- Truebit token dropped up to 99.9% after an exploit drained about 8,535 ETH, worth roughly $26.6 million, from the protocol’s reserves.
- Researchers linked the attack to a five-year-old contract flaw that let the attacker buy TRU at near-zero cost, then loop sells into the bonding curve to pull out ether.
Truebit token suffered a sudden collapse on Thursday after an exploit drained about 8,535 ETH from protocol reserves, worth roughly $26.6 million. Onchain trackers and independent researchers tied the loss to repeated buy-and-sell loops that pulled ether out of the reserve mechanism. Liquidity thinned fast as traders reacted, and the market repriced Truebit token within minutes. The incident also reopened an old risk in DeFi: legacy contracts can keep value paths alive long after teams move on. Even when newer code exists, older deployments can still route funds through forgotten logic. This exploit put that problem in focus because it relied on a contract deployed around five years ago.
Truebit token exploit overview and onchain trail
Onchain data showed the protocol reserve bleeding ether in a sequence of transactions that repeated a simple pattern. Lookonchain estimated the theft at 8,535 ETH, and the dollar value hovered near $26.6 million at the time of reporting. A separate researcher, Weilin Li, traced the behavior to a weakness in an older smart contract tied to minting and pricing. Another independent onchain researcher, “n0b0dy,” described the flow as looping buys and sells that exploited mispricing as the reserve balance shifted. The wallet behind the activity also reportedly paid a small builder bribe to push transactions through faster and gain priority in blocks. That detail matters because it suggests the actor planned for competition and wanted execution certainty. Truebit, which positions itself as an Ethereum-based verification and computation project, said it knew about the security incident and noted contact with law enforcement while it worked on mitigation steps.
Truebit token price collapse and liquidity dynamics
Trading quickly reflected what the reserve mechanics revealed onchain. Truebit token plunged as much as 99.9% as liquidity evaporated and holders rushed to exit. Thin liquidity amplified each sell because price impact widened with every trade that hit a shrinking pool. Bonding-curve reserves can react sharply in stress because the curve links price directly to reserve balances. Once the attacker began cycling trades, each loop extracted ether while leaving the market with weaker backing. Market participants saw reserve outflows and adjusted bids lower, which made the next wave of selling even more punishing. The crash did not need a long unwind to do damage, because the depletion of reserves undermined confidence in any near-term recovery. Traders also faced uncertainty over whether contracts had been paused, which often drives more selling than the initial loss. In that environment, Truebit token became a proxy for protocol risk rather than a simple spot market asset.
Legacy contract flaw behind the drain
The reported root cause centered on old code and an edge case in a minting function. Weilin Li attributed the exploit to a flaw in a smart contract deployed around five years ago, where a minting path could return a purchase price of zero for an unusually large token buy. That single condition gave the attacker a way to acquire Truebit token at near-zero cost. After each cheap purchase, the attacker could immediately sell back into the bonding-curve reserve and extract ether. The loop worked because the pricing logic did not hold under that extreme input size, and the reserve balance changes created new mispricing moments. Each cycle shifted the reserve state and opened another favorable trade, which allowed the attacker to drain the pool gradually rather than in one obvious hit. The mechanism also shows why “deprecated” code still matters in DeFi. Contracts can remain live, connected, and funded even when users stop paying attention. If that contract still touches reserves, value remains reachable through it.
Response and next steps for Truebit token
Truebit acknowledged the incident and said it was taking steps to address the situation while staying in contact with law enforcement. That statement signals active coordination, but it leaves key operational questions open for traders and users. The team had not yet published a full post-mortem at the time of reporting, and it had not confirmed whether it paused the affected contracts. Without clear confirmation on containment, markets tend to price the worst plausible path, especially after a reserve drain. Truebit token now sits at the intersection of technical remediation and market stabilization, and each update can shift expectations. A thorough post-mortem will likely need to specify which contract versions remained connected, how the minting function returned zero, and which checks failed. It will also need to clarify the precise scope of exposure, including whether any other reserve-linked components share similar legacy logic. Users will watch for concrete actions, such as verified contract pauses, reserve status updates, and an explanation of how future upgrades will account for older deployments.
Conclusion
Truebit token collapsed after an exploit drained about 8,535 ETH, roughly $26.6 million, from protocol reserves and triggered a plunge of up to 99.9%. Researchers linked the drain to repeated buy-and-sell loops that exploited a pricing flaw in an older contract deployed around five years ago, with reports of a small builder bribe used to prioritize transactions. Truebit stated it was aware of the incident and was engaging law enforcement, but it had not released a full post-mortem or confirmed contract pauses at the time of reporting. The next developments will depend on clear containment details and a technical explanation that addresses the legacy contract path that enabled the reserve extraction.
Disclaimer
The information provided in this article is for informational purposes only and should not be considered financial advice. The article does not offer sufficient information to make investment decisions, nor does it constitute an offer, recommendation, or solicitation to buy or sell any financial instrument. The content is opinion of the author and does not reflect any view or suggestion or any kind of advise from CryptoNewsBytes.com. The author declares he does not hold any of the above mentioned tokens or received any incentive from any company.
Featured image created by AI
