Aztec Connect Deprecated Bridge Exploits (June 2026)
Summary
In June 2026, two separate exploits drained a combined total of approximately $4.3–4.4 million from deprecated Aztec bridge contracts within three days. The first exploit, on June 14, targeted the abandoned Aztec Connect RollupProcessor contract (deprecated March 2023) by exploiting a settlement-boundary mismatch in zk-rollup proof verification; the second, on June 17–18, targeted a deprecated Private Rollup Bridge (closed 2022) via an unauthenticated escape hatch function. Both contracts were immutable with admin keys renounced, making intervention impossible. Aztec Labs and the Aztec Foundation confirmed the affected contracts have no connection to the current Aztec network or the AZTEC ERC-20 token.
Connected Entities
1 entities · 10 linked investigationsTimeline(10 events)
2021-01-01
Aztec's original Private Rollup Bridge (the product later exploited in the second June 2026 incident) launched on Ethereum mainnet.
Coinpedia / AMBCrypto2022-01-01
Aztec Private Rollup Bridge officially closed. Smart contracts remained live and immutable on-chain.
Crypto Times2022-07-01
Aztec Connect launched as a privacy-focused zk-rollup bridge on Ethereum, allowing private DeFi transactions.
Crypto Briefing2023-03-31
Aztec Labs deprecated Aztec Connect, halting new deposits. Admin keys had been renounced; the contract remained immutable and unupgradeable.
Crypto Briefing / The Defiant2024-03-31
Aztec Connect off-chain sequencer fully shut down. On-chain RollupProcessor contract continued to hold residual user funds.
Crypto Briefing2026-06-14
First exploit: attacker (EOA 0x0F18D8b44a740272f0be4d08338d2b165b7EdD17, funded via Tornado Cash) drained approximately $2.19 million (909 ETH, 270,000 DAI, 167 wstETH, and other tokens) from the Aztec Connect RollupProcessor contract (0xff1f2b4adb9df6fc8eafecdcbf96a2b351680455) via a zk-rollup settlement boundary bypass executed as 14 consecutive processRollup() calls.
SlowMist / CoinTelegraph / BlockSec via multiple outlets2026-06-14
Aztec Foundation posts official statement on X confirming the exploit and disavowing any connection to the current Aztec network or AZTEC ERC-20 token.
Aztec Foundation on X2026-06-15
BlockSec, CertiK, and SlowMist publish analyses of the first exploit. SlowMist reports stolen funds remain unmoved in attacker's wallet.
Crypto Times / CoinInsider2026-06-17
Second exploit: attacker (EOA 0x6952...8e97f, funded with 0.134 ETH from HitBTC) drained approximately $2.21 million (1,158 ETH, 150,000 DAI, 0.4696 renBTC) from the deprecated Aztec Private Rollup Bridge RollupProcessor contract (0x737901bea3eeb88459df9ef1be8ff3ae1b42a2ba) by exploiting the unauthenticated escapeHatch() function.
Crypto Times / Coinpedia / AMBCrypto2026-06-18
Second exploit widely reported. Aztec Labs confirms the second affected contract is a deprecated Stage 2 rollup from 2022 with no admin key access. AZTEC token declines approximately 1.6%.
Coinpedia / AMBCrypto / Crypto TimesDecision Log
- hash: Fowpp9U9nkkCUKu9L2jwcDDswDBp8M8qxBa9UHrSyMkM
This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.
model: claude-sonnet-4-6
generated: 6/19/2026, 12:07:46 PM
last updated: 6/19/2026, 12:07:57 PM
avoid.net — verified advice for a post-truth world