Aztec Connect Drained of $2.1M via ZK Proof Integration Flaw
Aztec Connect was already deprecated. The contracts were immutable. The funds were still there. That combination turned an old privacy bridge into a sitting target, and when the proof logic failed to bind what was verified to what was executed, $2.1M walked straight through the gap.
On 15 June, an attacker drained approximately $2.1 million from the smart contract of Aztec Connect, a deprecated privacy bridge on Ethereum. The attacker extracted funds over seven transactions, securing assets that included 909 Ether (ETH), 270,000 Dai (DAI), and 167 wrapped staked ETH (wstETH). Aztec Labs, the developer behind the protocol, had officially deprecated Aztec Connect in March 2023, halting new deposits and shifting focus to a successor network. The contract was designed to be fully immutable, with Aztec Labs holding no administrative keys to pause or upgrade the system. Despite the deprecation, user funds remained in the contract, which continued to operate on-chain and created a static target for the eventual exploit.
Anatomy
The failure occurred not within the zero-knowledge (ZK) cryptography itself, but in the smart contract logic that integrated the ZK proofs with state updates on the Ethereum mainnet. Aztec Connect functioned as a ZK rollup, bundling user transactions into a batch, generating a cryptographic proof of the batch's validity, and submitting that proof to an Ethereum smart contract for verification and settlement.
The failure rested on a desynchronization between two distinct processes: proof verification and transaction execution. The contract’s logic was structured so the verification of a ZK proof was not cryptographically bound to the specific list of transactions being settled. The system would first verify that a submitted ZK proof was valid, confirming that some valid set of transactions had occurred. In a separate step, it would process a list of transactions provided in the function call to update user balances within the contract.
The vulnerability was the contract's incorrect assumption that the transaction list provided for settlement was the same one validated by the ZK proof. The attacker exploited this gap. They first generated a valid ZK proof for a benign, unrelated batch of transactions. Then, they called the settlement function on the Ethereum contract, submitting this valid proof. For the transaction data payload in the same call, however, they supplied a malicious list of transactions. This malicious list contained instructions to credit the attacker's own account with funds already held by the contract, effectively creating unbacked balances.
Because the contract's settlement function failed to check that the transactions it was executing were the same ones certified by the proof, it processed the attacker's fraudulent instructions. The system correctly verified a valid proof but then incorrectly acted upon a separate, malicious dataset. Once the contract state was updated to reflect the attacker's new, illegitimate balance, the attacker initiated standard withdrawal functions to drain the assets. This process was repeated for seven different asset types held within the contract.
The contract's immutability, a feature intended for censorship resistance and credible neutrality, proved critical to the attack's success. Once Aztec Labs relinquished control in 2023, no party possessed the authority to intervene. There were no admin keys to pause the contract, no proxy pattern to enable an upgrade, and no emergency shutdown mechanism. The vulnerability, once discovered by the attacker, was unpatchable.
Pattern
This incident exemplifies the risk of abandoned yet funded smart contracts. In DeFi, deprecation is often a soft process which relies on users to migrate funds voluntarily. Unmaintained contracts become latent security risks. They persist on-chain as immutable artifacts, holding value and presenting static targets for attackers who can take their time finding vulnerabilities. This pattern has been observed before, where protocols considered obsolete for years are suddenly drained after a new exploit vector is found.
The exploit also reveals a recurring vulnerability in complex cryptographic systems, one found not in the core algorithm but at the seams of its implementation. The ZK mathematics underpinning Aztec Connect's privacy were not broken. The failure was in the "glue code", the smart contract logic responsible for interpreting the output of the cryptographic primitive and applying it to the blockchain's state. This is analogous to early cross-chain bridge exploits where the vulnerability was not in the consensus mechanism of either chain, but in the validator signature verification logic of the smart contract that connected them. The interface between off-chain proving components and on-chain verifier contracts is a critical and often fragile attack surface, especially as systems like ZK rollups grow in complexity.
The event is a stark data point in the debate over protocol immutability. While complete immutability prevents malicious developer action or external coercion, it also eliminates any chance of patching a critical bug. This incident demonstrates the severe consequences of that trade-off. A system designed to be trustless in its administration became completely helpless against a technical flaw in its code. This contrasts with systems that have governance-controlled upgrade paths, which carry risks of centralization and capture but can respond to unforeseen threats.
Forward Implication
Security audits for ZK-based systems will now face pressure to re-evaluate their scope. Verifying the integrity of a ZK circuit and the verifier contract is not enough. Audits must focus on the precise binding between a ZK proof and the state transition it authorizes. The key inquiry is whether the on-chain settlement logic acts exclusively on data cryptographically committed to within the proof. Any separation between proof verification and state execution now represents a potential vulnerability.
DeFi protocol deprecation practices will also change. A simple announcement and UI update is inadequate for protecting user funds left behind. Future projects will likely incorporate more robust sunsetting mechanisms from inception, such as contracts with a predetermined lifespan, time-locked functions that automatically return assets, or governance procedures to forcibly migrate liquidity. A contract holding user funds in perpetuity after its intended use has ended is now a demonstrated security liability.
Existing L2s and bridges using ZK proofs now face scrutiny for similar integration flaws. Development teams must re-examine their settlement functions for any desynchronization between what is proven off-chain and what is executed on-chain. Any system where the proof and transaction data are supplied as separate arguments to a function, without a cryptographic link, could harbor a similar vulnerability, exposing a new class of risk for ZK-based infrastructure.
---
Zero Trust Network · Intelligence Division · Truth · Strategy · Sovereignty
Discussion