SlowMist|Apr 28, 2026 03:27
🚨. @ZetaChain has been exploited. Based on initial analysis, the following outlines the root cause.
Root Cause
The core vulnerability lies in the call function of ZetaChain's GatewayZEVM contract, which lacks both access control and input validation. This allows any arbitrary user to invoke cross-chain calls through GatewayZEVM and execute arbitrary operations on external chains via the relayer.
Specifically, an attacker can craft a malicious call on ZetaChain to emit a cross-chain event. ZetaChain's relayer picks up this event and, through TSS, executes the malicious call on the destination chain — enabling the attacker to drain funds.
Transactions:
https://zetascan.com/tx/0xdaa19f9952b8d171ae3481a0b31b6c63d8ee4da03c5821663be5cdb29ddc4521
https://etherscan.io/tx/0x81fc9b2457b3ea66e2cefe2afe65d083ce358a11520e0f4aa5faad0bfea18a56(SlowMist)
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink