Truebit Hack Analysis

Jan 12, 2026

On January 8, 2026, Truebit was exploited, resulting in an estimated loss of approximately $26.6 million. The attacker appears to have minted a large amount of TRU tokens and subsequently swapped them for ETH to realize the profit.

Overview

Attacker: 0x6C8EC8f14bE7C01672d31CFa5f2CEfeAB2562b50

Attacker’s contract: 0x1De399967B206e446B4E9AeEb3Cb0A0991bF11b8

Vulnerable Contracts: 0xC186e6F0163e21be057E95aA135eDD52508D14d3

Attack transaction: 0xcd4755645595094a8ab984d0db7e3b4aabde72a5c87c4f176a030629c47fb014

Analysis

Figure 1: The beginning of attack transaction

When examining the transaction, we observed that getPurchasePrice() unexpectedly returned 0, allowing the attacker to acquire approximately 240 million TRU tokens at no cost.

As the implementation source code is not verified, the following is a decompiled representation of the contract:

Figure 2: The decompiled code of implementation

The helper functions implement multiplication, subtraction, and division, respectively. The function 0x1446 returns:

$purchasePrice = \mathrm{amount} \times \mathrm{reserve} \times \frac{100 \times \mathrm{amount} + 200 \times \mathrm{totalSupply} }{(100 - setParameters) \times \mathrm{totalSupply}^2}$

Next, we recover the input arguments of the function above from contract’s storage:

Figure 4: Storage layout of implementation

Finally, we can trace the entire function 0x1446 in detail:

The function should return 0x257c81b45b8f232c462e, but in reality it returns 0. So the big question is — why?

At the end of the function, we have v13 = (v12 + v9) / v6. Since both v12 and v9 are “close” to the maximum value of uint256, their sum overflows, which leads to an incorrect result. This overflow is the root cause of the incident.

In the rest of the attack transaction, the attacker repeatedly executes the same steps to drain the protocol’s ETH, incurring only minimal costs relative to the profit.

Summary

This incident highlights a critical vulnerability that was exploited after the protocol had been running for over three years without major issues, which may be partly due to the implementation being closed-source. This shows that longevity alone does not imply security, and that a lack of transparency can allow serious flaws to remain hidden until they are exploited. For this reason, we strongly recommend that projects publish their source code and undergo regular independent security audits to identify and mitigate risks before they result in real losses.

Verichains

Discussion about this post

Ready for more?