Truebit exploit exposes smart-contract flaw behind $26M token mint
Truebit lost $26 million after a smart-contract overflow bug let an attacker mint tokens at near-zero cost, sending the TRU price down 99%.
A $26 million exploit of the offline computation protocol Truebit stemmed from a smart-contract flaw that allowed an attacker to mint tokens at near-zero cost, highlighting persistent security risks even in long-running blockchain projects.
Truebit suffered the $26 million exploit that resulted in a 99% crash for the Truebit (TRU) token, Cointelegraph reported on Friday.
The attacker abused a loophole in the protocol’s smart-contract logic, which enabled them to mint “massive amounts of tokens without paying any ETH,” according to blockchain security company SlowMist, which published a post-mortem analysis on Tuesday.