{"id":356620,"date":"2021-10-22T20:16:03","date_gmt":"2021-10-22T17:16:03","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/polygon-pays-2m-bounty-on-bug-which-could-have-compromised-850m-in-user-funds\/"},"modified":"2021-10-22T20:16:03","modified_gmt":"2021-10-22T17:16:03","slug":"polygon-pays-2m-bounty-on-bug-which-could-have-compromised-850m-in-user-funds","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/polygon-pays-2m-bounty-on-bug-which-could-have-compromised-850m-in-user-funds\/","title":{"rendered":"# Polygon pays $2M bounty on bug which could have compromised $850M in user funds"},"content":{"rendered":"

# Polygon pays $2M bounty on bug which could have compromised $850M in user funds <\/strong>”
\n<\/p>\n

White hat hacker Gerhard Wagner has earned $2 million after reporting a solution to a potentially costly \u201cdouble-spend\u201d bug on the Polygon network.<\/p>\n

In an Oct. 21 blog post from Immunefi, a security service that helps facilitate bug reports in decentralized finance projects, Polygon network\u2019s Plasma Bridge was at risk<\/a> of having $850 million removed by a knowledgeable hacker. According to the project, the vulnerability would have allowed attackers to exit their burn transaction from the bridge up to 223 times, quickly turning an amount like $4,500 into $1 million profi. <\/p>\n

Immunefi reported the double-spend exploit worked by first depositing Ether (ETH) through the Plasma Bridge and starting the withdrawal process after the transaction was confirmed. A hacker could then wait a week and resubmit the same withdrawals with the exception of “a modified first byte of the branch mask.” Provided the hacker was able to begin with $3.8 million, they could have potentially depleted all $850 funds from the bridge\u2019s deposit manager at the time.<\/p>\n

Polygon agreed to pay its maximum amount for a bug bounty report \u2014 $2 million \u2014 following Wagner\u2019s initial report on Oct. 5. According to the platform, the bug has already been deployed on the mainnet after testing, Wagner has received the funds, claimed to be \u201cthe highest bounty ever paid out in history,\u201d and no user funds were lost with the exploit.<\/p>\n

Wagner speculated<\/a> on his Medium page that the bug might be due to \u201cusing someone else\u2019s code and not having a 100% understanding of what it does.\u201d He added the solution was \u201cnot very elegant\u201d but did fix the double-spend exploit. <\/p>\n

Related: <\/em><\/strong>White hat hacker paid DeFi\u2019s largest reported bounty fee<\/em><\/strong><\/p>\n

Before this latest $2 million payout, the largest bounty for a white hat hacker had gone towards programmer Alexander Schlindwein, who in September discovered a vulnerability in Belt Finance\u2019s protocol and was awarded $1.05 million. However, the U.S. Department of State may topple that record if a hacker is able pass on information on terrorist suspects, extremists and state-sponsored hackers \u2014 the government said it would be offering rewards of up to $10 million.<\/p>\n