TechFlow reports on January 12 that, according to SlowMist, the Truebit protocol suffered a security vulnerability attack on January 8. The attacker exploited an integer overflow vulnerability in its Purchase contract to mint $TRU tokens at nearly zero cost, stealing 8,535 $ETH (approximately $26.44 million).
The root cause was the lack of overflow protection in integer addition, leading to incorrect price calculations. SlowMist recommends that contracts compiled with Solidity versions below 0.8.0 should always use the SafeMath library to protect all arithmetic operations and prevent logic flaws related to overflows.
Add to Favorites
Share to Social Media
