Aztec Legacy Bridge Loses 1,158 ETH In Second Drain This Week

An old Aztec Private Rollup Bridge contract lost 1,158 ETH after an attacker used its escapeHatch() function to withdraw funds from deprecated privacy infrastructure.

The Ethereum transaction moved the ETH from the contract labeled Aztec: Private Rollup Bridge to the caller. The transfer was worth roughly $2 million based on ETH’s market price at the time.

The affected contract sits at 0x737901bea3eeb88459df9ef1be8ff3ae1b42a2ba, a legacy bridge tied to older Aztec privacy infrastructure rather than the current Aztec Network.

Attacker Used The escapeHatch Route

The attacker submitted a proof path that the contract accepted through escapeHatch(), a function designed to let users exit through Ethereum when normal rollup processing is unavailable.

The call released 1,158 ETH directly to the caller. Early technical analysis points to manipulated public inputs around the escape-hatch flow, allowing the withdrawal to pass contract validation and settle from the bridge balance.

That makes the incident a contract-level withdrawal failure rather than a frontend compromise or user-signing attack. The assets moved because an onchain exit path still existed, remained callable and still held ETH.

No full Aztec post-mortem had been published at the time of writing, leaving the exact proof-validation failure subject to further technical review.

Second Aztec-Linked Legacy Contract Hit

The latest incident follows another Aztec-related drain earlier this week, when approximately $2.1 million moved from deprecated Aztec Connect infrastructure.

That earlier case involved a retired system that had already been shut down. Aztec said the affected Aztec Connect contracts were separate from the current Aztec Network and the AZTEC ERC20 token.

The new Private Rollup Bridge transaction broadens the issue from one retired product to the wider set of old Aztec contracts still holding funds. A frontend shutdown does not remove contract balances, and immutable contracts can continue responding to calls long after active product support ends.

The pattern is similar to the earlier Aztec Connect exploit, where the live risk came from old infrastructure rather than current user-facing systems.

Legacy Contracts Remain The Focus

Bridge exit paths carry high stakes because they are built to release assets from one system back to Ethereum. When validation logic fails, the function can become the route for a direct balance withdrawal.

The same operational problem has appeared elsewhere in DeFi. The Thetanuts legacy vault exploit showed how older product lines can retain enough value to attract attackers even after newer infrastructure has taken over.