Fehler und Schwachstellen sind Teil eines Blockchain-Netzwerks. Polygon enthüllte, wie es einer Kugel auswich, nachdem es eine Schwachstelle entdeckt hatte, einen Fix einführte, das Netzwerk aufrüstete und ein Kopfgeld an die Whitehat-Hacker zahlte, und das alles mit einem stillen Patch.
Polygons silent patch
According to the team’s latest blog post, it all started when two Whitehat hackers notified the bug bounty platform Immunefi of a problem in the Polygon PoS Genesis contract on December 3rd. The vulnerability in question could have allowed malicious entities to siphon off over 9.2 billion MATIC tokens (valued at around $ 24 billion) out of MATIC’s total supply of 10 billion.
Following this, Polygon’s core team teamed up with the Whitehat hackers and Immunefi to implement a solution that would update 80% of the network within 24 hours without interruption.
Although the bug at block 22.156.660 was fixed on December 5 without affecting the network in any way, an attacker was able to steal 801.601 MATIC just before the upgrade was performed. The foundation said it would bear the cost of the theft.
In addition, Polygon paid a generous amount of approximately $ 3.46 million as a bounty to the two white hats.
The foundation also announced that it has fixed the bug without notifying the community as it follows a “silent patching” policy. Interestingly, this policy was adopted by the Go Ethereum Team known as Geth last year.
While talking about how Polygon managed to avert great damage, Immunefis CTO Duncan Townsend said:
“The Polygon team’s response to this disclosure was quick and effective. The fact that this incident had a happy ending is proof of their expertise. Close coordination with the Polygon-Validatoren has helped avert a potentially major catastrophe. “
A worrying trend
The year was marked by major changes for the blockchain and cryptocurrency industry. It has managed to attract a reasonable number of attackers along the way, which has caused significant financial damage. The age-old risks still hold – where there is money, the malicious try to steal it.
According to the latest statistics, this year attackers have managed to Cryptocurrencies Worth over $ 4 billion to escape, nearly triple what it was in 2020. Alone DeFi– Logs accounted for $ 1.4 billion of all crypto funds lost.
Source: Crypto News Deutsch