Zodiac Releases Security Incident Post-Mortem: ERC-1271 Verification Flaw Allowed Attackers to Bypass Module Authentication

Odaily Odaily reports that the Zodiac team has released an analysis report on a security incident affecting the Zodiac Roles Modifier, disclosing that the root cause of the vulnerability lies in a defect in the ERC-1271 transaction signature verification logic: the system only judges the validity of a signature based on the returned "magic value" without verifying whether the call itself was successful, thus potentially masking a failed verification as a valid signature and bypassing the module authentication mechanism.

Zodiac clarified that this vulnerability could only be exploited under specific configurations, and that EOA role members and other deployments not using the relevant module are unaffected. Affected users have been notified, and self-service detection and remediation tools have been launched. In collaboration with a white-hat team, asset recovery efforts are underway. Over 99% of the potentially at-risk funds have been secured, the affected contracts have been repaired and pass independent audits, and services have returned to normal.