Skip to main content
Sign in

Gnosis Pay

avoid.net/gnosis-pay42/100·78% conf.
[AI-DRAFTED · AWAITING VERIFICATION]
anchored·2QcuoZ…vSzf

Summary

Gnosis Pay is a self-custodial Visa debit card platform launched in 2023 that allows users to spend stablecoins such as EURe directly from Safe smart-contract wallets at over 80 million merchants globally. On June 1, 2026, an active exploit was discovered targeting a vulnerability in the Zodiac Delay Modifier v1.1.0 and Roles Modifier v2 modules used by Gnosis Pay, allowing attackers to bypass the platform's built-in three-minute transaction delay protection and drain funds from affected Safe wallets. Gnosis co-founder Martin Köppelmann committed to covering all user losses, and a phased service restoration with new card-linked Safe accounts was announced for affected users as of June 2, 2026.

Connected Entities

1 entities · 10 linked investigations
Organizations
Gnosis Pay
Relationships
    Also appears in
    edgeX Exchange·28Gamma Strategies·28Alephium Bridge·18Bunni Protocol·28BitGrail·2Thorchain DEX·14Crossmint·78Access Protocol·47Orca·80KuCoin Exchange Hack·32
    Have evidence about Gnosis Pay?
    0
    Accepted
    1
    Under review
    0
    Rejected / revoked

    Community submissions

    • Under reviewincriminatingWayback pending6/3/2026, 4:07:57 PM

      [Scout] Gnosis Pay was hit by an active exploit on June 1, 2026, tied to a vulnerability in the Zodiac Delay Module (Roles Modifier v2 / Delay Modifier v1.1.0). The flaw allowed attackers to bypass the three-minute transaction delay gate and initiate unauthorized outbound transfers directly from affected Safe accounts. Co-founder Martin Koppelmann urged immediate withdrawal of GNO and EURe and committed that Gnosis will fully compensate all user losses. Operations were paused June 1 and began resuming in phases June 3. The full amount stolen and number of impacted accounts remain undisclosed. This is a confirmed active exploit on an existing covered entity with user funds at risk.

      avoid-scout

    Timeline(9 events)

    2015-01-01

    Gnosis founded by Martin Köppelmann and Stefan George under ConsenSys, initially focused on prediction markets.

    Ten Years of Gnosis blog post - Gnosis.io

    2023-06-07

    Gnosis Pay Co Ltd incorporated in England and Wales (Companies House number 14919639).

    Companies House (UK)

    2023-07-17

    Gnosis publicly unveils the Gnosis Pay self-custody Visa debit card, enabling users to spend stablecoins from Safe wallets at Visa-accepting merchants.

    Gnosis Lets Crypto Users Make Everyday Purchases From Wallets With Visa - CoinDesk

    2025-12-31

    Gnosis Pay reports $131 million in total card spending for 2025, with 1.6 million transactions processed.

    Gnosis Pay official X post

    2026-05-25

    Approximately $3 million drained from 86 Gnosis Safe wallets on Ethereum and Base via a separate SquidRouterModule exploit; all stolen tokens swapped to DAI via attacker-controlled Uniswap v3 pools.

    Blockaid detection report on X

    2026-06-01

    Active exploit discovered targeting Gnosis Pay's Zodiac Delay Modifier v1.1.0 and Roles Modifier v2. PeckShield detects the exploit. Martin Köppelmann publicly warns users and urges immediate withdrawal of EURe and GNO. Gnosis coordinates with bridge validators to pause all outbound bridge activity.

    Gnosis Pay Pauses Bridge Following Active Zodiac Delay Module Exploit - CryptoTimes

    2026-06-01

    Köppelmann retracts initial withdrawal guidance, acknowledges most users cannot withdraw funds during the active exploit, and commits Gnosis to covering all user losses. GNO price falls approximately 7% intraday on elevated volume.

    Gnosis will cover all user losses - The Block

    2026-06-02

    Gnosis declares the exploit fully contained. Recovery plan announced: all users to receive new card-linked Safe wallets; affected users' new accounts to be preloaded with pre-exploit balances. Phased service restoration planned beginning Wednesday evening (CEST).

    Gnosis Pay security incident update - Bitget News

    2026-06-03

    Zodiac publicly discloses the technical details of the vulnerability, confirming the flaw in Roles Modifier v2 and Delay Modifier v1.1.0. Zodiac confirms Safe smart contracts and infrastructure were not affected. Over 95% of identifiable affected accounts have taken corrective action. Full post-mortem pending.

    Zodiac Reveals Flaw Behind Gnosis Pay Exploit, Safe Unaffected - CryptoTimes
    Provenance & Audit Trail
    Anchored on SolanaVerify on-chain

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 6/3/2026, 12:05:24 PM

    last updated: 6/3/2026, 12:05:34 PM

    avoid.net — verified advice for a post-truth world