Gnosis Pay Post-Incident Review: Vulnerability Stemmed From a Flaw in Signature Verification Logic, and the Fix Has Been Completed

robot
Abstract generation in progress
ME News, July 3 (UTC+8), Gnosis Pay released a postmortem report on the June 1 security incident, disclosing that the root cause of the vulnerability was a flaw in the ERC-1271 signature verification logic within the Zodiac module: the system only read the contract's return result without checking whether the call actually executed successfully. Attackers exploited this by deploying a contract that intentionally failed but still returned a "valid" flag, forging authorization to withdraw funds from accounts they did not own. The vulnerability was introduced with Zodiac code version 3.4.0 in October 2023 and was fully patched on June 5. According to the report, the attackers withdrew approximately $1.5 million, affecting 5,281 wallets, including about $641k in GNO, $453k in EURe, and $399k in USDC.e; approximately $300k remains locked in inaccessible accounts, and the team is exploring recovery options. Gnosis Pay stated that it will expand its security team, introduce external audits, broaden the scope of smart contract audits, and has completed a full product rebuild (v2) to enhance security response capabilities. (Source: Foresight News)
GNO-0.15%
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned