Polygon: An Ideal Blockchain With Unideal Hacking Cases

A kind of add-on, the Ethereum blockchain, Polygon, was created to increase the flexibility, scalability, and autonomy of projects on the blockchain. As of June 2022, Polygon is running over 7,000 DeFi, Metaverse, Gaming, and NFT dApps.

The key mission of the mentioned development is to provide an environment for the interaction of various blockchains. Let’s consider its features, what improvements have already been achieved and what else might need to be worked on.

So, What Are the Benefits?

Significant improvement work has made it possible to claim the following advantages of the protocol:

  • Low commission
  • High processing speed
  • High throughput (over 60,000 transactions per second)

Hackers Do Not Sleep: What Is the Security Level?

In the crypto world, the issue of asset security is always kept under special control. However, “hacker science” does not stand still, and attackers find more and more vulnerabilities in any protocol. In the case of Polygon, the main features that provoked large-scale hacker attacks were:

The presence in the protocol of a key smart contract, which stores the liquidity of all blockchains connected to the ecosystem.

According to portal cnbc.com, the hacker managed to exploit a vulnerability in one of the protocol’s smart contracts. This smart contract, which allows users to move tokens from the Binance Smart Chain, Ethereum, and Polygon blockchains, had access to a large amount of liquidity, as it allowed the assets of these networks to be exchanged efficiently. The hacker was able to rewrite the smart contract instructions for each of the three blockchains and send funds from them to their crypto wallet addresses. As a result, more than $600 mln. in crypto was stolen.

Holes in the protocol of individual projects (e.g., Sushiswap).

According to the information of the portal beincrypto.com, a vulnerability in the system was found on the DIGG token of the Badger DAO protocol. The attacker used transactions that converted 0.05% of the DIGG/WBTC exchange fees. In total, he managed to steal 81 ETH in this way (about $103,842).

One more case of vulnerability was described by the securitylab portal. According to the resource, a hacker exploited a vulnerability that puts nearly $24 billion worth of digital assets at risk.

The issue was discovered by two ethical hackers who made their discovery known to Immunefi, a bug-finding platform related to decentralized finance (DeFi). However, despite the prompt adoption of measures to eliminate the error, the attacker managed to exploit the vulnerability of the Polygon network and steal 801,601 MATIC tokens (more than $ 2 million).

The problem concerning vulnerability was solved without public notice for security purposes. Ethical hackers who discovered the vulnerability received $2.2 million and $1.27 million in crypto as a reward.

By creating a new trading pair, he formed a DIGG/ETH pool with low liquidity. Due to the lack of a link to send rewards to stakers, the hacker took all the commissions.

While the risk of crypto scams and attacks remains high for successful crypto projects, most of them have shown that they are working hard to protect the platforms.