- The TRU token collapsed from $0.1659 to nearly zero, wiping out its market value.
- Liquidity on decentralized exchanges dried up after the exploit.
- The attacker’s wallet was linked to an attack on the Sparkle protocol that occurred 12 days earlier.
A serious security breach at the Truebit Protocol triggered one of the sharpest crashes seen this year in decentralized finance.
The blockchain project, focused on verifiable computation, lost roughly $26.5 million after an attacker exploited a vulnerability in one of its smart contracts.
The incident drove the protocol’s native TRU token down to near zero and left liquidity on decentralized exchanges under severe strain.
On-chain movements following the exploit reveal how quickly funds were diverted, highlighting the persistent risks tied to smart contract design and monitoring in the DeFi sector.
How the exploit unfolded
The breach was first flagged by blockchain security firm PeckShield, which detected a series of suspicious transactions on the Ethereum network.
Analysis shows the attacker drained nearly 8,500 ETH from the Truebit protocol.
At the time of the exploit, the stolen cryptocurrency was worth approximately $26.5 million.
On-chain data indicates the funds were rapidly split and moved to two separate wallet addresses, identified as 0x2735…cE850a and 0xD12f…031a60.
Splitting funds in this manner is a commonly used technique to complicate tracking and reduce the chances of recovery.
PeckShield’s preliminary findings suggest the exploit targeted a flaw in the protocol’s contract structure, although a detailed technical analysis has not yet been published.
Token collapse and liquidity shock
The market impact was immediate. Truebit’s native TRU token almost completely collapsed, falling from a daily high of $0.1659 to a low of $0.000000018.
The move effectively wiped out the token’s market capitalization within hours.
Liquidity across decentralized exchanges also evaporated quickly.
With pools depleted and trust shaken, many token holders were unable to exit their positions.
The episode underscored how closely token valuations are tied to protocol security, especially for smaller DeFi projects where confidence can vanish rapidly once an exploit is confirmed.
Protocol response and containment
After the breach, the Truebit Protocol issued an official update acknowledging the incident.
The team confirmed that a specific smart contract had been compromised and warned users not to interact with it until further notice.
The protocol stated it is coordinating with law enforcement and taking measures to limit further damage.
Users were advised to rely only on official communication channels for updates as investigations continue.
No timeline has been provided yet for remediation or recovery efforts.
Link to a prior DeFi attack
PeckShield also reported that the wallet involved in the Truebit exploit had been connected to a separate attack on the Sparkle protocol about 12 days earlier.
In that incident, the attacker acquired tokens and routed the funds through Tornado Cash, a privacy service often used to obscure transaction trails.
The repeated use of similar techniques suggests an experienced exploiter is actively searching for vulnerabilities.
The connection has raised broader concerns within the DeFi ecosystem, where a string of linked attacks can amplify perceived risk beyond the directly affected projects.