RetoSwap Suspends Trading Following Second Exploit in Haveno Protocol

RetoSwap, a leading privacy-focused peer-to-peer decentralized exchange for trading Monero (XMR) against fiat and other cryptocurrencies over Tor, has temporarily suspended all trading after a new security exploit was detected in the underlying Haveno protocol.

The RetoSwap team received the first report around 18:02 UTC (2:02 AM Beijing time) on June 16, 2026. They responded swiftly by raising the minimum client version to 2.0.0, blacklisting the attacker’s onion address (fg2lhfh…2qpad.onion), and halting trading. Trading will remain paused until a full security patch is developed, tested, and released.This is the second major incident involving the Haveno protocol within a short period. In mid-May 2026, attackers exploited a flaw in ACK message handling and arbitrator impersonation during multisig wallet creation, resulting in the theft of approximately $2.7 million (around 7,000 XMR). Losses were mainly limited to large crypto-to-crypto trades, with fiat traders largely unaffected.

The May Haveno exploit occurred during a month that saw elevated losses across the crypto sector. According to industry tracking, crypto projects lost more than $84 million across 41 security incidents in May 2026 alone, highlighting the broader challenges facing protocol security and risk management across decentralized ecosystems.

The latest June exploit targets the dispute resolution and forced arbitration mechanism. According to community updates and Haveno contributors, the attacker (acting as a buyer) took buy offers, forced arbitration, and managed to release XMR after Bitcoin confirmations (around 30 blocks) without sending the corresponding BTC. Notably, this incident appears to involve what looks like legitimate arbitrator addresses in some cases, differing from the May attack vector.

The incident also follows a series of recent protocol-level exploits affecting decentralized finance platforms. Earlier this month, Solv Protocol suffered a $2.7 million loss linked to a smart contract vulnerability in its Bro Vault, underscoring how both application-layer and protocol-layer weaknesses continue to pose significant risks to users.

RetoSwap confirmed that its own infrastructure was not breached. The vulnerability lies entirely within the Haveno protocol. Losses in this new incident appear limited so far, as the team acted quickly to contain it. Haveno lead developer woodser stated:

Advice for Users

• Revoke all open offers immediately
• Check and back up your application data
• Avoid any further trading until the patch is deployed
• Contact support via the official SimpleX group (“chat with admin”) if you have affected trades

RetoSwap is an active implementation/fork of the Haveno protocol, offering fully non-custodial, Tor-based P2P Monero trading with 2-of-3 multisignature escrow. Haveno itself originated as a fork of Bisq, aiming to provide strong privacy and decentralization. However, the repeated issues in message validation, address handling, and arbitration logic have exposed challenges in securing these complex decentralized systems.

The RetoSwap and Haveno teams are working on a verified security patch. Trading is expected to resume only after the update is thoroughly tested and released. The team is also evaluating recovery options for any affected users and plans to release a detailed post-mortem report.This back-to-back incidents highlight the real-world difficulties in building secure peer-to-peer trading protocols, especially for high-value privacy assets like Monero. While the core vision of private, non-custodial trading remains important amid global regulatory pressures, these events emphasize the need for rigorous auditing and rapid community response.We will continue monitoring for official patch releases, loss estimates, and any compensation details from the teams.