One deprecated contract, one flawed escape hatch circuit, and a verifier that should have been retired years earlier. Aztec’s legacy rollup contract lost roughly $2.198 million after a ZK proof passed a broken root-binding check.

$2.28 million drained from Aztec Connect on June 14th, a deprecated ZK-rollup built by Aztec Labs, across two consecutive days. The ZK proof and settlement layer processed different transaction sets, attackers exploited the gap to mint unbacked balances and drain real funds.

Seven keys on one laptop handed an attacker $36.4 million from Humanity Protocol across Ethereum and BSC. Rare for its kind, the owner of the compromised device was publicly named. The code wasn't broken. The key management was, and nobody's been held accountable for either.

5 billion SYS minted from a malformed SPV proof that slipped past Syscoin’s bridge relay parser. The team published the receipts, coordinated a whitehat recovery, and the funds came back. No public audit record for the relay path that failed.

One key held everything. TesseraDAO lost $2.49 million - minted from nothing, dumped, and gone through Tornado Cash. No multisig, no real audit, not even an acknowledgment that they were exploited. Just hollow men, straw governance, and a Telegram full of bots.

$5.4 million gone from Gravity Bridge after an attacker minted worthless tokens on Osmosis, poisoned the token registry with a fabricated denom string, and walked out with real assets. The attacker didn't break the code. They just found where it stopped asking questions.

A 2021 DxSale locker, an unprotected admin key, $7.3 million gone. Decurity flagged the risk in 2023 for $500. Two compromised contracts holding $15.5 million remains untouched, for now.

$3.98 million drained from 88 Gnosis Safes across three chains on New Market Trading. A third-party Safe module trusted caller-supplied data over msg.sender. One missing require check. Anyone who read the source code could drain every wallet.