On December 29, 2021, the Polygon blockchain network announced that it had fixed a critical vulnerability within the network that could have cost MATIC worth billions to the users. In an official tweet regarding the recent network update, Polygon stated that one of its security partners discovered a vulnerability, following which a fix was introduced immediately. Consequently, validators had to upgrade the network.
The detected vulnerability consisted of a lack of allowance check in the MRC-20 smart contract for transfer functions. This could help hackers steal the MATIC tokens from the users even without valid signatures. The vulnerability was detected on December 03, 2021, by Leon Spacewalker, a pseudonymous security partner of Polygon. Subsequently, the upgrade was initiated on December 05, 2021. In the announcement about the vulnerability and its fix, Polygon also informed that it did not cause any material loss to the users or the protocol.
Commenting on the vulnerability and its fix, Jaynti Kanani, Co-founder of Polygon, said that all successful projects find themselves in such situations.
What’s important is that this was a test of our network’s resilience as well as our ability to act decisively under pressure. Considering how much was at stake, I believe our team has made the best decisions possible given the circumstances,Kanani further added
As bounty money, Polygon paid around $3.4 million to the discoverers of the vulnerability. While the company maintained that no real damage was caused either to the network or the users, Polygon admitted a malicious attack. According to the official announcement on the website, Polygon said a hacker managed to steal 801,601 MATIC tokens before the upgrade. However, the network mentioned that the foundation would compensate the theft price to the affected addresses. As part of the upgrade, the network took three crucial measures. This includes updating critical processes, consolidating partner contact info and communications channels, identifying backups for essential internal resources, and formalizing them. According to this Polygon price prediction, MATIC has an earning potential of +51.05% in the next two years.