Verify a decision

{"actor":"system:backfill","investigation_id":"83bdefdc-450d-4615-80d7-d8f4b27817c1","kind":"publish","page_slug":"truebit","published_at":"2026-05-20T03:30:52.667Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Truebit","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://iq.wiki/wiki/truebit-protocol"},{"credibility":3,"name":"","type":"other","url":"https://truebit.io/about/"},{"credibility":3,"name":"","type":"other","url":"https://truebit.io/acm-ccs-test-of-time-award/"},{"credibility":3,"name":"","type":"other","url":"https://medium.com/truebit/truebit-the-marketplace-for-verifiable-computation-f51d1726798f"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://medium.com/gasworks-crypto/truebit-tokenomics-13fb0b65fc67"},{"credibility":3,"name":"","type":"other","url":"https://slowmist.medium.com/26-44-million-stolen-truebit-protocol-smart-contract-vulnerability-analysis-e44fe7becd8a"},{"credibility":3,"name":"","type":"other","url":"https://tokeninsight.com/en/coins/truebittru1/tokenomics"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://slowmist.medium.com/26-44-million-stolen-truebit-protocol-smart-contract-vulnerability-analysis-e44fe7becd8a"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-truebit-hack-january-2026"},{"credibility":3,"name":"","type":"other","url":"https://thedefiant.io/news/hacks/truebit-hack-first-major-crypto-exploit-of-2026"},{"credibility":3,"name":"","type":"other","url":"https://cointelegraph.com/news/26m-truebit-hack-smart-contract-vulnerability"},{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/markets/2026/01/09/truebit-token-tru-crashes-99-9-after-usd26-6m-exploit-drains-8-535-eth"},{"credibility":3,"name":"","type":"other","url":"https://cryptobriefing.com/truebit-hacker-launders-eth-via-tornado-cash/"},{"credibility":3,"name":"","type":"other","url":"https://www.cpomagazine.com/cyber-security/26-million-stolen-in-truebit-crypto-hack-sending-tru-token-value-to-zero/"},{"credibility":3,"name":"","type":"other","url":"https://www.panewslab.com/en/articles/b47adb56-1736-44b1-92cd-b8077327bc4a"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://people.cs.uchicago.edu/~teutsch/"},{"credibility":3,"name":"","type":"other","url":"https://truebit.io/about/"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-truebit-hack-january-2026"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://thedefiant.io/news/hacks/truebit-hack-first-major-crypto-exploit-of-2026"},{"credibility":3,"name":"","type":"other","url":"https://cryptobriefing.com/truebit-hacker-launders-eth-via-tornado-cash/"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-truebit-hack-january-2026"},{"credibility":3,"name":"","type":"other","url":"https://coinpedia.org/news/truebit-protocol-suffered-a-26-5-million-hack-as-the-tru-token-crashed-100/"}]}],"sources_used":[],"summary":"Truebit is an Ethereum-based protocol for verifiable off-chain computation, co-founded by mathematician Jason Teutsch and Solidity creator Christian Reitwiessner. On January 8, 2026, an integer overflow vulnerability in a five-year-old, closed-source legacy Purchase contract was exploited, draining 8,535 ETH (approximately $26.44 million) and causing the TRU token to collapse by over 99.9%; the attacker subsequently laundered all stolen funds through Tornado Cash.","timeline":[{"date":"2017-01-01","event":"Truebit whitepaper published by Jason Teutsch and Christian Reitwiessner, introducing the verifiable off-chain computation protocol concept for Ethereum.","source":""},{"date":"2021-01-01","event":"Truebit deploys the TRU token Purchase contract (compiled with Solidity 0.6.10) containing the undetected integer overflow vulnerability; ETH bonding curve reserves begin accumulating.","source":""},{"date":"2025-09-01","event":"Truebit announces general availability of Truebit Verify platform for tokenized asset verification and enterprise data pipelines.","source":""},{"date":"2026-01-08","event":"Attacker at address 0x6C8EC8f14bE7C01672d31CFa5f2CEfeAB2562b50 exploits integer overflow in Truebit's legacy Purchase contract, draining 8,535 ETH (~$26.44 million). TRU token collapses 99.9%+ within hours.","source":""},{"date":"2026-01-09","event":"SlowMist, Halborn, and PeckShield publish technical post-mortems. PeckShield links attacker address to the prior Sparkle Protocol exploit. Truebit team confirms law enforcement contact and contract halt.","source":""},{"date":"2026-01-10","event":"Lookonchain confirms all 8,535 ETH (approx. $26.44 million) has been deposited into Tornado Cash and laundered. Recovery prospects effectively eliminated.","source":""}]},"v":1}