With $850 Million at Risk, Polygon (MATIC) Paid Largest Bug Bounty in History

article image

Vladislav Sopov

White-hat hacker receives $2 million for disclosing the most “expensive” bug in DeFi so far


Polygon, a red-hot smart contracts platform and L2 decentralized finances hub, shares the details of the largest possible hack in DeFi history.

How to make $850 million resubmitting Polygon transactions

According to the official post-mortem released by Immunefi, a multi-product bug bounty platform, in early October 2021, white-hat hacker Gerhard Wagner submitted a bug report to Polygon (MATIC).

According to this report, the flaw in Polygon’s scaling solution, Plasma, allowed it to resubmit the burn transaction multiple times. The malefactor could send the withdrawn requests to Polygon again and again, up to 223 times.

To compromise Polygon Plasma Bridge, an attacker needed to just slightly modify some technical parameters of transactional data, i.e., the “first byte of the branch mask.”

Given the aggregated amount of funds locked in the Deposit Manager Proxy of the bridge, more than $850 million of users’ funds were at risk.

Largest threat, largest bounty

As such, Polygon could have been targeted by the largest attack in the history of DeFi segment: the current “leader,” Poly Network, suffered from a $611 million exploit.

The Polygon team awarded the largest bug bounty bonus ever to Mr. Wagner, $2,000,000 plus the commission of the Immunefi platform. The team responded to Immunefi’s report in 30 minutes and confirmed the bug.

The team stressed that no users’ funds are at risk as of now, and this white-hat hack should be a lesson for DeFi apps:

No user funds were lost (…) Let’s build and make web 3.0 more resilient from such future attacks.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *