Aztec Network遭攻击损失逾215万美元，根因系ZK证明与L1结算边界不匹配

Odaily Planet Daily News: According to BlockSec Phalcon (@Phalcon_xyz) analysis, the RollupProcessorV3 contract of Aztec Network was attacked, resulting in a loss of over $2.15 million. The root cause is that `numRealTxs` was not effectively bound to the transaction set enforced by the ZK proof, causing a mismatch between the proof verification path and the L1 settlement logic's interpretation of the transaction list.

The attacker exploited this vulnerability to move a genuine deposit to a slot not processed by the settlement logic, bypassing the `decreasePendingDepositBalance()` function, creating unbacked private balances out of thin air before withdrawing them through the normal settlement process. The attack involved a total of seven assets.