On April 15, ZK token prices on ZKsync—once one of the “Big Four” Ethereum Layer 2s—plummeted without warning. At the time of writing, the ZK token is priced at $0.0444, marking a 24-hour drop of over 14% and sparking widespread concern in the community. In response to the incident, a major centralized exchange (CEX) has suspended ZKsync deposit and withdrawal services.

What Happened?

ZKsync’s official team responded quickly. At 9:49 PM on April 15, they issued a statement confirming that the breach originated from a compromised admin account. This account controlled about $5 million worth of ZK tokens. These tokens weren’t arbitrarily created—they came from unclaimed tokens left over from a previous ZKsync airdrop campaign.

The team emphasized that the unauthorized minting and sell-off stemmed from a stolen key tied solely to the airdrop contract. They described it as an isolated incident. According to ZKsync, they are taking appropriate security measures and clearly stated that all user funds are safe and were never at risk. The ZKsync protocol and token contracts remain unaffected, with no further tokens at risk of being stolen.

Later that night at 11:25 PM, ZKsync provided an update: “Our investigation shows that the admin account managing three airdrop distribution contracts was compromised. The breached account is: 0x842822c797049269A3c29464221995C56da5587D. The attacker invoked the sweepUnclaimed() function, minting around 111 million unclaimed ZK tokens from the airdrop contracts. This increased the circulating supply by roughly 0.45%. The attack was limited to airdrop distribution contracts, and all mintable tokens have now been minted. No further exploitation is possible through this method. The ZKsync protocol, ZK token contract, all three governance contracts, and active token minting plans remain unaffected and will continue operating normally.”

Despite these reassurances, the token’s price volatility spoke volumes. More importantly, the community didn’t seem to buy the official explanation.

Many in the community alleged that the act was premeditated rather than an “accidental theft.” They pointed out that ZKsync first minted 111 million $ZK on-chain, then offloaded 66 million tokens in a massive sell-off—essentially accusing the team of staging an “inside job.”

@yuyue_chris commented that the ZKsync incident is yet another example of the “centralized manipulation playbook” seen recently. The abnormal token minting is viewed as a blatant abuse of power, completely undermining investor trust in VC-backed projects. The official response, according to him, was “purely perfunctory.”

In recent years, competition among Layer 2 solutions has grown increasingly fierce. ZKsync had already disappointed some investors by halting its liquidity incentives during the bear market. Now, the emergence of this security scandal only adds insult to injury.

Once a Layer 2 Star, Now in Disarray

ZKsync is an Ethereum Layer 2 scaling solution that significantly reduces transaction costs and increases speed by shifting transaction processing off the Ethereum mainnet to a sidechain. It uses ZK Rollup technology, which was once heralded as the future of Layer 2 thanks to its efficiency and security.

Among Layer 2 players, ZKsync was once considered a leading force alongside Arbitrum, Optimism (from the OP Rollup camp), and Starknet (also ZK Rollup). It basked in the limelight for a time.

But ZKsync’s recent performance has been far from stellar. After the airdrop in June last year, ecosystem activity sharply declined. Data shows that the number of active addresses on ZKsync dropped by 83.5%, while average daily transaction volume plummeted 86%. During the June 2023 airdrop, 3.6 billion ZK tokens were distributed to 695,232 wallets. However, Nansen data reveals that over 40% of recipients dumped all their tokens immediately, 41.4% sold part of their holdings, and only 17.9% chose to hold. This suggests the airdrop failed to incentivize long-term participation and instead intensified selling pressure.

Moreover, ZKsync had already earned a “rug chain” reputation. In April 2023, SyncDex Finance appeared to pull a rug, vanishing with over 100 ETH and 98,444.8 USDC in staked funds and shutting down all official channels. Less than a month later, the SHIBERA project drained its liquidity pool and disappeared. In July of the same year, Kannagi Finance’s TVL (Total Value Locked) plummeted from $2.13 million to just $24, with its official accounts deactivated. The xBank Finance project in May also reportedly collapsed, with its official accounts frozen.

And it’s not just ZKsync—other former top Ethereum Layer 2 players are also facing hard times. In March 2024, Ethereum’s Cancun upgrade briefly shifted attention back to the Layer 2 space. But according to Artemis data, active addresses for ZKsync, Arbitrum, Optimism, and Starknet peaked in Q2 2024 before entering steady decline. ZKsync, in particular, saw a spike in active addresses in April and June 2024, peaking at nearly 1.4 million—far ahead of other Layer 2s. However, after the June 17 airdrop, the number of active addresses plunged. By the end of July, it had hit rock bottom. Although there were minor rebounds afterward, activity has remained consistently below 200,000.

As competition in the Layer 2 space reaches a fever pitch, ZK Rollup projects like ZKsync have failed to maintain their early lead. In contrast, Base has risen rapidly, leveraging the low entry barrier of Coinbase’s smart wallet and achieving nearly 4 million daily transactions—almost double that of Arbitrum—to attract a large user base, significantly diverting market share. Meanwhile, Ethereum ecosystem applications such as meme coins and DeFi have been siphoned off by Layer 1 chains like Solana, causing many Layer 2s to gradually become “ghost chains” with no real user activity.

Whether ZKsync’s recent incident was truly a theft or yet another case of market manipulation by shady insiders remains unconfirmed. However, to regain the community’s trust and return to the top tier of Layer 2s, ZKsync must take concrete steps to prove itself. More broadly, for the entire Layer 2 sector, the real challenge may no longer be just technical—it’s about transforming from a “traffic bubble” into genuine value creation under the pressures of fierce competition and market fragmentation.

Disclaimer:

1. This article is reprinted from [BlockBeats], with copyright belonging to the original author [Ashley]. If you have any concerns about this reprint, please contact the Gate Learn team, who will address the issue according to the appropriate procedures.

2. Disclaimer: The views and opinions expressed in this article are solely those of the author and do not constitute any investment advice.

3. Translations of this article into other languages were provided by the Gate Learn team. Do not copy, distribute, or plagiarize the translated content without referencing Gate.io.