSwap explicitly stated that the RetoSwap team itself was not attacked.
Is the stolen 7,000 XMR possibly recoverable?
The stolen funds have been transferred to another wallet address. As of the time of this report, no activity by the attacker using known mixing services to launder money has been detected. RetoSwap said it is evaluating options to help affected users, but has not yet published a specific compensation plan or a path to recover funds.
Do fiat traders need to take any action?
In its announcement, RetoSwap clearly stated that the loss “seems to be limited to large-scale cryptocurrency transactions,” and fiat traders are not affected. RetoSwap has paused all trading; users should wait for official announcements confirming that the service is restored and secure before taking any action.
