Gnosis Pay Users Urged to Withdraw After Zodiac Delay Module Bug
A bug in the Zodiac delay module exposed Gnosis Pay users to unauthorized Safe transactions, prompting the team to recommend immediate withdrawal of EURe and GNO tokens. The vulnerability allowed an attacker to initiate transactions without proper authorization checks.
Key Takeaways
- 1## The Vulnerability A flaw in the Zodiac delay module, a smart contract component used by Gnosis Pay, permitted an attacker to initiate Safe transactions that should have required additional authorization steps.
- 2The bug bypassed security checks designed to prevent unauthorized fund movements, creating a window for potential theft.
- 3## Immediate Response Gnosis Pay recommended users withdraw their EURe stablecoin and GNO governance token holdings as a precaution.
- 4The team did not disclose whether any funds had been stolen before the vulnerability was identified or whether the exploit had been active in the wild prior to disclosure.
- 5## Technical Context Zodiac is a suite of modular smart contracts that extend the functionality of Gnosis Safe accounts.
The Vulnerability
A flaw in the Zodiac delay module, a smart contract component used by Gnosis Pay, permitted an attacker to initiate Safe transactions that should have required additional authorization steps. The bug bypassed security checks designed to prevent unauthorized fund movements, creating a window for potential theft.
Immediate Response
Gnosis Pay recommended users withdraw their EURe stablecoin and GNO governance token holdings as a precaution. The team did not disclose whether any funds had been stolen before the vulnerability was identified or whether the exploit had been active in the wild prior to disclosure.
Technical Context
Zodiac is a suite of modular smart contracts that extend the functionality of Gnosis Safe accounts. The delay module adds a time-lock mechanism to transactions, requiring a waiting period before execution. The bug in this module created a logic error that permitted transaction initiation without the intended safeguards.
Why It Matters
For Traders
EURe and GNO holders have immediate liquidity risk; positions should be moved to secure wallets pending a full security audit or patch.
For Investors
A core infrastructure layer bug affecting a major self-custody platform damages confidence in Gnosis ecosystem security and may slow adoption of EURe.
For Builders
Teams integrating Zodiac delay modules should audit their implementations immediately and consider temporary suspension of affected features until a patched version is deployed.
