Truebit exploit exposes smart contract flaw behind $26M token mint

Truebit lost $26 million after a smart contract overflow bug let an attacker mint tokens at near-zero cost, sending the TRU price down 99%.

The $26 million exploit of the offline computation protocol Truebit stemmed from a smart contract flaw that allowed an attacker to mint tokens at near-zero cost, highlighting persistent security risks even in long-running blockchain projects.

Truebit suffered a $26 million exploit that resulted in a 99% crash for the Truebit (TRU) token, Cointelegraph reported on Friday.

The attacker abused a loophole in the protocol’s smart contract logic, which enabled them to mint “massive amounts of tokens without paying any ETH,” according to blockchain security company SlowMist, who published a post-mortem analysis on Tuesday.

Read more