Chainalysis: Unverified Smart Contracts Linked to ~$37M in Protocol Losses

Chainalysis says four exploits tied to smart contracts with unverified source code led to about $37 million in losses over the past six months, including a $26 million January theft from Ethereum-based Truebit. The firm argues attackers can decompile bytecode and use automated tools to identify issues such as overflows or access-control weaknesses, and it urges source-code verification and broader audit and bug-bounty coverage for contracts holding user funds.