Polygon officially issued a statement on December 29, stating that in the hard fork upgrade carried out on December 4, a super loophole capable of stealing 92% of the total supply of MATIC has been patched. It was announced after the upgrade in order to avoid turmoil. However, , Already black hat hackers have stolen 801,601 MATICs.
The loopholes are unprecedentedly huge, and the official decided to quietly patch them so as not to be stunned
According to the official "Two or Three Things You Should Know About This Upgrade" statement, on December 3, a white hat hacker notified the super vulnerability in the Polygon creation contract to the vulnerability bounty platform Immunefi, which allowed attackers Through the lack of quota check in the MRC20 contract transfer function, hackers are allowed to steal more than 9.2 billion MATICs (worth more than 24 billion U.S. dollars), and the total amount of MATICs is only 10 billion, which shows the severity of the vulnerability.
Due to the size of the matter, if the hackers are alerted early, it may cause more losses. Polygon officially decided to follow the silent patch policy adopted by the Ethereum client Geth, which means that the loopholes should be patched before the announcement. After the patch was released, Polygon quietly launched a hard fork upgrade at block height 22156660 on December 5th, and finally successfully patched up the shocking vulnerability.
Hackers still get $2 million, and the official will take full responsibility
Despite the swift action of the Polygon team, some hackers discovered the loopholes earlier, attacking the gap between the official testnet upgrade and the mainnet update, stealing 801,601 MATICs (current value of approximately US$2 million) ).
For the amount of loss, Polygon officials stated that they would bear the full amount. In addition, Polygon officials also offered a bounty of US$3.46 million to two white hat hackers (one nicknamed Spacewalker and the other anonymous) who exposed the vulnerability, and the former received Stable coins worth $2.2 million, the latter got 500,000 MATICs.
Jaynti Kanani, the co-founder of Polygon, said about the incident: This is a test of Polygon’s network resilience and how well the team can execute under pressure. Considering the magnitude of the risk, I believe our team has already made it under this situation. The best decision.
At the time of writing, the MATIC quoted price was 2.4893 US dollars, which has fallen for three consecutive days, with a cumulative decline of 15%.
Disclaimer : The above empty space does not represent the position of this platform. If the content of the article is not logical or has irregularities, please submit feedback and we will delete or correct it, thank you!
COPYRIGHT © 2021-2023 HZD.COM & WWW.HZD.AI ALL RIGHTS RESERVED
