Skip to content

[NEW]: ZK circuits exploits #1279

New issue
New issue
Open
Open
[NEW]: ZK circuits exploits#1279
Labels
newNew entry to add to the timeline
@ValdikSS

Description

@ValdikSS
ValdikSS
opened on Feb 28, 2026

Date

2026-02-27

Description

The first two known exploits against live ZK circuits just happened, and they weren't subtle underconstrained bugs.
They were Groth16 verifiers deployed without completing the trusted setup ceremony. One was white-hat rescued for ~$1.5M, the other drained for 5 ETH.

When you run groth16 setup, it initializes γ and δ to the G2 generator as a placeholder. You're expected to run zkey contribute to randomize δ. Skip that step, and your verifier accepts any proof.

Links

https://x.com/zksecurityXYZ/status/2027417243059896544
https://xcancel.com/zksecurityXYZ/status/2027417243059896544

Agreement

  • I irrevocably agree to release my contribution under the CC-BY 3.0 License

Attribution name

No response

Personal link

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    newNew entry to add to the timeline

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions