Woofun AI reports that Zodiac has published a post-mortem analysis regarding the security incident involving the Zodiac Roles Modifier. The investigation identified the root cause as a critical flaw in the ERC-1271 transaction signature verification logic, where the system validated signatures solely based on the returned 'magic value' without confirming the success of the underlying call. This oversight permitted failed verifications to be misinterpreted as valid signatures, enabling attackers to circumvent the module authentication mechanism. Zodiac clarified that exploitation required specific configurations, leaving EOA role members and deployments not utilizing the affected module unimpacted.

Concurrently, the team has deployed self-service detection and remediation tools for affected users. Collaborating with white-hat security teams, Zodiac has successfully secured over 99% of the at-risk funds. The compromised contracts have been patched and subjected to independent audits, resulting in the full restoration of normal service operations.