Catastrophe at Truebit
A "Ghost Bug" from five years ago has wiped out the value of #TRU y and drained $26.6 million from #ETH
The verifiable computation protocol #truebit has suffered a devastating blow after an exploit that has left its native token, TRU, nearly at zero (-99.9%)
The attacker managed to extract 8,535 ETH (approximately $26.6 million USD) directly from the protocol's reserves.
The Vulnerability: It was not a flaw in new code, but a "ghost contract" implemented five years ago. A minting function allowed purchasing massive amounts of TRU at zero price.
The "Mortal" Loop: The exploiter used an infinite loop: minting tokens for free and immediately selling them on the project's bonding curve (bond curve), extracting the backing Ether in each transaction.
On-chain Corruption: Reports indicate the attacker paid bribes (priority tips) to validators/developers to ensure their draining transactions were processed first.
Current Status: Truebit has requested users to avoid interacting with the affected contract (0x764C...2EF2) and is cooperating with authorities, although the token's liquidity has completely evaporated.
"Legacy code" is a ticking time bomb. This incident shows that protocols must not only audit their present but also clean up the technical debris of their past.
