On June 14, 2026, the deprecated Aztec Connect RollupProcessor contract was exploited for approximately $2.19 million. The root cause is a structural gap between numRealTxs and decoded_slots in the rollup settlement logic. The attacker set numRealTxs=1 while the ZK proof committed 32 public input slots, with 31 gap slots bypassing L1 verification entirely. In a single atomic transaction containing 14 processRollup() calls, the attacker first minted unbacked L2 balance across 7 malicious rollups (depositing fake assets into gap slots), then withdrew the inflated balance as real L1 assets in 7 subsequent rollups. All stolen funds remain at the attacker's EOA as of June 15, 2026. The vulnerability highlights the critical need for strict alignment between L1 settlement loops and ZK public input commitment ranges. SlowMist recommends comprehensive audits for Rollup systems, especially focusing on L1/L2 state boundary consistency and on-chain secondary verification of ZK proofs.

Key facts

• Attack exploited gap between numRealTxs=1 and decoded_slots=32 in rollup processing.
• 31 gap slots bypassed L1 verification but were committed by ZK proof.
• Single atomic transaction: 7 mint rollups then 7 withdrawal rollups totaling ~$2.19M.
• All stolen funds remain at attacker's EOA as of June 15, 2026.
• Deprecated Aztec Connect contract immutable, still holding user assets.