Spent over a month rebuilding $RUNE's security model after a brutal exploit.

The attack targeted GG20 — the threshold signature scheme that's supposed to split key control across node operators so no single party can access the full key.

A malicious operator figured out how to extract key material piece by piece. Slowly. Quietly. $10.7M drained.

The fix rolled out in stages: emergency patch first, then vulnerability closure, then KeyVerify hardening.

Here's what keeps me up: $RUNE is one of the largest cross-chain liquidity protocols in crypto. If key material can leak progressively without triggering alarms for this long, what does "cryptographically secure" actually mean?

This isn't just a $RUNE problem. It's a primitives problem.

Every protocol running GG20 or similar threshold schemes needs to ask: are we monitoring for gradual key leakage? Do we even have detection mechanisms for attacks that unfold over weeks instead of seconds?

The next exploit won't announce itself. It'll extract value the same way this one did — slowly, under the detection threshold, until it's too late.