A Calculation Vulnerability Led to the Theft of 8,535 ETH from Truebit

marsbitPublished on 2026-01-13Last updated on 2026-01-13

Abstract

On January 8, 2026, the Truebit Protocol was exploited, resulting in a loss of 8,535.36 ETH (approximately $26.44 million). The attack involved a critical integer overflow vulnerability in the token purchase price calculation function. The attacker executed four rounds of transactions by calling functions getPurchasePrice, 0xa0296215, and 0xc471b10b. In the first round, the attacker called getPurchasePrice with a large input value (240442509453545333947284131), which returned 0 due to an arithmetic flaw. Then, they invoked function 0xa0296215 with msg.value = 0, successfully minting a massive amount of TRU tokens. Finally, by calling function 0xc471b10b, they burned the minted tokens and received 5,105.06 ETH. The root cause was an unchecked addition operation (v12 + v9) in the price calculation logic (function 0x1446), which overflowed to a small value, making (v12 + v9) / v6 = 0. The contract used Solidity ^0.6.10 without overflow checks, enabling the exploit. This incident highlights the risks of older DeFi protocols with unpatched vulnerabilities, possibly identified through AI-assisted scanning. Projects are advised to conduct security audits, upgrade contracts, and monitor链上 activity to mitigate such threats.

On January 8, 2026, the Truebit Protocol was hacked, resulting in a loss of 8,535.36 ETH (approximately $26.44 million). The Truebit Protocol officially confirmed the incident in the early hours of the following day. The ExVul security team conducted a detailed analysis of the vulnerability, with the results as follows:

Attack Process

Attacker's address:

0x6c8ec8f14be7c01672d31cfa5f2cefeab2562b50

Attack transaction hash:

0xcd4755645595094a8ab984d0db7e3b4aabde72a5c87c4f176a030629c47fb014

The attacker completed the attack by cyclically calling getPurchasePrice→0xa0296215→0xc471b10b for four rounds. The first cycle is analyzed as an example.

1. The attacker first called the getPurchasePrice(240442509453545333947284131) function, which returned 0.

2. The attacker called the 0xa0296215(c6e3ae8e2cbab1298abaa3) function with msg.value as 0. Finally, 240442509453545333947284131 TRU were successfully minted.

3. The attacker called the 0xc471b10b(c6e3ae8e2cbab1298abaa3) function. Finally, 240442509453545333947284131 TRU were burned, and 5105.06 ETH were obtained.

Attack Logic Analysis

By understanding the above attack process, it is clear that there is an issue with the logic of the getPurchasePrice function and the 0xa0296215 function. The following is an in-depth analysis (since the contract is not open source, the code below is decompiled).

By comparing the common points of the two functions, we can see that the 0x1446 function is used to calculate how much ETH is needed to purchase a specified amount of TRU. Clearly, the logic of the 0x1446 function is flawed, leading to an incorrect ETH calculation. The logic within the 0x1446 function is analyzed in detail below.

Observing the logic in the 0x1446 function, since the final calculation result v13 == 0, the calculation logic mentioned above must be problematic. It is important to note that the 0x18ef function is the same as _SafeMul, so the issue lies in the native addition v12 + v9 (the contract version is ^0.6.10, so there is no overflow check).

v12 and v9 represent:

Based on the above analysis, the attacker's strategy was to input a huge _amountIn to cause v12 + v9 to overflow into a very small value, ultimately resulting in (v12 + v9) / v6 == 0.

Summary

The root cause of the Truebit Protocol attack is a severe integer overflow vulnerability in its token purchase price calculation logic. Since the contract uses Solidity ^0.6.10 and lacks safety checks for critical arithmetic operations, it ultimately led to a significant loss of 8,535.36 ETH. The latest versions of Solidity have already mitigated overflow vulnerabilities. This attack was likely discovered by hackers using AI to automatically scan older DeFi protocols that are already live (including recent attacks on Balancer and yETH). We believe such attacks exploiting AI to target older DeFi protocols will become increasingly common in the near future. Therefore, we recommend that project teams conduct new security audits of their contract code. If vulnerabilities are found, they should upgrade the contract or transfer assets as soon as possible, and implement on-chain monitoring to detect anomalies promptly and minimize losses.

Related Questions

QWhat was the main vulnerability exploited in the Truebit Protocol attack?

AThe main vulnerability was an integer overflow issue in the token purchase price calculation logic, specifically in the `getPurchasePrice` function, which allowed the attacker to manipulate calculations and mint a large number of TRU tokens without paying the required ETH.

QHow much ETH was stolen in the Truebit Protocol attack?

A8,535.36 ETH, which was approximately equivalent to $26.44 million at the time of the attack.

QWhat was the attacker's address involved in the Truebit exploit?

AThe attacker's address was 0x6c8ec8f14be7c01672d31cfa5f2cefeab2562b50.

QWhich Solidity version was the Truebit Protocol contract using, and why was it significant?

AThe contract was using Solidity ^0.6.10, which did not have built-in overflow checks for arithmetic operations. This lack of safety checks allowed the integer overflow vulnerability to be exploited.

QWhat was the key step the attacker took to trigger the integer overflow vulnerability?

AThe attacker input a very large value for `_amountIn` in the `getPurchasePrice` function, causing the calculation `v12 + v9` to overflow and result in a very small value, ultimately making `(v12 + v9) / v6` equal to zero, which allowed minting tokens without cost.

Related Reads

Jensen Huang's CMU Speech: In the AI Era, Don't Just Watch, Build

Jensen Huang, CEO of NVIDIA and a first-generation immigrant, delivered the commencement address to Carnegie Mellon University's class of 2026. He shared his personal journey from a humble background to founding NVIDIA, emphasizing resilience, learning from failure, and the responsibility that comes with leadership. Huang framed the present moment as the dawn of the AI revolution, a shift he believes is more profound than previous computing waves. He described AI as fundamentally resetting computing—moving from human-written software to machines that understand, reason, and use tools. This will create a new industry for generating intelligence and transform every sector. While acknowledging AI's potential to automate tasks and displace some jobs, Huang distinguished between the *tasks* of a job and its core *purpose*. He argued AI will augment human capability, not replace humans. The real risk, he stated, is not AI itself, but people being left behind by those who effectively use AI. He presented AI as a generational opportunity for massive infrastructure investment—in chip factories, data centers, energy grids, and advanced manufacturing—that could re-industrialize nations like the U.S. and bridge the digital divide by making computing and intelligent tools accessible to all. Huang called for a balanced approach: advancing AI safely and responsibly, establishing prudent policies, ensuring broad access, and encouraging universal participation. He urged the graduates not to fear the future but to engage with optimism and ambition, reminding them of CMU's motto, "My heart is in the work." His core message was clear: this is their moment to actively build and shape the AI-powered future, not merely observe it.

marsbit22m ago

Jensen Huang's CMU Speech: In the AI Era, Don't Just Watch, Build

marsbit22m ago

The Era Has Arrived Where Human Writers Must Prove They Are Not Machines

The article describes an era where AI-generated content is flooding the market, forcing human authors to prove they are not machines. It begins with the example of dozens of AI-written, error-ridden biographies of Henry Kissinger appearing on Amazon within hours of his death, a pattern repeated for other deceased celebrities and even living experts who find fraudulent books under their names. This spam content has exploded, with monthly new book releases on platforms like Amazon reaching 300,000 by late 2025. The issue spans genres, from suspiciously high proportions of AI-written teen romance and self-help books to dangerous, AI-generated foraging guides containing lethal advice. The platforms' automated review systems, designed to catch plagiarism and banned words, are ill-equipped to detect AI-generated text that avoids these pitfalls while being nonsensical or fraudulent. The problem has infiltrated traditional publishing. A major publisher, Hachette, had to recall a bestselling horror novel after AI detection tools suggested 78% of its content was machine-generated. An acclaimed European philosophy book was later revealed to be entirely written by AI under a fake author persona. In response, authors are fighting back. At the 2026 London Book Fair, 10,000 writers published a blank book titled "Don't Steal This Book" containing only their signatures—using emptiness as a protest weapon in an age of AI overproduction. Initiatives like the "Human Author Certification" program have emerged, ironically placing the burden on humans to prove their work is not machine-made. The article warns of a vicious cycle: AI-generated low-quality books pollute the data used to train future AI models, leading to "model collapse" and an ever-worsening flood of digital waste, eroding trust in publishing and devaluing human creativity.

marsbit47m ago

The Era Has Arrived Where Human Writers Must Prove They Are Not Machines

marsbit47m ago

Strategy CEO Highlights Scenarios Where Company Would Sell Bitcoin — Report

Strategy CEO Phong Le outlined potential scenarios for the company to sell portions of its massive Bitcoin holdings, a departure from its "Never Sell" philosophy. In a CNBC interview, Le stated sales could occur to finance dividend payments for its Perpetual Preferred Stock if doing so increases shareholder value, defined as a rise in "Bitcoin per share." He emphasized a data-driven approach, prioritizing math over ideology. Other reasons include when the company's book value is below market value or to capture tax benefits. As the largest corporate holder with 818,334 BTC (~$65 billion), Strategy has significant annual dividend obligations (~$1.5 billion). Le believes the Bitcoin market's high liquidity (~$60B daily volume) can absorb such sales without major price impact. Bitcoin currently trades around $80,840.

bitcoinist59m ago

Strategy CEO Highlights Scenarios Where Company Would Sell Bitcoin — Report

bitcoinist59m ago

Crypto Funds See Six Consecutive Weeks of Net Inflows, CLARITY Act Drives $858 Million Influx

Global cryptocurrency investment products recorded a net inflow of $857.9 million last week, marking the sixth consecutive week of positive flows and the largest single-week inflow since April 24, according to CoinShares' latest report. The primary catalyst was legislative progress on the U.S. CLARITY Act, specifically the final compromise text for stablecoin yield provisions, alongside Bitcoin's price breaking above $80,000. U.S.-listed products dominated with $776.6 million in inflows, a significant jump from the prior week's $47.5 million. European markets also saw increased participation. Bitcoin products led with $706.1 million in inflows, while short-Bitcoin products experienced their largest weekly outflow of 2026, indicating unwinding bearish positions. Major altcoins like Ethereum, Solana, and XRP all saw renewed positive flows, with Ethereum reversing its prior week's outflow to attract $77.1 million. Total assets under management (AUM) climbed to $160 billion.

marsbit1h ago

Crypto Funds See Six Consecutive Weeks of Net Inflows, CLARITY Act Drives $858 Million Influx

marsbit1h ago

Silicon Valley Wang Chuan: How Can You Not Feel Anxious When the Neighbor Lao Wang Earned 30x by Investing in Storage Stocks?

The author explores anxiety, attributing it to the amygdala's stress response, and suggests writing down worries to shift control to the rational prefrontal cortex, easing anxiety more effectively than mere reassurance. The piece then examines a source of financial anxiety in May 2026: a 150% surge in the Philadelphia Semiconductor Index, with storage stock SNDK skyrocketing 38x. The author analyzes the underlying logic behind this boom, tracing it to soaring valuations of AI startups like Anthropic (Anth). Anth's reported $400 billion ARR is scrutinized, revealing that cumulative revenue since founding is only about $108 billion, with the company still losing billions monthly and relying on continuous funding (having raised $723 billion). The author contrasts Anth's $1+ trillion valuation speculation with Berkshire Hathaway's fundamentals ($3.7 trillion revenue, $669 billion profit, $4 trillion cash, $1 trillion market cap), questioning the belief that a loss-making, funding-dependent startup could be worth more than the established giant. The narrative concludes by linking the massive valuations of Anth and OpenAI to a surge in AI industry capital expenditure (capex), which in turn fueled the storage sector's prosperity, setting the stage for a further discussion.

marsbit1h ago

Silicon Valley Wang Chuan: How Can You Not Feel Anxious When the Neighbor Lao Wang Earned 30x by Investing in Storage Stocks?

marsbit1h ago

Trading

Spot
Futures

Hot Articles

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of ETH (ETH) are presented below.

活动图片

Top Questions