Verify a decision

{"actor":"system:backfill","investigation_id":"40f1c3c2-cf2a-4640-9d3a-3f0a5165f29d","kind":"publish","page_slug":"veil-cash","published_at":"2026-05-29T15:59:53.679Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Veil Cash","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/veil-cash","type":"other","url":""},{"credibility":3,"name":"https://docs.veil.cash/","type":"other","url":""},{"credibility":3,"name":"https://www.bankless.com/read/getting-started-with-veils-privacy-protocol-on-base","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://github.com/DK27ss/VeilCash-5K-PoC","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/the-unfinished-proof","type":"other","url":""},{"credibility":3,"name":"https://coinsbench.com/forging-zksnark-proofs-via-misconfigured-verification-keys-the-veil-01-eth-exploit-2a6bb7d0078b","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-february-2026","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://x.com/PashovAuditGrp/status/2025598503255167195","type":"other","url":""},{"credibility":3,"name":"https://skynet.certik.com/projects/veil-cash","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.cryptotimes.io/2026/02/26/foomcash-loses-2-26m-in-copycat-zksnark-exploit/","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/the-unfinished-proof","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-february-2026","type":"other","url":""},{"credibility":3,"name":"https://dev.to/ohmygod/when-zero-knowledge-proofs-break-how-groth16-verification-key-misconfigs-drained-3m-from-defi-47i9","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.veil.cash/intro/verified-users/coinbase-onchain-verification","type":"other","url":""},{"credibility":3,"name":"https://www.bankless.com/read/getting-started-with-veils-privacy-protocol-on-base","type":"other","url":""},{"credibility":3,"name":"https://0xbow.io/","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/348959/0xbow-privacy-pools-new-cypherpunk-tool-inspired-research-ethereum-founder-vitalik-buterin","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/veil-cash","type":"other","url":""},{"credibility":3,"name":"https://www.coingecko.com/en/coins/veil-token","type":"other","url":""},{"credibility":3,"name":"https://cryptorank.io/price/veil-cash","type":"other","url":""},{"credibility":3,"name":"https://skynet.certik.com/projects/veil-cash","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://skynet.certik.com/projects/veil-cash","type":"other","url":""},{"credibility":3,"name":"https://github.com/veildotcash","type":"other","url":""},{"credibility":3,"name":"https://www.veil.cash/","type":"other","url":""}]}],"sources_used":[],"summary":"Veil Cash is a zero-knowledge privacy protocol deployed on Coinbase's Base L2 network, enabling anonymous ETH and USDC transfers via zk-SNARK proofs and a UTXO model. In February 2026 the protocol's legacy pools were exploited due to an incomplete Groth16 trusted-setup ceremony, resulting in 2.9 ETH being drained before funds were returned by the exploiter. The incident attracted industry attention because the same misconfiguration pattern was subsequently replicated in a larger $2.26 million exploit of FoomCash, raising broader questions about cryptographic setup hygiene across ZK DeFi protocols.","timeline":[{"date":"2024-01-01","event":"Veil Cash protocol launches on Base L2 with zk-SNARK privacy pools for ETH and USDC.","source":""},{"date":"2024-06-01","event":"Coinbase EAS (Ethereum Attestation Service) integration introduced, allowing Coinbase-verified users auto-approval into verified pools.","source":""},{"date":"2025-01-01","event":"Pashov Audit Group completes a security review of Veil Cash smart contracts; the Groth16 verifier contract is explicitly listed out of scope.","source":""},{"date":"2026-02-21","event":"Attacker exploits the Groth16 verifier misconfiguration (delta == gamma) in Veil Cash's legacy Base pool, executing 29 fraudulent withdrawals and draining 2.9 ETH in a single transaction.","source":""},{"date":"2026-02-21","event":"DefimonAlerts (Decurity security firm) intervenes and rescues remaining pool funds from the legacy pools.","source":""},{"date":"2026-02-21","event":"Exploiter returns all drained funds unprompted at approximately 22:05 UTC; 100% of Veil Cash user funds recovered.","source":""},{"date":"2026-02-22","event":"Public proof-of-concept for the Veil Cash Groth16 exploit published on GitHub by researcher DK27ss. Rekt.news covers incident as 'The Unfinished Proof'.","source":""},{"date":"2026-02-22","event":"Pashov Audit Group publicly confirms on X that the verifier was out of scope for their audit engagement.","source":""},{"date":"2026-02-26","event":"FoomCash suffers a $2.26 million exploit using the identical Groth16 misconfiguration pattern first publicly documented in the Veil Cash incident.","source":""},{"date":"2026-03-01","event":"CryptoTimes and Halborn publish post-mortems linking the FoomCash exploit directly to the Veil Cash incident as the originating template.","source":""}]},"v":1}