“Considering how much was at stake, i feel our team has created the best decisions possible given the circumstances,” said Polygon’s co-founder Jaynti Kanani.
Ethereum-based layer 2 scaling network plane figure has quietly mounted a vulnerability that place nearly $24 billion value of its native token MATIC in danger.
According to a Dec. 29 blog post from plane figure, the “critical” vulnerability within the network’s Proof-of-Stake (PoS) Genesis contract was 1st highlighted by 2 whitehat hackers on Dec. 3 and Dec. 4 via blockchain security and bug bounty hosting platform Immunefi.
The vulnerability place over nine.27 billion MATIC in danger that's valued at around $23.6 billion at the time of writing, with the figure representing the overwhelming majority of the token’s total provide of ten billion.
Polygon noted that the bug was resolved at Block #22156660 via associate degree “Emergency Bor Upgrade” to the Mainnet on Dec. five at around 7:27 am Greenwich Mean Time. The network noted that a “malicious hacker” managed to steal 801,601 MATIC ($2.04 million) before the bug was resolved. The journal post said:
“The Polygon core team engaged with the group and Immunefi’s expert team and immediately introduced a fix. The validator and full node communities were notified, and they rallied behind the core devs to upgrade 80% of the network within 24 hours without stoppage.”
Polygon declared that the difficulty was mounted behind closed doors because it follows the “silent patches” policy introduced by the Go Ethereum (Geth) team in Nov 2020. under the guidelines, projects or developers report on key bug fixes 4-8 weeks once they're going live to avoid the chance of being exploited at the time of mend.
According to Immunefi, Whitehat hacker “Leon Spacewalker” was the primary to report on the safety hole on Dec. three and can be rewarded with $2.2 million value of stablecoins for his or her efforts, whereas the second unknown hacker, noted as “Whitehat2” can receive 500,000 MATIC ($1.27 million) from polygon.
(Brian Quarmby, Cointelegraph, 2021)