A computation bug that allowed Truebit to be hacked for 8535 ETH
Original Title: "Truebit Protocol $26.44M Hack Contract Vulnerability Analysis"
Original Source: ExVul Security
On January 8, 2026, the Truebit Protocol was hacked, resulting in a loss of 8,535.36 ETH (approximately $26.44 million). The official Truebit Protocol announcement was made early the next day. The ExVul security team conducted a detailed vulnerability analysis of this attack, with the following results:
Attack Process
Attacker's Address:
0x6c8ec8f14be7c01672d31cfa5f2cefeab2562b50
Attack Transaction Hash:
0xcd4755645595094a8ab984d0db7e3b4aabde72a5c87c4f176a030629c47fb014
The attacker completed the attack by looping 4 times through calls to getPurchasePrice→0xa0296215→0xc471b10b transactions. The analysis focuses on the first loop as an example.
1. The attacker first called the getPurchasePrice(240442509453545333947284131) function, which returned 0.

2. The attacker called the 0xa0296215(c6e3ae8e2cbab1298abaa3) function with a msg.value of 0 and successfully minted 240442509453545333947284131 TRU tokens.

3. The attacker called the 0xc471b10b(c6e3ae8e2cbab1298abaa3) function. They then burned 240442509453545333947284131 TRU tokens and received 5105.06 ETH.
Attack Logic Analysis
By understanding the above attack process, it is evident that there are issues in the logic of the getPurchasePrice function and the 0xa0296215 function. The following is an in-depth analysis (as the contract is not open-source, the following code is decompiled code).


By comparing the similarities of two functions, we can discover that the 0x1446 function is used to determine how much ETH is needed to purchase a specific amount of TRU. Clearly, there is a flaw in the logic of the 0x1446 function, leading to an incorrect ETH calculation. The following is a detailed analysis of the logic in the 0x1446 function.

Observing the logic in the 0x1446 function, because the final calculation result v13 == 0, it is certain that the calculation logic mentioned earlier is flawed. It is important to note that the function 0x18ef is equivalent to _SafeMul, so the issue lies in using native addition v12 + v9 (the contract version is ^0.6.10, hence no overflow check).
v12 and v9 represent:
Through the above analysis, the attacker's approach is to input a huge _amountIn to overflow v12 + v9 into a very small value, ultimately resulting in (v12 + v9) / v6 == 0.
Summary
The fundamental reason for the attack on the Truebit Protocol this time is the presence of a severe integer overflow bug in its token purchase price calculation logic. Since the contract uses Solidity version ^0.6.10 and does not perform safety checks on crucial arithmetic operations, it ultimately led to a significant loss of 8,535.36 ETH. The new version of Solidity itself has already alleviated overflow vulnerabilities. This attack should be seen as a hacker leveraging AI to automatically scan some live but older DeFi protocols to discover vulnerabilities (including the recent Balancer and yETH attacks). We believe that such AI-driven attacks on older DeFi protocols will become more common in the near future. Therefore, we recommend that projects conduct new security audits on their contract code. If vulnerabilities are found, they should promptly upgrade the contract or transfer assets, maintain on-chain monitoring, promptly detect anomalies, and minimize losses.
This article is contributed content and does not represent the views of BlockBeats.
You may also like
Stablecoins are the "royalists" of the crypto world: Open USD brings the old currency system into play
Semiconductor stocks plummet, yet Anthropic wants to create a 2nm chip
Where is Zhao Changpeng's billion-dollar investment going? YZi Labs' investment landscape fully revealed
Ethereum Foundation Report: A Basic Guide to Ethereum for Governments and Financial Institutions
A pre-announced harvesting case: After the cryptocurrency price dropped by 99%, the public chain Saga exited to transform into AI
When American giants collectively "defect" from Chinese AI models
BIS Report Compliance Observation: The Real Risks of Stablecoins, Not Just "Depegging"
Portugal 2-1 Croatia: Ronaldo's 20-Year Knockout-Stage Drought Ends With a Debt Finally Collected
Portugal beat Croatia 2-1 in the 2026 global football championship's knockout rounds as Ronaldo scored his first-ever knockout-stage goal, Gonçalo Ramos struck a stoppage-time winner, and VAR ruled out a late equalizer for offside.

