Consensys’ zkEVM network, Linea, paused block production for about an hour to prevent additional funds from being bridged out after Velocore, a decentralized exchange (DEX) built on the network, was exploited for approximately $6.8 million worth of ether.
Velocore Exploit Details
On June 2, Velocore, a DEX utilizing Consensys’ zero-knowledge Ethereum Virtual Machine (zkEVM) and Matter Labs’ zkSyncEra, experienced an exploit in its volatile pools. These volatile pools are liquidity pools for uncorrelated assets. The team behind Velocore estimated a loss of around $6.8 million worth of ether due to vulnerabilities in its “Balancer-style CPMM pool contract.” They confirmed that the exploit was exclusive to volatile pools, with stable pools remaining unaffected.
Linea’s Swift Response
Blockchain security firm Hexagate alerted the Linea team to the exploit. In response, Linea deployed several ecosystem security measures, including halting the blockchain sequencer to prevent further funds from being bridged out by the exploiter. “700ETH moved off Linea via a 3rd party bridge. It was the middle of the night, Velocore was still vulnerable and we could not get ahold of their team,” the Linea team explained on X.
Linea stopped producing blocks between block 5081800 and 5081801 for about an hour. During this period, the hacker’s wallet address was censored, and the attacker was prevented from selling large amounts of ether.
Balancing Security and Decentralization
Anticipating criticism from decentralization proponents, the Linea team justified their decision to halt block production as a necessary measure to protect users and builders in the ecosystem. “Like other L2s, we are still in the ‘training wheels’ phase of existence, giving us safeguards to use,” they stated on X. “Most L2s, including Linea, still rely on centralized technical operations which can be leveraged to protect ecosystem participants. Linea’s core value is a permissionless, censorship-resistant environment so it was not a decision we took lightly.”
Velocore’s Next Steps
Meanwhile, the Velocore team is actively tracking down the exploiter and plans to reimburse affected users once operations resume.