Skip to main content

Polygon upgrade quietly fixes bug that put $24B of MATIC at risk

“Considering how much was at stake, I believe our team has made the best decisions possible given the circumstances,” said Polygon’s co-founder Jaynti Kanani.

Ethereum-based layer two scaling network Polygon has quietly fixed a vulnerability that put almost $24 billion worth of its native token MATIC at risk.

According to a Dec. 29 blog post from Polygon, the “critical” vulnerability in the network’s Proof-of-Stake (PoS) Genesis contract was first highlighted by two whitehat hackers on Dec. 3 and Dec. 4 via blockchain security and bug bounty hosting platform Immunefi.

The vulnerability put more than 9.27 billion MATIC at risk that is valued at around $23.6 billion at the time of writing, with the figure representing the vast majority of the token’s total supply of 10 billion.

Polygon noted that the bug was resolved at Block #22156660 via an “Emergency Bor Upgrade” to the Mainnet on Dec. 5 at around 7:27 am UTC. The network noted that a “malicious hacker” managed to steal 801,601 MATIC ($2.04 million) before the bug was resolved. The blog post said:

“The Polygon core team engaged with the group and Immunefi’s expert team and immediately introduced a fix. The validator and full node communities were notified, and they rallied behind the core devs to upgrade 80% of the network within 24 hours without stoppage.”

Polygon stated that the issue was fixed behind closed doors as it follows the “silent patches” policy introduced by the Go Ethereum (Geth) team in November 2020. Under the guidelines, projects or developers report on key bug fixes 4-8 weeks after they go live to avoid the risk of being exploited at the time of patching.

According to Immunefi, Whitehat hacker “Leon Spacewalker” was the first to report on the security hole on Dec. 3 and will be rewarded with $2.2 million worth of stablecoins for their efforts, while the second unnamed hacker, referred to as “Whitehat2” will receive 500,000 MATIC ($1.27 million) from Polygon.

Related: Here's how Polygon is challenging the limitations of Ethereum, as told by co-founder Sandeep Nailwal

Polygon's co-founder Jaynti Kanani emphasized the network's ability to promptly resolve the critical bug, noting in the blog post that:

“What’s important is that this was a test of our network’s resilience as well as our ability to act decisively under pressure. Considering how much was at stake, I believe our team has made the best decisions possible given the circumstances.”

According to data from Coingecko, MATIC is priced at $2.45 and is up 35.1% over the past 30 days despite the current downturn across major crypto assets this month.



from https://ift.tt/3ezVgxP
https://ift.tt/3FILA02
Labels:

Comments

Post a Comment

Any questions, Please.

Popular posts from this blog

DeFi isn’t dead, it just needs to fix these 3 critical problems

It’s been a rough year for DeFi, and it may not get any better until projects focus more on security, regulation and usability. The persistent challenges  decentralized finance  face have been well documented by a handful of analysts and the recent collapse of the Terra ecosystem re-enforced the fact that something is critically wrong with DeFi. I think DeFi today is completely broken for 99% of the population. The promise of a more transparent financial system has been overtaken by greed. UST/LUNA is just the latest in a string of bad developments: — Peter Yang (@petergyang) May 11, 2022 Let's take a look at what experts say DeFi needs to do in order to have another revival.  Improved usability To date, the promise of open and uncensored access to a global decentralized financial system has been largely hampered by the complicated interface, confusing multi-step staking processes and lack of clarity surrounding the yields on various tokens. What do you thi...
Post a Comment
Read more

ENS DAO delegates offer perspective on DAO governance and decentralized identity

AlphaWallet CEO and Spruce co-founder talk about their roles as contributors to the Ethereum Name Service following the project's recent airdrop. Earlier this month, the Ethereum Name Service, or ENS, formed a decentralized autonomous organization, or DAO, for the ENS community.  Cointelegraph spoke to two ENS DAO delegates who applied for the opportunity to represent the community and stay involved in the decision making process: Victor Zhang, CEO of AlphaWallet, an open source Ethereum wallet, and Gregory Rocco, co-founder of Spruce, a decentralized ID and data toolkit for developers. Zhang spoke about his experience as an external contributor to ENS and an early supporter since 2018. Zhang initially sought to help ENS by offering Alpha Wallet as a user-friendly tool for  resolving .eth names and cryptocurrency wallet addresses. Essentially, if a user inputs an .eth name in the AlphaWallet, it will show the wallet address, and vice versa using reverse resolution. Alpha...
Post a Comment
Read more

Institutional demand for crypto isn’t subsiding, but impact will be gradual

As another $2-trillion stimulus package looms in the U.S., institutions will continue to look at BTC as a hedge against inflation. For example, just last week, when the currency was hovering around the $30,000 threshold, a whole host of pundits was warning investors to brace for impact, suggesting that the premier crypto asset was on the verge of a correction and could once again dip to around the $20,000 region. However, in just one day, Bitcoin was once again playing with the bulls, retesting the $38,500 limit, only to witness a selloff and eventually settle around the $33,500 region. While for most crypto veterans that might have been another day at the office, others branded the upsurge as “Elon’s Candle,” which relates to Elon Musk, the CEO of Tesla, who included “Bitcoin” in his Twitter bio as well as sent out the following cryptic message “in retrospect, it was inevitable” to his 40 million-odd followers online. Regardless of the cause, has the recent price volatility sca...
Post a Comment
Read more