Aztec Connect Exploit: $2.19MDrained via Legacy Proof-Validation Bypass

• Incident Date: June 14, 2026
• Target: Aztec Connect legacy Router / RollupProcessor contracts on Ethereum
• Target Overview: Aztec Connect was Aztec Labs' earlier privacy-focused zk-rollup product for private DeFi interactions on Ethereum. The system was deprecated around March 2023, later left immutable with admin control renounced, and DefiLlama still showed about $4.35 million in TVL before the drain.
• Total Loss: ~$2.19 million
• Affected Contract: Aztec Connect proxy / Router component at 0xFF1F...0455
• Exploit Transaction: 0x074e...aeeb1
• Reported Attacker Address: 0x0F18...EdD17
• Attack Vector: Smart-contract logic flaw / proof-validation bypass / legacy immutable contract exposure

---

Incident Review & Technical Details

1. Attack Path

1. Residual Value Remained in Deprecated Infrastructure: Aztec Connect had been sunset for years, but its Ethereum contracts were still callable on-chain and still held residual assets. That left an immutable legacy surface with real value and no operational pause or upgrade path.
2. The Attacker Called the Public Rollup Processing Path: Public reporting and Etherscan records show the exploit transaction was sent by 0x0F18...EdD17 and interacted with Aztec Connect infrastructure on Ethereum at June 14, 2026 12:26:23 UTC.
3. Proof Data Validation Was Reportedly Incomplete: According to CertiK analysis quoted in public reporting, computeRootHashes() checked only the beginning of submitted _proofData, while token-moving parameters consumed by processDepositsAndWithdrawals() sat elsewhere in the payload. The attacker allegedly crafted data that passed the checked portion while still triggering unauthorized withdrawals.
4. Unauthorized Rollups Were Processed: Etherscan logs show RollupProcessed events for rollup IDs beginning at 13277 in the exploit transaction, matching public reporting that unauthorized rollups 13277 to 13290 were used to drain assets.
5. ETH and ERC-20 Balances Were Transferred to the Exploiter: The transaction transferred approximately 908.99 ETH, 270,513 DAI, 167.89 wstETH, and smaller yvDAI, yvWETH, LUSD, and yvLUSD balances from Aztec Connect to the attacker.
6. Small Tornado Cash Movement Was Reported: Public reporting said the attacker wallet was funded shortly before the exploit with about 0.098 ETH sourced from Tornado Cash, and that only a small amount of ETH had been routed back through Tornado Cash after the drain at the time of reporting.

2. Impact Scope

• Protocol-Level Loss: Public loss estimates converged around $2.19 million, while Aztec Labs was reported as citing roughly $2.1 million.
• Affected Component: The affected surface was Aztec Connect's deprecated Router / RollupProcessor component, not the current Aztec Alpha network.
• Affected Assets: Roughly 908.99 ETH, 270,513 DAI, 167.89 wstETH, plus smaller yvDAI, yvWETH, LUSD, and yvLUSD balances.
• Residual TVL Exposure: DefiLlama showed Aztec Connect with about $4.35 million in TVL, underscoring that a sunset product can remain economically meaningful if assets are not fully swept or migrated.
• Unaffected Components: Reviewed sources did not identify a current Aztec Alpha exploit, Ethereum consensus issue, private-key compromise, or generalized zk-rollup vulnerability.
• Recovery Constraint: Because Aztec Connect was deprecated, immutable, and no longer controlled by Aztec Labs, no admin pause, upgrade, or reversal mechanism was available through the project team.

3. Official Statements

• CertiK Alert: CertiK reported a suspicious transaction draining the Aztec Connect Router contract on Ethereum for approximately $2.19 million, identifying 0x0F18...EdD17 as the attacker wallet.
• Aztec Labs: According to public reporting of Aztec Labs' X statement, the team confirmed the affected system was the deprecated Aztec Connect deployment and said Aztec Labs holds no admin keys or control over it, so the contract cannot be paused or upgraded by the team.
• Aztec Labs on Current Infrastructure: Public reporting also stated that the current Aztec Alpha network was not affected because it runs on different infrastructure.

4. Investigation Progress

The exploit transaction and primary attacker wallet are publicly visible on Etherscan, and the attacker address is labeled as an Aztec exploiter. At the time of the reviewed reports, most of the stolen assets remained in the exploiter wallet, with only limited Tornado Cash movement and no large centralized-exchange or bridge deposits identified.

The highest-priority follow-up is a complete technical postmortem from Aztec Labs or an independent reviewer covering the exact malformed proof payload, the vulnerable validation boundary, the full rollup ID sequence, and whether any comparable retired contract paths still hold assets. For teams operating immutable legacy contracts, the practical response lesson is severe: deprecation is not retirement unless funds, permissions, monitoring, and emergency assumptions are explicitly closed out.

---

AUTOSEC.DEV Solution

The Aztec Connect incident shows why immutable legacy contracts need both pre-deprecation assurance and post-deprecation operational controls while any funds remain on-chain.

1. Secure Code Review - The reported failure centered on a mismatch between proof data validation and withdrawal execution in Aztec Connect's legacy RollupProcessor path. AUTOSEC.DEV reviews smart-contract invariants, calldata parsing boundaries, proof-verification assumptions, and withdrawal or settlement paths that can move assets when a single validation check is incomplete.
2. Penetration Testing - This exploit depended on crafting adversarial rollup input against a public function that remained callable after deprecation. We reproduce attacker workflows on forks and staging deployments, including malformed proof payloads, legacy entrypoints, residual balances, and immutable-contract edge cases that normal product testing may no longer exercise.
3. Security Strategy & Planning - Aztec Connect's immutability meant no admin key could pause or upgrade the affected contracts once the drain began. AUTOSEC.DEV helps teams design deprecation playbooks that cover asset sweeps, withdrawal deadlines, monitoring, user communications, emergency authority tradeoffs, and explicit criteria for when a legacy system is truly retired.

Service Links

• AUTOSEC.DEV - Secure Code Review
• AUTOSEC.DEV - Penetration Testing
• AUTOSEC.DEV - Security Strategy & Planning

---

Reference

• https://x.com/CertiKAlert/status/2066156825666543871