

We are aware of the reported exploit a little earlier today and are investigating the root cause. The protocol guardians are currently pausing all Vaults across the Lazy Summer Protocol. We will provide more updates as we have them.
AstraSec
153 posts

@AstraSecAI
Blockchain security auditing, trusted by Magpie, 1inch, Paraswap, Kodiak, ... (https://t.co/74XaWrdj3c)


We are aware of the reported exploit a little earlier today and are investigating the root cause. The protocol guardians are currently pausing all Vaults across the Lazy Summer Protocol. We will provide more updates as we have them.


An Update from the Edel Team Earlier today, Edel identified and contained an exploit affecting Edel Lending. The exploit involved manipulation of the wrapped xStocks exchange rate between wGOOGLx and GOOGLx, causing wGOOGLx collateral to be valued at approximately 78x its correct value. The attacker used that inflated collateral value to borrow from the protocol, creating approximately $403k in protocol bad debt. Immediately after detection, the Edel team paused all V1 contracts. Edel V1 remains paused, and users should not interact with the V1 deployment while protocol activity is suspended. The team has preserved the relevant protocol records and is using them to determine affected balances for restoration. No depositor will bear any loss from this incident. The Edel team will absorb the bad debt and restore affected depositor balances 1:1. Edel V2 is being deployed with a redesigned oracle architecture intended to prevent this class of exchange-rate manipulation. Once deployment and balance restoration are complete, restored balances will be available directly in the Edel application. We will share timing as soon as it is finalized. We have traced the attacker’s transactions and are coordinating with exchanges, ecosystem partners, and other relevant stakeholders. In parallel, we have extended a formal whitehat settlement offer to the responsible party, providing a defined window to return the remaining funds in exchange for an authorized security bounty. A full technical post-mortem will follow with the exploit path, root cause, and the changes introduced in Edel V2. This incident also reinforces the importance of EIP-01, which will introduce governance over protocol risk parameters, supported collateral, and future market configuration while preserving the team’s ability to respond immediately to security-critical events. Our immediate priorities are containment, user restoration, and transparent follow-up. We will continue updating users until affected balances have been restored in full. The Edel Team


The @origin_trail DKG V10 release is underway and lands on mainnet today! Deployment of smart contracts was completed. All $TRAC token movements from staking and publishing accounts are part of ongoing transition to V10 network. The system is now in final verification. Stay tuned for launch!



Our preliminary investigation indicates that this is once again, a deprecated vault that we have migrated from years ago. It has no relation to any of our current contracts or products. We will release a post-mortem once we get more details.


🚨@gnosispay Gnosis Pay Incident: Root Cause Disclosure While the attack was still ongoing, the team refrained from publishing the root cause. Now that the incident has been fully contained, we believe it is the right time to disclose the root cause. 💡Root Cause A logic flaw in SignatureChecker::_isValidContractSignature() within the Zodiac Delay Module. During EIP-1271 signature validation, the function performed a staticcall to the signer contract but only checked the returned data — it did not verify whether the call was successful. The attacker exploited this by forcing the staticcall to revert, while embedding the EIP1271_MAGIC_VALUE (0x1626ba7e) in the revert data. The flawed checker mistakenly matched the revert payload and treated the failed call as valid authorization. This bypass allowed the attacker to: - Queue arbitrary malicious transactions into victim Gnosis Safe wallets (without real permission) - Wait for the mandatory cooldown period to expire - Execute them via executeNextTx() and drain funds

🚨@gnosispay Gnosis Pay Incident: Root Cause Disclosure While the attack was still ongoing, the team refrained from publishing the root cause. Now that the incident has been fully contained, we believe it is the right time to disclose the root cause. 💡Root Cause A logic flaw in SignatureChecker::_isValidContractSignature() within the Zodiac Delay Module. During EIP-1271 signature validation, the function performed a staticcall to the signer contract but only checked the returned data — it did not verify whether the call was successful. The attacker exploited this by forcing the staticcall to revert, while embedding the EIP1271_MAGIC_VALUE (0x1626ba7e) in the revert data. The flawed checker mistakenly matched the revert payload and treated the failed call as valid authorization. This bypass allowed the attacker to: - Queue arbitrary malicious transactions into victim Gnosis Safe wallets (without real permission) - Wait for the mandatory cooldown period to expire - Execute them via executeNextTx() and drain funds


An update on the Gnosis Pay incident. As of now, the issue is fully contained. We expect to begin enabling operations in batches on Wednesday evening (GMT+2), with the goal of restoring normal card usage progressively after that. 🧵






At ~3:18 AM UTC today, an undercollateralization vulnerability accrued $239,700 in bad debt in the USDC margin pool. Margin Trading has been temporarily paused. The Deepbook Insurance Fund has injected the amount of lost funds back into the affected pools. Deposits and withdrawals have now resumed.







