Aztec's Ancient Escape Hatch Lets $2.15M Slip Out the Back Door 🚪

Deprecated Aztec infrastructure was hit by a second exploit within three days, with an attacker draining roughly $2.15 million from the protocol's private rollup bridge on Thursday. According to Cos, co-founder of cybersecurity firm SlowMist, preliminary analysis found the attacker used a false rollup proof to trick the protocol into releasing 1,158 Ether (ETH), 150,000 Dai (DAI) and 0.46 renBTC (RENBTC) from its reserves to the attacker's address. Aztec Labs confirmed the exploit, stating that about $2 million was transferred from an immutable smart contract tied to a payment product deprecated in 2022, and that the lab held no admin keys or ability to pause transactions on the contract.

The incident targeted the RollupProcessor contract through its escapeHatch() function, an emergency withdrawal mechanism lacking rollup provider authorization, owner-only restrictions and signature verification. SlowMist's analysis shows the attacker set rollupSize to zero, which caused the protocol's TurboVerifier contract to accept an escape-hatch proof. After validation, the processDepositsAndWithdrawals() function executed withdrawals using only the public inputs supplied in the proof — the asset identifier, recipient address and withdrawal amount — without independently verifying that the recipient was entitled to the assets or that the request matched actual user balances. The attacker presented made-up public inputs (0x6952….8e97f) to transfer the funds to an externally owned address.

Aztec Labs said the Thursday exploit is separate from the $2.1 million stolen from Aztec Connect's smart contract on Sunday. Aztec Connect, a privacy-focused rollup, was deprecated in March 2023, with the team halting deposits and shifting resources to the next-generation Aztec Network. Cointelegraph reached out to Aztec Labs for additional details about the vulnerability but had not received a response by publication. SlowMist's post-mortem of the first incident noted that, although Aztec Connect was deprecated, the attacker was able to extract more than $2.1 million because the immutable contract was still holding legacy user assets.

The two Aztec exploits, along with the $1.3 million stolen from decentralized exchange Raydium earlier in June, have renewed concerns about deprecated smart contracts. "Old contracts continue to be bug bounties available to any hackers. With protocols removing their responsibility to maintain them, they can become even more tempting," risk analysis platform Blockful wrote in a Tuesday X post. SlowMist advised protocols with deprecated smart contracts that still hold legacy assets to carry out an orderly asset migration to eliminate ongoing cybersecurity exposure. According to Aztec, funds from the protocol's Router contract were used to complete the Sunday transaction by the wallet address "0x0f18….edd17," with indications that the protocol's handling of proof data in the smart contract validation process was deficient.