Polygon upgrade quietly fixes bug that put $24B of MATIC at risk


An Ethereum-based Layer Two Scaling Network, Polygon quietly patched a vulnerability that put nearly $ 24 billion of its native MATIC token at risk.

According to a December 29 blog post on Polygon, the Genesis Proof-of-Stake (PoS) contract “critical” vulnerability of the network was first highlighted by two hackers on December 3 and 4 via the blockchain security and the bug bounty. Immunefi hosting platform.

The vulnerability put more than 9.27 billion MATICs at risk, valued at around $ 23.6 billion at the time of writing, with that number accounting for the vast majority of the total supply of 10 billion tokens.

Polygon noted that the bug was resolved at block # 22156660 via an “emergency network upgrade” to the mainnet on December 5 at around 7:27 am UTC. The network noted that a “malicious hacker” had managed to steal 801,601 MATIC ($ 2.04 million) before the bug was resolved. The blog post read:

“The Polygon core team engaged with the Immunefi group and expert team and immediately introduced a fix. The validator and full node communities have been notified, and they have joined with core developers to upgrade 80% of the network within 24 hours without disruption.

Polygon said the issue was resolved behind closed doors as it follows the “silent fixes” policy introduced by the Go Ethereum (Geth) team in November 2020. As per guidelines, projects or developers report bug fixes keys 4 to 8 weeks after going online to avoid the risk of being exploited when patching.

According to Immunefi, Whitehat hacker “Leon Spacewalker” was the first to report the security breach on December 3 and will be awarded $ 2.2 million in stablecoins for his efforts, while the second unnamed hacker , called “Whitehat2” will receive 500,000 MATIC ($ 1.27 million) from Polygon.

Related: Here’s how Polygon challenges Ethereum’s limits, as co-founder Sandeep Nailwal recounted

Polygon co-founder Jaynti Kanani highlighted the network’s ability to quickly resolve the critical bug, noting in the blog post that:

“What is important is that this was a test of the resilience of our network as well as our ability to act decisively under pressure. Given the stakes, I think our team made the best decisions possible given the circumstances. “

According to Coingecko data, MATIC is priced at $ 2.45 and is up 35.1% in the past 30 days despite the current slowdown in major crypto assets this month.