{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreicucpnhgh4d7kryr3qskbcofan7dsoi5g5hrvzm4bjh62qg2pbk44",
    "uri": "at://did:plc:ksjdyw4zgezdksenp5radtno/app.bsky.feed.post/3mmf55a4park2"
  },
  "path": "/post/7939238",
  "publishedAt": "2026-05-21T07:36:44.000Z",
  "site": "https://monero.town",
  "tags": [
    "Haveno",
    "hetzlemmingsworld",
    "1 comments",
    "github.com/haveno-dex/haveno/pull/2315",
    "reddit.com/…/psa_haveno_tradeprotocol_exploit/",
    "www.reddit.com/r/…/retoswap_haveno_exploit/"
  ],
  "textContent": "submitted by hetzlemmingsworld to haveno\n2 points | 1 comments\n\n> A live instance of the Haveno software (RetoSwap) is effected. Details of the exploit from Haveno dev woodser are as follows: \"when the attacker took a trade, they sent a fake, out-of-order ACK message impersonating the arbitrator, causing the software to update the arbitrator’s node address to their own, allowing them to create a compromised multisig wallet before funds were deposited. preventing this is straight forward, by checking that the multisig wallet is already created before updating the arbitrator’s address: github.com/haveno-dex/haveno/pull/2315\".\n>\n> It’s not yet clear exactly how much Monero has been stolen. Haveno network operators are strongly advised to halt trading which RetoSwap has done.\n\nreddit.com/…/psa_haveno_tradeprotocol_exploit/\n\nwww.reddit.com/r/…/retoswap_haveno_exploit/",
  "title": "Haveno had serious exploit allowing XMR theft"
}