Polygon (MATIC) double spend bug yields $2 million bounty for developer

Karthik Subramanian

Polygon, the Layer 2 solution on top of Ethereum, has recently paid out the highest ever bug bounty in history to a whitehat developer Gerhard Wagner for pointing out a double-spend bug in the network which could have resulted in huge losses if it had been exploited.

polygon

In a further sign of how even the best networks can continue to have vulnerabilities that lie undetected for weeks and months, it has been reported that Gerhard had noticed a critical vulnerability on October 5, 2021, on the Polygon Plasma Bridge. This could have put around $850 million at risk if it had been noticed and exploited by hackers but it is to the credit of Gerhard that he, along with Immunefi, chose to escalate it to the Polygon team. This is also a further validation on why companies need to have bug bounty programs as it encourages good developers and hackers to test out the security of the network and point out the vulnerabilities to the network providers for analysis and fixing and the developers themselves get rewarded by the network for the same, and in this case, the developer was rewarded handsomely.

Once the bug was informed to Polygon, it confirmed the bug within 30 minutes and it set about to fix the issue as soon as possible. As the funds at risk were huge, it was calculated that the bug bounty should be the maximum which is $2 million. The whitehat Gerhard received the bounty and the whole process, including the reporting, bounty payout, bug fix, and deployment into the main net was completed within a week. It is to the credit of all involved that things moved quickly before any damage was made.

Blockchain and crypto networks continue to be at risk from time to time due to such vulnerabilities but truth be told, with digitalization taking over the financial industry, this risk is likely to be there in all systems shortly. There cannot be a single, universal fix for this risk and the businesses and networks need to learn to live with it which is why it is important to have tight and closed-loop processes built with security companies as well, to ensure that such vulnerabilities are handled effectively in the long term thereby reducing the losses along the way.

  • Read this next

    Podcasts, Women of the Industry

    FF Podcast delves into the rise of prop trading as Brokeree releases Prop Pulse

    In the latest FinanceFeeds Podcast, Tatiana Pilipenko discusses Prop Pulse, Brokeree Solutions’ platform for prop firms and retail brokers aiming to delve into prop trading. Offering a flat fee structure, Prop Pulse emerges as a scalable solution in an era where successful traders increasingly prefer prop firms over traditional retail brokers.

    Inside View

    Scalping or day trading?

    Among the many popular trading styles with both beginners and experienced traders are scalping, which allows you to extract small portions of profit from each price movement, and day trading, which aims to trade over a single day. In this article, you will learn what scalping and day trading are and their differences and peculiarities. Ultimately, you will learn what to look for to understand which trading style is right for you.

    Crypto Insider

    Unveiling Plasma Next: INTMAX’s Solution to Scale Ethereum with Stateless Layer

     INTMAX has launched Plasma Next on the mainnet α, a groundbreaking Layer 2 zkRollup, revealed by co-founder Leona Hioki at ETH Denver. This innovation offers scalability with constant costs per block, merging Plasma’s scalability goals with zkRollups’ security.

    Fintech

    Nuam selects Vermiculus for clearing system in Chile, Colombia, and Peru

    “We are proud to deliver a system that plays an integral role in the core of this historical merger, empowering one of Latin America’s most crucial markets with VeriClear’s state-of-the-art technology, together with our deep market expertise.”

    Retail FX

    Moomoo launches super app in Malaysia

    “As an investment platform connecting 21 million retail investors globally, we envision collaborating with exchanges, regulatory bodies, and partners in the visible future to become the gateway, connecting Malaysia’s investment products to global capital and investors.”

    Executive Moves

    FXPA elects Joe Hoffman as new Chair in its 10th anniversary

    “The opportunity to serve as Chair of the FXPA is truly an honor, and I am committed to upholding the exceptional work of a FXPA. Given the recent market fluctuations due to global tensions, inflationary pressures, shifts in monetary policy, as well as the outcome of the US election and the risk of recession, brings the potential for more FX volatility in 2024. I am dedicated to expanding the FXPA’s membership and I’m excited about collaborating with all members to echo the unified voice of the FX market.”

    Market News

    Eurozone Fights Stagnation Whilst Stock Indices Rally

    European stock markets are defying economic gloom as they continue to soar to all-time highs, showcasing resilience amidst broader economic challenges.

    Web3

    Lisk Partners with Indonesia’s Communications Ministry to Boost Web3 Startup Ecosystem

    Discover the strategic partnership between Lisk and the Indonesian Ministry of Communications and Informatics, aimed at propelling local Web3 startups to new heights through comprehensive support and education.

    Executive Moves

    Admirals appoints founder Alexander Tsikhilov as CEO

    “Striking the right balance between sourcing new talent and developing and harnessing the strength and capabilities of our current workforce, is key to achieving our vision.”

    <