Aztec Connect abandoned smart contract exploit commot $2.1M
One attacker exploit di abandoned Aztec Connect smart contract, comot about $2.1M (include 909 ETH, 270,000 DAI, and 167 wstETH) by abusing verification mismatch. Aztec Labs talk say the matter na only affect the deprecated Aztec Connect contract (them shut am down March 2023) and e no touch assets or users for the current Aztec Network.
Security firm BlockSec explain say Aztec Connect logic interpret Ethereum transaction list different during verification and settlement. That gap allow the attacker to mint unbacked balances inside the contract and withdraw dem. The pattern happen seven times across seven assets.
This theft join the series of DeFi incidents for June, after Humanity Protocol lose $30M (June 8) and the Syscoin Bridge “fake-proof” exploit (June 7). Developers also warn say the risk from abandoned Aztec Connect smart contract fit still dey even after deprecation, because the deployed code still fit be exploited.
For traders, na targeted, protocol-level tail risk e be, no be system-wide market event, but e show say make dem monitor legacy/immutable DeFi code more closely.
Neutral
Di exploit na concern na na happen na e specific to wan deprecated Aztec Connect smart contract, an operator tok say di current Aztec Network an im users/assets no touch. Dis limit di direct contagion risk an, according to both summaries, e no likely say e go shift overall market liquidity. Short-term, traders fit see small-scale risk-off sentiment towards legacy DeFi/bridge exposure (an maybe ETH-denominated assets wey di attacker grab), but no sign say na wide protocol failure or big asset unwind. Long-term impact mainly be behavioral: people go look more closely at immutable/abandoned contracts, increase monitoring an charge more for risk instead of immediately changing coin fundamentals.