gnosis pay exploit root cause: a taint of revert data https://gnosisscan.io/tx/0x5ea42911c803b…

↩ (@koeppelmann) @gnosispay The bug is related to the "Zodiac delay module". The attacker is able to initiate tx from Safes with such a delay module. We are doing various measures to contain the damage like asking bridge validators to pause. https://x.com/koeppelmann/status/2061361…

Community Notice: Zodiac Roles Modifier v2 and Delay Modifier v1.1.0 — Security Update We identified a vulnerability in two Zodiac modules: Roles Modifier v2 and Delay Modifier v1.1.0. It affects only accounts where one of these modules is enabled AND a Safe account with a vulnerable fallback handler is itself assigned as a module or role member to the affected module. Safe smart contracts, Safe{Wallet} infrastructure & UI are not affected. Other Zodiac modules and setups are also not affected. We've been working directly with affected users since identifying the issue. Over 95% of identifiable accounts have already resolved it. If you have either module enabled and have not yet acted, check your account and follow the steps: https://app.zodiac.eco/public/fallback-h… We apologize for the disruption and concern this incident has caused. Our team is working as quickly as we can to support affected users and help wherever possible. A full post-mortem will follow. If you have any questions, reach us at security@gnosisguild.org

An update on the Gnosis Pay incident. As of now, the issue is fully contained. We expect to begin enabling operations in batches on Wednesday evening (GMT+2), with the goal of restoring normal card usage progressively after that. 🧵