Gnosis Pay has urged its users to immediately withdraw their EURe and GNO tokens following the discovery of a critical vulnerability in the Zodiac delay module. The exploit, which came to light on June 1, allowed an attacker to bypass standard security protocols and initiate unauthorized transactions directly from users' Safe smart accounts.
The issue stems from a bug in the Zodiac delay module – a tool designed to add a time delay to transactions, giving decentralized autonomous organizations (DAOs) and multisig wallets a window to veto malicious proposals. Instead of acting as a safety net, the flawed module allowed an attacker to queue and execute transactions, effectively hijacking the execution flow of affected accounts.
As news of the exploit spread, Gnosis Pay users rushed to drain their balances to prevent potential losses. The primary assets at risk are GNO, the native utility token of the Gnosis chain, and EURe, an on-chain Euro stablecoin issued by Monerium that powers Gnosis Pay’s debit card transactions. The sudden rush to withdraw has put immediate pressure on GNO liquidity pools, with the token slipping 4.5% in early trading following the disclosure.
Gnosis Pay operates as a decentralized payment network, bridging on-chain assets with traditional Visa card networks. Because the system relies heavily on Safe’s smart account infrastructure to manage user funds, any vulnerability in the underlying modules directly threatens the security of the payment infrastructure.
The Gnosis team has not yet disclosed the exact amount of capital exposed or stolen in the exploit. Developers are currently working on a patch to secure the Zodiac module, but the immediate priority remains user-led asset preservation.
Traders and users should closely monitor the official Gnosis Pay social channels for a detailed post-mortem and updates on when it will be safe to deposit funds again. The key risk now is whether the exploit has broader implications for other DeFi protocols that utilize the Zodiac framework for transaction scheduling.
Gnosis Pay Urges Withdrawals After Zodiac Module Exploit
Gnosis Pay users are urged to withdraw EURe and GNO after a bug in the Zodiac delay module allowed an attacker to initiate unauthorized Safe transactions. This exploit caused user exits from the platform.