Polygon Makes Largest Bug Bounty Payout in Crypto Till Date – FX Leaders
A few weeks ago, we told you about Polygon launching a bug bounty program in partnership with Immunefi. And now we have news coming in of the program successfully paying out a $2 million bounty to a whitehat hacker who notified the team of a critical vulnerability in Poygon’s Plasma Bridge earlier this month.
The vulnerability, if exploited, could have resulted in a loss of $850 million worth of capital, but has since been patched successfully by Polygon. The bug, discovered by whitehat hacker Gerhard Wagner, could have caused a malicious user to increase the rewards from the deposits made to the DepositManager contract or could have been used to deposit and exit funds multiple times from the Plasma Bridge.
The Plasma Bridge is a Layer-2 scaling solution that leverages smart contracts and Merkle trees to build smaller copies of the parent Ethereum blockchain, enabling higher levels of scalability than the original Layer-1 blockchain can offer. It can be used to transfer tokens from the L1 blockchain through Polygon’s network and holds tokens with a value of almost $1 billion, all of which could potentially have been drained if the vulnerability had been exploited successfully.
The bounty paid by Polygon is the highest any whitehat hacker has received till date in the crypto industry till date. This comes less than a month after Binance Smart Chain and Immunefi’s bug bounty program Priority One paid out $1.05 million as bug bounty to a hacker who discovered a critical vulnerability in AMM protocol Belt Finance.
Immunefi is a leading crypto bug bounty and security services platform that aims to make DeFi safer and protect more than $50 billion worth of funds locked in DeFi protocols across leading blockchain networks. Till date, the platform has paid out bug bounties exceeding $7.5 million to whitehat hackers disclosing vulnerabilties and prevented the loss of over $2 billion in hack damage.