zkSync Wallet Exploit: $5.1M Mint Attack via Admin Wallet Compromise
Exploring the April 2025 zkSync exploit: how admin wallet access led to mass unauthorized token minting and the security defenses added afterward.
zkSync Mint Attack: The Hazards of Admin Wallet Exposure
Attack Mechanics Behind the Curtain
The April 2025 attack on zkSync targeted the protocol’s token governance layer and exploited direct admin wallet access. The attacker, whether through social engineering or credential theft, took control of a wallet with mint permissions for the main zkSync token contract. With those privileges, the attacker minted 111 million new governance tokens—far exceeding protocol design and market supply.
The malicious tokens were quickly funneled into decentralized exchanges, flooding AMMs and draining liquidity as the tokens were swapped for ETH and stablecoins. This depressed the legitimate token price and destabilized ecosystem incentives. Although the unauthorized minting was visible on-chain within seconds, there were no live circuit breakers or emergency admin controls to pause mint or transfer functions mid-stream—the protocol’s defense hinged entirely on proper admin access separation, which failed the day it mattered.
From Crisis to Safeguards: The Post-Mortem Mandate
After this exploit, zkSync overhauled all admin and privileged contract workflows. All mint and upgrade keys now reside inside geographically-dispersed multi-party computation (MPC) custody systems. No upgrade, mint, or transfer right can be used in isolation or without multiple device-based and role-based sign-offs, including hardware authentication. An on-chain emergency shutdown feature was introduced, letting multisig signers halt token operations within seconds during suspicious mints or burns.
Additionally, all key admin actions are now rate-limited and auditable in real-time using on-chain analytics bots. A public governance schedule posts every significant protocol permission change or mint event ahead of time, so that sudden, unscheduled mints are immediately recognizable to the community. This episode underscored for all DeFi teams: privilege is the ultimate protocol risk—admin access must be guarded above all else, and fast, immutable emergency controls are table stakes for any network managing major token supplies.
.png&w=3840&q=75)
