TLDR
- Gnosis promises full user compensation after Gnosis Pay exploit
- Zodiac Delay Module flaw triggers urgent Gnosis Pay response
- Gnosis moves to contain breach across affected Safe accounts
- Gnosis Pay users face risk after delay module exploit emerges
- Gnosis breach renews focus on smart contract payment risks
Gnosis moved to contain a Gnosis Pay security breach after attackers exploited a flaw in the Zodiac Delay Module. The incident affected Safe-based payment accounts and forced urgent action across related infrastructure. Gnosis also promised full compensation for users who suffer losses from the exploit.
Zodiac Delay Module Bug Triggers Breach
The breach started after attackers found a weakness in the Zodiac Delay Module used by Gnosis Pay accounts. The module normally adds a short waiting period before certain outgoing transactions execute. The flaw allowed attackers to initiate transactions from Safes with the module enabled.
Gnosis Pay uses Safe smart accounts to connect crypto wallets with real-world card payments. The system also uses modular tools that support account control and payment execution. A bug inside one module created direct risk for users holding EURe and GNO.
Gnosis co-founder Martin Köppelmann confirmed that the bug related to the delay module. He later said the attacker could initiate transactions from affected Safes. As a result, the team urged users to treat the issue as an active security incident.
Gnosis Moves to Limit Further Damage
Gnosis began containment steps as the exploit developed across affected accounts. The team asked bridge validators to pause related activity to slow possible fund movement. This step aimed to reduce exit routes while the team investigated the breach.
The company also told users to withdraw EURe and GNO where possible. Köppelmann later clarified that many users might not complete manual withdrawals. Gnosis focused on infrastructure-level controls to reduce further exposure.
PeckShield also warned users about the active exploit linked to Gnosis Pay. The blockchain security firm urged users to check their exposure and withdraw funds. Meanwhile, Gnosis said it would cover all user losses tied to the incident.
Compensation Pledge Adds Context To Payment Security Risks
Gnosis has not released a final loss figure from the Gnosis Pay breach. The team has also not published a full technical report on the exploit. The number of affected accounts remains unclear at the time of writing.
The incident adds pressure on smart contract-based payment systems. Gnosis Pay links self-custody wallets to a Visa-connected card product for daily spending. This model gives users direct control, but it also depends on secure wallet permissions.
The breach also follows other attacks involving Safe-related infrastructure. Blockaid earlier reported a $3 million theft from 86 Safe wallets across Ethereum and Base. Those incidents show how third-party modules can create serious risks inside crypto payment and wallet systems.
