News linked to both this project and an event.
According to analysis by BlockSec Phalcon (@Phalcon_xyz), Aztec Network's RollupProcessorV3 contract was attacked, resulting in losses exceeding $2.15 million. The root cause is that `numRealTxs` was not effectively bound to the transaction set enforced by the ZK proof, causing a deviation between the proof verification path and the L1 settlement logic's interpretation of the transaction list.The attacker exploited this vulnerability to move real deposits to slots not processed by the settlement logic, bypassing the `decreasePendingDepositBalance()` function. By creating unbacked private balances out of thin air, they were able to withdraw funds through the normal settlement process. A total of seven assets were involved.
According to The Block, the Sui Foundation released an incident report on May 31, disclosing three consecutive outages on its mainnet from May 29 to 30—each traced back to two independent bugs introduced in the v1.72 upgrade. The first two outages were caused by a gas fee calculation error stemming from the newly launched “address balance” feature: funds were deducted even when transactions were canceled, resulting in negative account balances and subsequent validator node crashes. The third outage was triggered by a latent vulnerability in the random number generator during node restarts, preventing the network’s epoch from closing normally. The Sui Foundation stated that all known issues have now been resolved; user funds remained unaffected throughout the incidents, and no settled transactions were rolled back. The Foundation plans to further enhance its fault-tolerance mechanisms to ensure future similar bugs impact only individual transactions—not the entire network.
Odaily News Bitcoin contributor Jameson Loop and other cryptographers have proposed an initiative that could force Bitcoin holders to migrate their tokens to new quantum-resistant addresses, otherwise their tokens would be permanently frozen by the network itself. In this scenario, holders would technically still "own" the coins but would lose the ability to transfer them. This is known as Bitcoin Improvement Proposal BIP-361, which was updated in Bitcoin's official proposal repository on Tuesday under the title "Post-Quantum Migration and Legacy Signature Deprecation".BIP-361 builds upon the BIP-360 proposal introduced in February. BIP-360 introduced a soft fork (a network upgrade) designed to enable a new transaction type called "Pay-to-Merkle-Root" (P2MR). This method draws from Bitcoin's Taproot (P2TR) framework but removes the key-based spending path, thereby eliminating an element widely considered to be at risk in the quantum era.The BIP-361 proposal divides the migration into three phases. Phase A begins three years after activation, prohibiting anyone from sending new Bitcoin to legacy, quantum-vulnerable addresses. You can still spend from these addresses but cannot receive any coins.Phase B begins five years after activation, rendering legacy signatures (ECDSA and Schnorr) completely invalid. The network will reject any attempts to spend coins from quantum-vulnerable wallets. Essentially, your coins will be frozen.Finally, there is Phase C, a still-under-research rescue plan: holders of frozen wallets may be able to prove ownership via zero-knowledge proofs (a method of proving knowledge of a secret without revealing the secret itself). If successful, coins frozen in Phase B could be recovered. (CoinDesk)