Abstract, the consumer-focused Ethereum Layer-2 blockchain developed by Igloo Inc. the team behind Pudgy Penguins, has introduced the ability to buy and sell native Bitcoin (BTC) directly on its platform.
This feature went live in early January 2026, making it seamless for users to trade real BTC not wrapped versions like WBTC right from the Abstract Portal — just a couple of clicks away.
Powered by integrations with Gate and Aborean Finance, a trading/finance app in the Abstract ecosystem. Users can access this directly in the Abstract Global Wallet http://abs.xyz interface on the portal.
This aligns with Abstract’s mission to simplify crypto for everyday consumers, building on its zkSync-based ZK rollup architecture for fast, low-cost, and secure experiences. This adds to the growing trend of bringing native Bitcoin functionality into DeFi and consumer chains, without relying on bridges or wrappers in many cases.
Register for Tekedia Mini-MBA edition 19 (Feb 9 – May 2, 2026): big discounts for early bird.
Tekedia AI in Business Masterclass opens registrations.
Join Tekedia Capital Syndicate and co-invest in great global startups.
Register for Tekedia AI Lab: From Technical Design to Deployment (next edition begins Jan 24 2026).
Implications for Users
This integration makes Bitcoin more accessible for everyday crypto users on an Ethereum Layer-2 like Abstract. No more dealing with high Bitcoin network fees or slow confirmations—trades happen in seconds with minimal costs, as low as a few cents via zkSync tech.
It’s particularly appealing for newcomers or those in the Pudgy Penguins/NFT crowd, since Abstract is consumer-oriented. Users can hold real BTC in their Abstract wallet, trade it alongside ETH/ERC-20s, and potentially use it in DeFi apps without bridges or wrappers, reducing risks like those seen in past WBTC exploits.
However, it’s still reliant on partners like Gate.io for custody, so you’re trusting a centralized exchange for the underlying BTC— not fully decentralized. Abstract, built by the Igloo team, is positioning itself as a “normie-friendly” chain. Adding native BTC trading could supercharge adoption: more liquidity, higher TVL, and attract BTC maximalists who previously ignored ETH L2s.
From recent X posts, integrations like gtBTC—Gate’s BTC variant allow liquidity provision in pools, earning yields via ABX tokens. This could spark a flywheel—more users mean more apps, games, and social features on Abstract, differentiating it from rivals like Base or Optimism.
Long-term, it supports Abstract’s goal of abstracting away crypto complexity, potentially leading to more partnerships with Aborean Finance for advanced trading. This blurs lines between BTC and ETH ecosystems. Native BTC on L2s enables true cross-chain utility without counterparty risk, aligning with trends like BTC RWAs (real-world assets) for yield.
It could increase BTC’s role in DeFi, where most activity is ETH-based, potentially boosting overall market efficiency and reducing reliance on centralized bridges. Exchanges like Gate.io gain exposure, but it pressures CEXs by offering onchain alternatives.
For Bitcoin, it enhances its “productive collateral” narrative—idle BTC can now earn without selling. Broader adoption might accelerate institutional BTC strategies, echoing US banks’ new ability to trade BTC or national reserves. As seen in general crypto analyses, such features could stabilize markets by integrating BTC into faster, cheaper systems .
However, it might amplify volatility if retail floods in without understanding risks. Trading native BTC on L2s could draw scrutiny, especially with programmable money concerns . In jurisdictions with crypto bans or tight rules, this might segment markets .
While “native,” it’s likely custodied by Gate, introducing single-point failure risks. Past crypto events show integrations can lead to exploits or liquidity issues. Increased accessibility might fuel speculation, but without strong utility, it could lead to pump-and-dumps. Broader implications include potential for more surveillance in digital assets.
This is a step toward mainstream crypto usability, but it’s early—DYOR, as adoption depends on execution and market sentiment. If BTC hits new highs via national buys, features like this could amplify gains across chains.
It’s a step toward making BTC more usable in everyday onchain activities on platforms like Abstract. If you’re on Abstract, head to the portal to try it out — super straightforward for trading BTC alongside other assets.
Truebit Protocol Suffered Breach Resulting to $26M in Losses
Truebit Protocol suffered a major exploit on January 8, 2026, resulting in approximately $26 million in losses around 8,535 ETH, based on prices at the time.
The incident involved a vulnerability in an old smart contract deployed about five years ago, specifically a mispriced minting/purchase function in the “Truebit Protocol: Purchase” contract address http://0x764C64b2A09b09Acb100B80d8c505Aa6a0302EF2. This flaw allowed attackers to mint TRU tokens at heavily discounted (near-zero) prices, then drain ETH reserves from the protocol through repeated buy-sell loops.
On-chain data from trackers like Lookonchain and PeckShield confirmed 8,535 ETH ($26–26.6M) was siphoned. The funds were quickly split and transferred to multiple addresses (e.g., 0x2735…cE850a and 0xD12f…031a60) to complicate tracing.
Truebit posted on X: “Today, we became aware of a security incident involving one or more malicious actors. The affected smart contract http://0x764C64b2A09b09Acb100B80d8c505Aa6a0302EF2 is and we strongly advise the public not to interact with this contract until further notice. We are in contact with law enforcement and taking all available measures to address the situation.”
Security firms like Cyvers initially flagged it as “suspicious/anomalous” activity, but it was quickly confirmed as an exploit by multiple sources including PeckShield. The native TRU token collapsed dramatically — dropping 99.9%+ from ~$0.16 to near-zero values like $0.000077 or lower on some trackers.
This wiped out much of the token’s liquidity and value overnight, severely affecting holders. This marks one of the first major DeFi exploits of 2026, highlighting ongoing risks with legacy/older contracts in the space similar to past incidents like Balancer’s rounding error bug.
PeckShield noted the same attacker may have hit another project (Sparkle) ~12 days earlier for a smaller amount. The situation is still developing — no full post-mortem yet, and recovery/remediation plans are unclear. Users should avoid the affected contract and monitor official Truebit protocol channels for updates.
The Truebit Protocol exploit has far-reaching implications for the project, its users, the broader DeFi ecosystem, and even ongoing discussions around blockchain security. The exploit drained approximately 8,535 ETH valued at ~$26–26.6 million at the time, primarily through a vulnerability in an outdated “Purchase” smart contract.
This allowed the attacker to mint TRU tokens at near-zero cost via a mispriced function and drain ETH reserves in looped transactions.The native TRU token suffered a catastrophic collapse.
Pre-exploit price: ~$0.16. Post-exploit: Dropped 99%+ often reported as 99.9% or near 100%, reaching lows like $0.0000000029 to $0.000077 on various trackers like CoinGecko, Nansen data. Liquidity on DEXs evaporated almost instantly, leaving holders with essentially worthless positions and triggering widespread panic selling.
This marks one of the most severe token devaluations from a single exploit in recent memory, effectively wiping out the project’s market cap overnight. Truebit quickly acknowledged the incident on X, labeling it a “security incident involving one or more malicious actors” and urging users to avoid the affected contract http://(0x764C64b2A09b09Acb100B80d8c505Aa6a0302EF2).
They confirmed contact with law enforcement and are “taking all available measures,” but no detailed technical post-mortem, recovery plan, or compensation details have emerged yet. The protocol’s focus on verified off-chain computation for Ethereum remains intact in theory, but trust is severely damaged — especially given irony pointed out by critics:
Truebit’s longtime slogan is “Don’t just trust, verify”, yet the lack of recent/public audits and partially non-open-source code in older contracts left users without verifiable security assurances. Recovery of funds appears unlikely in the short term, as stolen ETH was rapidly split and laundered across addresses.
The same attacker is linked to a smaller ~$5 ETH hit on Sparkle protocol ~12 days earlier. This is widely seen as the first major DeFi exploit of 2026, setting a concerning tone after 2025’s high losses over $2.7B total per some reports and a December dip to ~$76M in hacks.
Key lessons and ripple effects include: Legacy code risks — Old, unaudited, or dormant contracts even from reputable projects are prime targets. Attackers increasingly scan for mispriced functions, rounding errors, or boundary issues in years-old deployments.
Audit and transparency gaps — Reinforces the need for ongoing, public audits and full source code verification. Smaller/niche protocols like Truebit are especially vulnerable without continuous maintenance.
Investor confidence — Erodes trust in DeFi infrastructure projects, particularly those without strong liquidity backstops or insurance. It highlights how quickly retail holders can lose everything in “verified” ecosystems.
Minimal direct impact on major assets like ETH which remains resilient, but it contributes to caution around altcoins and legacy DeFi plays. Analysts note it underscores persistent vulnerabilities in computation-scaling protocols and calls for enhanced security protocols industry-wide.
Potential regulatory scrutiny — Could fuel arguments for stricter oversight of smart contracts, especially as exploits continue despite falling aggregate losses in late 2025.
In short, while Truebit’s core tech— off-chain verifiable computation has long-term value for Ethereum scaling, this exploit likely deals a near-fatal blow to the project in its current form. It serves as a stark reminder: in DeFi, legacy code can be a ticking bomb, and “verify” must extend beyond slogans to rigorous, up-to-date security practices.