A Calculation Vulnerability Led to the Theft of 8,535 ETH from Truebit

marsbitPublished on 2026-01-13Last updated on 2026-01-13

Abstract

On January 8, 2026, the Truebit Protocol was exploited, resulting in a loss of 8,535.36 ETH (approximately $26.44 million). The attack involved a critical integer overflow vulnerability in the token purchase price calculation function. The attacker executed four rounds of transactions by calling functions getPurchasePrice, 0xa0296215, and 0xc471b10b. In the first round, the attacker called getPurchasePrice with a large input value (240442509453545333947284131), which returned 0 due to an arithmetic flaw. Then, they invoked function 0xa0296215 with msg.value = 0, successfully minting a massive amount of TRU tokens. Finally, by calling function 0xc471b10b, they burned the minted tokens and received 5,105.06 ETH. The root cause was an unchecked addition operation (v12 + v9) in the price calculation logic (function 0x1446), which overflowed to a small value, making (v12 + v9) / v6 = 0. The contract used Solidity ^0.6.10 without overflow checks, enabling the exploit. This incident highlights the risks of older DeFi protocols with unpatched vulnerabilities, possibly identified through AI-assisted scanning. Projects are advised to conduct security audits, upgrade contracts, and monitor链上 activity to mitigate such threats.

On January 8, 2026, the Truebit Protocol was hacked, resulting in a loss of 8,535.36 ETH (approximately $26.44 million). The Truebit Protocol officially confirmed the incident in the early hours of the following day. The ExVul security team conducted a detailed analysis of the vulnerability, with the results as follows:

Attack Process

Attacker's address:

0x6c8ec8f14be7c01672d31cfa5f2cefeab2562b50

Attack transaction hash:

0xcd4755645595094a8ab984d0db7e3b4aabde72a5c87c4f176a030629c47fb014

The attacker completed the attack by cyclically calling getPurchasePrice→0xa0296215→0xc471b10b for four rounds. The first cycle is analyzed as an example.

1. The attacker first called the getPurchasePrice(240442509453545333947284131) function, which returned 0.

2. The attacker called the 0xa0296215(c6e3ae8e2cbab1298abaa3) function with msg.value as 0. Finally, 240442509453545333947284131 TRU were successfully minted.

3. The attacker called the 0xc471b10b(c6e3ae8e2cbab1298abaa3) function. Finally, 240442509453545333947284131 TRU were burned, and 5105.06 ETH were obtained.

Attack Logic Analysis

By understanding the above attack process, it is clear that there is an issue with the logic of the getPurchasePrice function and the 0xa0296215 function. The following is an in-depth analysis (since the contract is not open source, the code below is decompiled).

By comparing the common points of the two functions, we can see that the 0x1446 function is used to calculate how much ETH is needed to purchase a specified amount of TRU. Clearly, the logic of the 0x1446 function is flawed, leading to an incorrect ETH calculation. The logic within the 0x1446 function is analyzed in detail below.

Observing the logic in the 0x1446 function, since the final calculation result v13 == 0, the calculation logic mentioned above must be problematic. It is important to note that the 0x18ef function is the same as _SafeMul, so the issue lies in the native addition v12 + v9 (the contract version is ^0.6.10, so there is no overflow check).

v12 and v9 represent:

Based on the above analysis, the attacker's strategy was to input a huge _amountIn to cause v12 + v9 to overflow into a very small value, ultimately resulting in (v12 + v9) / v6 == 0.

Summary

The root cause of the Truebit Protocol attack is a severe integer overflow vulnerability in its token purchase price calculation logic. Since the contract uses Solidity ^0.6.10 and lacks safety checks for critical arithmetic operations, it ultimately led to a significant loss of 8,535.36 ETH. The latest versions of Solidity have already mitigated overflow vulnerabilities. This attack was likely discovered by hackers using AI to automatically scan older DeFi protocols that are already live (including recent attacks on Balancer and yETH). We believe such attacks exploiting AI to target older DeFi protocols will become increasingly common in the near future. Therefore, we recommend that project teams conduct new security audits of their contract code. If vulnerabilities are found, they should upgrade the contract or transfer assets as soon as possible, and implement on-chain monitoring to detect anomalies promptly and minimize losses.

Related Questions

QWhat was the main vulnerability exploited in the Truebit Protocol attack?

AThe main vulnerability was an integer overflow issue in the token purchase price calculation logic, specifically in the `getPurchasePrice` function, which allowed the attacker to manipulate calculations and mint a large number of TRU tokens without paying the required ETH.

QHow much ETH was stolen in the Truebit Protocol attack?

A8,535.36 ETH, which was approximately equivalent to $26.44 million at the time of the attack.

QWhat was the attacker's address involved in the Truebit exploit?

AThe attacker's address was 0x6c8ec8f14be7c01672d31cfa5f2cefeab2562b50.

QWhich Solidity version was the Truebit Protocol contract using, and why was it significant?

AThe contract was using Solidity ^0.6.10, which did not have built-in overflow checks for arithmetic operations. This lack of safety checks allowed the integer overflow vulnerability to be exploited.

QWhat was the key step the attacker took to trigger the integer overflow vulnerability?

AThe attacker input a very large value for `_amountIn` in the `getPurchasePrice` function, causing the calculation `v12 + v9` to overflow and result in a very small value, ultimately making `(v12 + v9) / v6` equal to zero, which allowed minting tokens without cost.

Related Reads

Bitmine Continues Aggressive Ethereum Accumulation as Others Scale Back

Bitmine, an Ethereum treasury, accumulated 126,971 ETH last week, reinforcing its aggressive accumulation strategy amid a broader market downturn. Its holdings now total $9.6 billion in assets, including 5.54 million ETH—representing 4.59% of the total supply—203 Bitcoin, stakes in Beast Industries and Eightco Holdings, and cash. The company has staked approximately 4.72 million ETH, generating significant yields and potential annual income of around $230 million. Chairman Thomas 'Tom' Lee views the market decline as the beginning of a "crypto spring," driven by anticipated rising demand for decentralized networks like Ethereum from advancing AI systems. Unlike many other treasury firms that have halted or reversed accumulation, Bitmine continues to acquire. It recently announced plans to raise capital via a public stock offering, with proceeds potentially used for further ETH purchases, ecosystem investments, and infrastructure expansion. Bitmine now holds the world's second-largest corporate crypto treasury and the largest dedicated Ethereum treasury.

TheNewsCrypto36m ago

Bitmine Continues Aggressive Ethereum Accumulation as Others Scale Back

TheNewsCrypto36m ago

Apple's Desired On-Device AI Sees a Dark Horse Emerge: The First Cognitive Model is Born, 4B Matches GPT-5.4

A Chinese company, Tomorrow's Journey (Nextie), has introduced what it is calling the industry's first "cognitive model" for edge devices. Named New Journey Alpha, this 4-billion-parameter model reportedly matches the performance of trillion-parameter giants like GPT-5.4 in group intelligence tasks such as debate and collective decision-making. The development follows Andrej Karpathy's vision of stripping vast factual knowledge from large language models to retain only a smaller "cognitive core" capable of reasoning, planning, and knowing its own limits. This approach directly addresses the soaring computational costs and token expenses hindering AI's widespread deployment, as highlighted by incidents like Amazon shutting down an internal AI tool due to prohibitive costs. Trained via reinforcement learning on a corpus of academic papers from 1800-2020 to enhance generalization, the model enables three key advancements: 1) Improved decision quality in multi-agent systems, 2) Drastically reduced compute costs, allowing for cost-effective cloud or on-device (e.g., MacBook) deployment, and 3) The feasibility of "proactive" AI agents that act autonomously without user prompts, unlocking new commercial possibilities beyond today's reactive models. Built by the former Microsoft Xiaoice team—known for creating a 3.6B model that outperformed a 65B Llama model—the company is now focusing on the multi-agent systems sector, a field gaining significant investor interest. The model's economic impact is profound; by achieving high-level performance with minimal parameters, it fundamentally alters the cost structure of AI services, challenging the prevailing model of ever-larger parameter counts.

marsbit2h ago

Apple's Desired On-Device AI Sees a Dark Horse Emerge: The First Cognitive Model is Born, 4B Matches GPT-5.4

marsbit2h ago

Hoskinson Claims Cardano Can Surpass Bitcoin By Solving Crypto’s Trust Problem

In a June 8 livestream, Cardano founder Charles Hoskinson presented an ambitious long-term vision for the network, framing its mission as solving the global "trust problem" rather than merely competing for crypto market share. He argued that the cryptocurrency industry's core purpose is to reduce the massive annual costs associated with trusted third parties in finance and commerce through "verifiable reflexivity"—where transactions carry their own proof of correctness. Hoskinson outlined four key requirements for this goal: a decentralized engine (via Ouroboros), the right accounting model (extended UTXO), modular expansion (exemplified by partner chains like Midnight), and robust decentralized governance. He emphasized that Cardano's design aims to avoid dependency on intermediaries for reconciliation and scale for specialized applications through technologies like Hydra. While governance structures are still developing, Hoskinson claimed that if Cardano succeeds in building this trust infrastructure, ADA could become the "currency of global trust" and has the potential to eventually surpass Bitcoin. He stressed that for Cardano to reach its next level, it must prove it is a self-healing system capable of surviving even a loss of confidence in its founder.

bitcoinist2h ago

Hoskinson Claims Cardano Can Surpass Bitcoin By Solving Crypto’s Trust Problem

bitcoinist2h ago

OpenAI's 'Blueprint for the Future': Making AI Beneficial for Every Person on the Planet

A new transformative technology emerges every few generations. OpenAI draws a parallel with the advent of electricity in the 1920s, which initially brought convenience but ultimately enabled unprecedented progress in medicine, engineering, and living standards by empowering people to create new possibilities. AI is poised to recreate this phenomenon. Its true significance lies not in the technology itself, but in what people can achieve with it—from understanding a medical bill or starting a business to aiding scientific discovery. OpenAI believes AI should be universally accessible, allowing everyone to use it according to their own needs. This future, however, is not guaranteed. While transformative tech can centralize power, OpenAI's philosophy is that AI must serve humanity, augmenting human capabilities and broadly distributing its benefits. The company's first commitment is to build AI for human service, aiming to empower the many rather than concentrate power in a few. Safety, alignment with human intent, and oversight are paramount. OpenAI is optimistic about AI's potential to expand human welfare but remains clear-eyed about risks. The goal is to help people achieve more, not to replace them. Full automation is not the desired future; human judgment, values, and direction will become even more critical. OpenAI outlines three core goals: 1. Build automated AI researchers to accelerate and increasingly automate the research process itself, maintaining close human collaboration. The internal projection is that by March 2028, a significant portion of their research will be conducted by AI systems working alongside human researchers. 2. Accelerate economic development by advancing science, boosting productivity, and fostering growth, while ensuring the fruits are widely shared. 3. Provide a personal AGI for everyone on Earth, allowing individuals to benefit from this transformative technology in their own way. The company is entering its third phase, moving from foundational AGI research (Phase 1) to product deployment and learning from real-world use (Phase 2). The current challenge is making advanced AI abundant, affordable, safe, practical, and usable for all individuals and organizations. OpenAI concludes that a widely distributed power structure leads to a more resilient, adaptable, and free society. A positive AI future should not be controlled by a handful of entities but built, benefited from, and owned by many. If realized correctly, AI can become a cornerstone for enhancing global productivity, creativity, scientific advancement, and economic opportunity, fulfilling the mission to ensure AGI benefits all of humanity.

marsbit2h ago

OpenAI's 'Blueprint for the Future': Making AI Beneficial for Every Person on the Planet

marsbit2h ago

Arthur Hayes' New Article: AI Bubble Nears Bursting, Crypto Market Faces Short-Term Pressure

In a new essay, Arthur Hayes argues that the AI market bubble is approaching a rupture, which will place significant short-term pressure on crypto assets. He identifies rising oil prices, a trio of massive tech IPOs (SpaceX, Anthropic, OpenAI), and potential anti-AI political rhetoric from Trump as the three key catalysts for a correction. Hayes posits that the prolonged blockage of the Strait of Hormuz will drive energy prices higher, increasing operational costs for data centers and squeezing AI company profits. Simultaneously, the market may struggle to absorb the upcoming wave of multi-trillion dollar tech IPOs. Furthermore, with high inflation hurting his election chances, Trump could pivot to attacking the AI sector with proposals for heavy taxation and regulation to win over voters, spooking the market. Hayes notes that nearly all new dollar liquidity since 2022 has flowed into the AI sector, leaving little for Bitcoin, explaining its recent underperformance. He believes an AI stock crash would trigger a broad risk-off sentiment and credit contraction, dragging down crypto in the near term. Consequently, his fund, Maelstrom, has sold all AI-related stocks and non-core cryptocurrencies, retaining only Bitcoin and Ethereum while building positions in traditional energy stocks. He anticipates Bitcoin will bottom and resume its bull run only after the AI bubble pops and a new monetary easing cycle begins.

marsbit3h ago

Arthur Hayes' New Article: AI Bubble Nears Bursting, Crypto Market Faces Short-Term Pressure

marsbit3h ago

Trading

Spot
Futures

Hot Articles

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of ETH (ETH) are presented below.

活动图片

Top Questions