Polygon (MATIC) double spend bug yields $2 million bounty for developer

Karthik Subramanian

Polygon, the Layer 2 solution on top of Ethereum, has recently paid out the highest ever bug bounty in history to a whitehat developer Gerhard Wagner for pointing out a double-spend bug in the network which could have resulted in huge losses if it had been exploited.

polygon

In a further sign of how even the best networks can continue to have vulnerabilities that lie undetected for weeks and months, it has been reported that Gerhard had noticed a critical vulnerability on October 5, 2021, on the Polygon Plasma Bridge. This could have put around $850 million at risk if it had been noticed and exploited by hackers but it is to the credit of Gerhard that he, along with Immunefi, chose to escalate it to the Polygon team. This is also a further validation on why companies need to have bug bounty programs as it encourages good developers and hackers to test out the security of the network and point out the vulnerabilities to the network providers for analysis and fixing and the developers themselves get rewarded by the network for the same, and in this case, the developer was rewarded handsomely.

Once the bug was informed to Polygon, it confirmed the bug within 30 minutes and it set about to fix the issue as soon as possible. As the funds at risk were huge, it was calculated that the bug bounty should be the maximum which is $2 million. The whitehat Gerhard received the bounty and the whole process, including the reporting, bounty payout, bug fix, and deployment into the main net was completed within a week. It is to the credit of all involved that things moved quickly before any damage was made.

Blockchain and crypto networks continue to be at risk from time to time due to such vulnerabilities but truth be told, with digitalization taking over the financial industry, this risk is likely to be there in all systems shortly. There cannot be a single, universal fix for this risk and the businesses and networks need to learn to live with it which is why it is important to have tight and closed-loop processes built with security companies as well, to ensure that such vulnerabilities are handled effectively in the long term thereby reducing the losses along the way.

Read this next

Industry News

Horizon Software rebrands to Horizon Trading Solutions

“Horizon Trading Solutions has seen accelerated global growth over the past year to meet the rising demand for our trading solutions and built-for-purpose technology offering. The choice to rebrand represents a key part of this development, while maintaining our heritage and history in the industry.”

Market News

USDJPY has surged to levels last witnessed in 2022. Should we consider opening a short position?

The recent resurgence of the US dollar has propelled USD/JPY to new heights, touching levels not seen since 2022. This surge comes against the backdrop of stable short-term yields and ongoing economic data that fails to signal a significant slowdown, prompting questions about the extent of current monetary easing measures.

Digital Assets

DED Trends on Twitter After Memecoin Snapshot Announcement

Polkadot-backed community coin #DED, made it to the trending charts on X, demonstrating community’s engagement and interest behind the memecoin. 

Digital Assets

BlockDAG Presale Nears $10 Million Amid Toncoin’s Momentum, Green Bitcoin’s Presale, and the Rise of Other Top Cryptos

This article will examine three top trending topics: Toncoin’s potential, Green Bitcoin’s innovative presale, and BlockDAG’s sustainable mining approach. These cryptocurrencies take centre stage for their uniqueness and innovation.

Digital Assets

Coinbase scores minor victory vs SEC, but lawsuit to proceed

A federal judge in Manhattan, U.S. District Judge Katherine Polk Failla, ruled on Wednesday that the U.S. Securities and Exchange Commission’s (SEC) lawsuit against Coinbase can largely proceed.

Web3

COTI Teams Up with Civic for Enhanced Digital Identity Control

СOTI and Civic are teaming up to enhance digital identity security in Web3, aiming to provide users with more control over their digital selves through innovative technology.

Digital Assets

BlockDAG Takes on Chainlink (LINK) Crypto, and RON With DeFi Card and 5000x Profit Potential

Explore BlockDAG’s innovative DeFi card, which transforms cryptocurrency into spendable cash, alongside Chainlink (LINK) crypto and Ronin’s advancements.

Digital Assets

Court finally decides on Sam Bankman-Fried sentence, experts predict 20 years

Sam Bankman-Fried, the former CEO of the now-defunct cryptocurrency exchange FTX, is set to face sentencing on Thursday in a pivotal moment that could see the entrepreneur beginning a lengthy period in federal prison.

Crypto Insider

DeFi Winter Thaws: A Look at the Emerging Landscape

The past year has seen a significant shift in the Decentralized Finance (DeFi) market, transitioning from a period of decline (“DeFi winter”) to a potential season of growth.

<