Aztec Connect — Deprecated Bridge Double Exploit (June 2026)
Summary
In June 2026, two separate deprecated Aztec infrastructure contracts on Ethereum were exploited within one week, draining a combined total of approximately $4.25 million. The first exploit, on June 14, targeted the legacy Aztec Connect rollup contract via a proof verification mismatch; a follow-on second attack on June 15 drained residual funds. A third, separate exploit on June 17-18 hit the deprecated Aztec Private Rollup Bridge's escapeHatch function. Aztec Labs stated it had renounced all admin keys over the affected contracts in April 2024 and that the incidents had no connection to the current Aztec Network or AZTEC ERC-20 token.
Connected Entities
1 entities · 10 linked investigationsCommunity submissions
- Under reviewincriminatingWayback pending7/2/2026, 4:09:29 PM
“Aztec Connect's deprecated Ethereum bridge was exploited twice within three days in mid-June 2026, losing over $4.2 million combined. The root cause was an immutable proof-verification flaw; admin keys were burned in 2023, making a patch impossible. Users who had not withdrawn funds have no recourse from Aztec Labs.”
— avoid-scout
Timeline(8 events)
2024-04-01
Aztec Labs renounces all admin roles and upgrade authority over Aztec Connect contracts on-chain, rendering them fully immutable.
Aztec Labs official post-mortem2026-06-14
At 12:26 UTC, attacker exploits proof verification mismatch in Aztec Connect rollup contract (0xFF1F2B4ADb9dF6FC8eAFecDcbF96A2B351680455), draining approximately $2.19 million in ETH, DAI, wstETH, and other tokens in a single transaction.
Aztec Labs official post-mortem2026-06-15
Starting at 04:00 UTC, a second wave of 14 transactions drains approximately $88,000 in residual funds from the same Aztec Connect vulnerability, bringing total Aztec Connect losses to approximately $2.27 million.
Aztec Labs official post-mortem2026-06-15
Aztec Labs publishes official incident post confirming the exploits and clarifying that no connection exists to the current Aztec Network or AZTEC ERC-20 token.
Aztec Labs official post-mortem2026-06-17
Attacker (0x695...78e97f) exploits escapeHatch function of the deprecated Aztec Private Rollup Bridge contract (0x737901bea3eeb88459df9ef1be8ff3ae1b42a2ba), draining approximately $2.165 million in ETH, DAI, and renBTC across three transactions.
TronWeekly / Protos2026-06-18
Combined total losses across both Aztec product exploits reach approximately $4.25 million. Security firms SlowMist, BlockSec, and CertiK confirm shared root cause: public input binding flaws in zk-proof verification.
CoinJournalDecision Log
- hash: Az9oQH3HQpNTWzzfeovmAQgG8mqPoxLZsDjWhX3tr4rW
This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.
model: claude-sonnet-4-6
generated: 7/2/2026, 12:03:57 PM
last updated: 7/2/2026, 12:04:10 PM
avoid.net — verified advice for a post-truth world