Trade
Basic
Futures
Futures
Hundreds of contracts settled in USDT or BTC
TradFi
Gold
Trade global traditional assets with USDT in one place
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Futures Kickoff
Get prepared for your futures trading
Futures Events
Participate in events to win generous rewards
Demo Trading
Use virtual funds to experience risk-free trading
Earn
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and enjoy airdrop rewards!
Futures Points
Earn futures points and claim airdrop rewards
Investment
Simple Earn
Earn interests with idle tokens
Auto-Invest
Auto-invest on a regular basis
Dual Investment
Buy low and sell high to take profits from price fluctuations
Soft Staking
Earn rewards with flexible staking
Crypto Loan
0 Fees
Pledge one crypto to borrow another
Lending Center
One-stop lending hub
VIP Wealth Hub
Customized wealth management empowers your assets growth
Private Wealth Management
Customized asset management to grow your digital assets
Quant Fund
Top asset management team helps you profit without hassle
Staking
Stake cryptos to earn in PoS products
Smart Leverage
New
No forced liquidation before maturity, worry-free leveraged gains
GUSD Minting
Use USDT/USDC to mint GUSD for treasury-level yields
More
Ethereum Foundation Warns Against Truncating Address Display in Latest Security Alert
The Ethereum Community Foundation has issued a critical security advisory addressing a sophisticated phishing attack that resulted in the loss of 50 million USDT. The statement emphasizes that the practice of truncating addresses with ellipsis (0xbaf4b1aF…B6495F8b5) must be immediately discontinued, as this convention creates substantial security vulnerabilities in the digital asset ecosystem.
The Risks of Address Truncation and How Phishing Exploits Them
Address truncation—the practice of replacing middle characters with dots—presents a significant security blind spot. When wallet interfaces and blockchain explorers hide the central portion of addresses, users cannot perform complete verification before executing transfers. Attackers exploit this weakness by crafting addresses that match the visible first and last segments, making malicious addresses nearly indistinguishable from legitimate ones at a glance. This visual deception eliminates a critical layer of user verification that should exist between intention and execution.
Real-World Impact: The 50 Million USDT Incident Explained
The recent phishing campaign demonstrates the real consequences of inadequate address display mechanisms. A threat actor generated an address sharing identical first and last three digits with a targeted victim’s intended recipient. The victim, relying on the truncated address view common across many platforms, failed to detect the discrepancy and transferred 50 million USDT directly into the attacker’s wallet. This incident reveals how truncating address information converts a preventable loss into an irreversible tragedy.
Platform Vulnerabilities and Recommended Solutions
The Ethereum Community Foundation identified that multiple wallet services and blockchain explorers currently implement UI features with inherent security flaws. The foundation recommends that all platforms adopt full address display by default, allowing users to see the complete address string before confirmation. Security experts argue that displaying addresses in their entirety is not just a best practice—it is a non-negotiable requirement for protecting user assets from sophisticated phishing schemes.
The advisory underscores that truncating addresses prioritizes visual aesthetics over user protection, a trade-off the industry must reverse immediately.