A Calculation Vulnerability Led to the Theft of 8,535 ETH from Truebit

marsbitPublished on 2026-01-13Last updated on 2026-01-13

Abstract

On January 8, 2026, the Truebit Protocol was exploited, resulting in a loss of 8,535.36 ETH (approximately $26.44 million). The attack involved a critical integer overflow vulnerability in the token purchase price calculation function. The attacker executed four rounds of transactions by calling functions getPurchasePrice, 0xa0296215, and 0xc471b10b. In the first round, the attacker called getPurchasePrice with a large input value (240442509453545333947284131), which returned 0 due to an arithmetic flaw. Then, they invoked function 0xa0296215 with msg.value = 0, successfully minting a massive amount of TRU tokens. Finally, by calling function 0xc471b10b, they burned the minted tokens and received 5,105.06 ETH. The root cause was an unchecked addition operation (v12 + v9) in the price calculation logic (function 0x1446), which overflowed to a small value, making (v12 + v9) / v6 = 0. The contract used Solidity ^0.6.10 without overflow checks, enabling the exploit. This incident highlights the risks of older DeFi protocols with unpatched vulnerabilities, possibly identified through AI-assisted scanning. Projects are advised to conduct security audits, upgrade contracts, and monitor链上 activity to mitigate such threats.

On January 8, 2026, the Truebit Protocol was hacked, resulting in a loss of 8,535.36 ETH (approximately $26.44 million). The Truebit Protocol officially confirmed the incident in the early hours of the following day. The ExVul security team conducted a detailed analysis of the vulnerability, with the results as follows:

Attack Process

Attacker's address:

0x6c8ec8f14be7c01672d31cfa5f2cefeab2562b50

Attack transaction hash:

0xcd4755645595094a8ab984d0db7e3b4aabde72a5c87c4f176a030629c47fb014

The attacker completed the attack by cyclically calling getPurchasePrice→0xa0296215→0xc471b10b for four rounds. The first cycle is analyzed as an example.

1. The attacker first called the getPurchasePrice(240442509453545333947284131) function, which returned 0.

2. The attacker called the 0xa0296215(c6e3ae8e2cbab1298abaa3) function with msg.value as 0. Finally, 240442509453545333947284131 TRU were successfully minted.

3. The attacker called the 0xc471b10b(c6e3ae8e2cbab1298abaa3) function. Finally, 240442509453545333947284131 TRU were burned, and 5105.06 ETH were obtained.

Attack Logic Analysis

By understanding the above attack process, it is clear that there is an issue with the logic of the getPurchasePrice function and the 0xa0296215 function. The following is an in-depth analysis (since the contract is not open source, the code below is decompiled).

By comparing the common points of the two functions, we can see that the 0x1446 function is used to calculate how much ETH is needed to purchase a specified amount of TRU. Clearly, the logic of the 0x1446 function is flawed, leading to an incorrect ETH calculation. The logic within the 0x1446 function is analyzed in detail below.

Observing the logic in the 0x1446 function, since the final calculation result v13 == 0, the calculation logic mentioned above must be problematic. It is important to note that the 0x18ef function is the same as _SafeMul, so the issue lies in the native addition v12 + v9 (the contract version is ^0.6.10, so there is no overflow check).

v12 and v9 represent:

Based on the above analysis, the attacker's strategy was to input a huge _amountIn to cause v12 + v9 to overflow into a very small value, ultimately resulting in (v12 + v9) / v6 == 0.

Summary

The root cause of the Truebit Protocol attack is a severe integer overflow vulnerability in its token purchase price calculation logic. Since the contract uses Solidity ^0.6.10 and lacks safety checks for critical arithmetic operations, it ultimately led to a significant loss of 8,535.36 ETH. The latest versions of Solidity have already mitigated overflow vulnerabilities. This attack was likely discovered by hackers using AI to automatically scan older DeFi protocols that are already live (including recent attacks on Balancer and yETH). We believe such attacks exploiting AI to target older DeFi protocols will become increasingly common in the near future. Therefore, we recommend that project teams conduct new security audits of their contract code. If vulnerabilities are found, they should upgrade the contract or transfer assets as soon as possible, and implement on-chain monitoring to detect anomalies promptly and minimize losses.

Related Questions

QWhat was the main vulnerability exploited in the Truebit Protocol attack?

AThe main vulnerability was an integer overflow issue in the token purchase price calculation logic, specifically in the `getPurchasePrice` function, which allowed the attacker to manipulate calculations and mint a large number of TRU tokens without paying the required ETH.

QHow much ETH was stolen in the Truebit Protocol attack?

A8,535.36 ETH, which was approximately equivalent to $26.44 million at the time of the attack.

QWhat was the attacker's address involved in the Truebit exploit?

AThe attacker's address was 0x6c8ec8f14be7c01672d31cfa5f2cefeab2562b50.

QWhich Solidity version was the Truebit Protocol contract using, and why was it significant?

AThe contract was using Solidity ^0.6.10, which did not have built-in overflow checks for arithmetic operations. This lack of safety checks allowed the integer overflow vulnerability to be exploited.

QWhat was the key step the attacker took to trigger the integer overflow vulnerability?

AThe attacker input a very large value for `_amountIn` in the `getPurchasePrice` function, causing the calculation `v12 + v9` to overflow and result in a very small value, ultimately making `(v12 + v9) / v6` equal to zero, which allowed minting tokens without cost.

Related Reads

Hoskinson Denies Cardano Exit Rumors: ‘I’m Not Leaving’

Cardano founder Charles Hoskinson dismissed rumors of his departure, clarifying in a June 4 livestream that he is only stepping back from public communication, not resigning from the project. This followed community concern after his "taking a break" post on X. Hoskinson cited an unsustainable level of online toxicity, with nearly one-third of replies to his posts being hostile or abusive, making meaningful engagement nearly impossible. While acknowledging X's role in crypto information flow, he stated the psychological cost is too high. He emphasized his focus remains on technological development like RealFi, Midnight, and research, not on ADA's price. Hoskinson described a "tale of two Cardanos": significant protocol advancements versus poor market performance leading critics to label it a failure. He called for the community to resolve this dissonance by moving discussions away from X, rethinking incentives, and developing a new shared roadmap. He was critical of the Cardano Foundation's lack of accountability. Hoskinson announced he will take time away from public videos and social media to reflect, but will continue working on Midnight. He stated he will only engage in channels where he is treated with respect and dignity.

bitcoinist48m ago

Hoskinson Denies Cardano Exit Rumors: ‘I’m Not Leaving’

bitcoinist48m ago

There’s An FOMC Meeting Scheduled This Month, But Will The Fed Decision Affect Bitcoin?

The Federal Open Market Committee (FOMC) is scheduled to meet on June 16-17, with markets widely expecting the Fed to maintain interest rates at their current level of 3.5-3.75%. According to the CME FedWatch Tool, there is a 99.4% probability of rates remaining unchanged. The outcome of this meeting is anticipated to impact Bitcoin's price. If rates are held steady, Bitcoin's current market trajectory is likely to continue unchanged. Conversely, an unexpected rate hike could trigger bearish sentiment by reducing investor risk appetite and market liquidity, potentially leading to sell-offs. A rate cut, though currently considered improbable, would be the most bullish scenario, encouraging investment in risk assets like Bitcoin and potentially driving its price higher.

bitcoinist2h ago

There’s An FOMC Meeting Scheduled This Month, But Will The Fed Decision Affect Bitcoin?

bitcoinist2h ago

Anthropic's IPO Launch: Commercial Miracle or Valuation Bubble?

Anthropic has confidentially filed for an IPO, led by Morgan Stanley and Goldman Sachs, potentially going public by October. Following its latest $650 billion funding round, its pre-IPO valuation stands at $965 billion, with projections reaching up to $2 trillion at listing, which would make it the highest-valued private company ever. The article, written by Fu Sheng, addresses skepticism that this represents an AI bubble akin to the 2000 dot-com crash. It argues the current situation differs fundamentally. Unlike the internet bubble era, which relied on speculative narratives with little revenue, Anthropic's valuation is backed by unprecedented, measurable financial performance. Key data points include: * **Revenue Growth:** ARR skyrocketed from $10 billion in early 2025 to $470 billion by May 2026, targeting $100 billion by year-end—a growth curve unmatched in business history. * **Profitability:** It achieved operating profitability in Q2 2026 with an estimated $5.6 billion profit. * **Efficiency:** With ~3,000 employees and ~$470 billion ARR, its revenue per employee exceeds $10 million. Products like Claude Code, launched less than a year ago, already generate $25 billion in annualized revenue. * **Enterprise Adoption:** It boasts a strong enterprise client base, with 8 of the Fortune 10 and over 1,000 large firms spending over $1 million annually on Claude. The valuation is framed using a traditional SaaS model (e.g., a 10x Price-to-Sales multiple on $100 billion revenue). The author contends the core question for analysts has shifted from "How big could this be?" to "How much is it earning and will earn next quarter?" The discussion extends beyond Anthropic to a broader paradigm shift: the transition from a "carbon-based" to a "silicon-based" economy. Companies are increasingly prioritizing investment in compute and AI capabilities over human resources, as these directly scale productivity and competitive advantage. Anthropic's IPO is thus positioned not just as a corporate milestone, but as a price anchor for this new economic era.

链捕手2h ago

Anthropic's IPO Launch: Commercial Miracle or Valuation Bubble?

链捕手2h ago

US Senators Press Bank Regulators For ‘Fair’ Crypto Capital Rules

A group of U.S. Senate Republicans, led by Senator Cynthia Lummis, is urging federal bank regulators to establish clear and fair capital rules for banks involved with crypto assets. In a letter to the Federal Reserve, FDIC, and OCC, the lawmakers criticized the international Basel Committee's standards, which impose a punitive 1,250% risk weight on crypto assets, calling it a de facto ban not based on actual risk. They applauded recent interagency guidance that granted tokenized securities the same capital treatment as traditional ones, arguing this risk-based principle should apply consistently to all digital assets. The senators called on the agencies to develop a new capital framework, aligning with recent legislative progress on crypto market structure. Their push coincides with testimonies from top regulators, who emphasized a shift toward more risk-based supervision and responsible innovation, while also addressing stablecoin oversight under new proposals.

bitcoinist2h ago

US Senators Press Bank Regulators For ‘Fair’ Crypto Capital Rules

bitcoinist2h ago

Near Returns to the AI Stage: Transformation into a Public Chain Due to 'Payroll Difficulties,' Agent and Privacy Emerge as New Growth Narratives

NEAR Returns to AI Origins: From Payroll Struggles to Blockchain, Now Focusing on AI Agents and Privacy NEAR Protocol's journey began not with grand blockchain ambitions, but from a practical hurdle: its AI startup founders, including Transformer paper co-author Illia Polosukhin, couldn't efficiently pay international developers in 2017. This led them to pivot and build a high-performance, scalable blockchain. After years navigating various crypto narratives like sharding and cross-chain interoperability, NEAR is now leveraging its AI roots to re-enter the AI arena. A key driver is its "NEAR Intents" layer, which abstracts complex cross-chain transactions. Users simply state their goal (e.g., swap BTC for ETH), and a solver network finds the optimal route. This system has processed over $20B in cross-chain volume, generating significant fee revenue. A major growth area is private transactions via "Confidential Intents/Swaps," which hide trade details until settlement to protect against MEV and front-running. Remarkably, private swaps recently accounted for over 40% of NEAR's transaction volume, highlighting strong demand but also potential regulatory scrutiny. With its AI-founder pedigree, NEAR is positioning itself at the intersection of blockchain, AI agents, and privacy, aiming to become infrastructure for the emerging agent economy while navigating the challenges of its rapid adoption.

marsbit4h ago

Near Returns to the AI Stage: Transformation into a Public Chain Due to 'Payroll Difficulties,' Agent and Privacy Emerge as New Growth Narratives

marsbit4h ago

Trading

Spot
Futures

Hot Articles

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of ETH (ETH) are presented below.

活动图片

Top Questions