The Poly Network cross-chain protocol was attacked by an unknown hacker on August 10, 2021. The hacker managed to withdraw more than $ 600 million in cryptocurrencies, which became the largest hack in the history of the entire crypto market.
Poly Network is a cross-chain protocol that allows the exchange of tokens and assets of various blockchain networks. It was launched by developers from the largest blockchain projects such as NEO, Switcheo and Ontology, however, this did not protect it from the vulnerabilities that led to the hack.
But unlike most similar cases, this time the hacker who attacked the Poly Network returned all stolen funds, with the exception of $ 33 million in USDT, which was frozen by Tether.
We figured out how the hacker managed to withdraw such a large amount and why he decided to return all the funds to Poly Network users.
How does the Poly Network protocol work?
Poly Network is a protocol that was created in Singapore in August 2020 to exchange assets between different blockchains. The project’s developers have previously worked on various blockchain platforms including NEO, Ontology, and Switcheo. They claim to be building the infrastructure for Web 3.0, the next generation Internet. At the moment, the protocol supports the assets of the Bitcoin, Ethereum, NEO, Ontology, Elrond, Ziliqa, Binance Smart Chain, Switcheo and Huobi ECO Chain networks.
The project creates an ecosystem that allows cross-chain operations. Thanks to the Poly Network, these operations are available even to blockchains that do not support smart contract technology. At the same time, the project itself does not have its own token.
The members of the Poly Network team call themselves pioneers in the development of technology for interoperability of heterogeneous blockchains. This technology solves the problem of scalability and promotion of blockchain applications. Thus, the Poly Network provides the crypto market with a unified ecosystem that enables the interaction of various blockchain networks and supports atomic transactions between them.
Homogeneous (systems of the same type that operate according to the same rules) and heterogeneous (systems that operate according to different rules) public blockchains can connect to the Poly Network ecosystem through an open and transparent mechanism that allows them to exchange information with each other. This mechanism is based on a two-tier architecture and uses sidechains and relay mode. Within the framework of this mechanism, the Poly blockchain is used as a cross-chain coordinator, numerous homogeneous blockchains act as executors of cross-chain transactions, and the relay mode is used as a transmitter of information. This makes the Poly Network an optimal environment for the interaction of decentralized crypto exchanges, credit protocols and stablecoins.
Simply put, the following elements are used in the Poly Network ecosystem:
- Crypto wallets for all blockchain networks connected to the first level of the Poly Network mechanism. Each network has its own wallet, which stores a certain amount of funds. So, for example, there is one wallet for the Bitcoin blockchain, and another for the Ethereum network.
- A set of smart contracts that interpret and execute user instructions and send requests to the appropriate crypto wallets. For example, they will execute a request to exchange a certain amount of BTC for ETH.
- And directly the Poly Network itself, which plays the role of the second level for the blockchains connected to the ecosystem, where smart contracts are executed.
For this reason, cross-chain networks such as the Poly Network store a large amount of liquidity in various digital assets. This allows all users to perform operations for the exchange of tokens and cryptocurrencies.
At the same time, in Poly Network, users cannot issue their own tokens. This move was chosen by the development team to improve the security of the Poly Network, which nevertheless did not save the project from the largest hack in DeFi history.
Thus, the Poly Network is a global cross-chain platform that connects various blockchains. If a user needs to transfer assets from the Ethereum blockchain to the Bitcoin blockchain, he can use the Poly Network to do this. For example, the Switcheo decentralized exchange uses a project protocol to increase transaction speed and lower transaction costs. At the same time, the Poly Network has a key smart contract that stores the liquidity of all blockchains connected to the ecosystem – it was he who played a key role in the hacker’s attack, which is discussed below.
It should be noted that among the project partners is the National Blockchain Network of China (BSN). In November 2020, Poly Enterprise Protocol, part of the Poly Network ecosystem, entered into a strategic partnership with BSN. Poly Enterprise is the corporate version of Poly Network developed by Onchain. It supports Hyperledger Fabric and FISCO BCOS protocols, among others.
Poly Enterprise works with the BSN Development Association to develop blockchain technologies, promote and accelerate their industrial adoption and support innovation. According to representatives of Poly Enterprise and BSN Development Association, their developments will form the basis for the development of smart cities and the future digital economy.
Poly Network was the second protocol introduced on the BSN. The company’s partners are also 39 DeFi projects, 13 NFT projects and 7 decentralized crypto exchanges.
How did a hacker break into Poly Network?
On Tuesday, August 10, the Poly Network DeFi Protocol team announced on their Twitter account that the project was attacked on the Binance Chain, Ethereum and Polygon blockchains:
We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon Assets had been transferred to hacker’s following addresses:
— Poly Network (@PolyNetwork2) August 10, 2021
“Important: Unfortunately, the PolyNetwork protocol was attacked on Binance Chain, Ethereum and Polygon. The stolen assets were transferred to the hacker’s wallet addresses: ETH: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963 BSC: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71 “.
Then it became known that a total of $ 611 million worth of cryptocurrencies were stolen, of which:
- $ 273 million – tokens issued on the Ethereum blockchain,
- $ 253 million – assets issued in the BSC network,
- $ 85 million – USDC stablecoins on the Polygon blockchain.
Among the stolen tokens reported on the project were WBTC, WETH, RenBTC, UNI, SHIB, FEI, and DAI stablecoin. It is known that the stolen USDC and DAI were transferred to the Curve DeFi platform.
A little later, the Poly Network team published the attacker’s addresses, to which the stolen cryptocurrencies were transferred, and urged the crypto community, including exchanges, stablecoin issuers and miners of the aforementioned blockchains, to blacklist tokens from these wallets. The company also warned that it would take legal action and urged the hacker to return the stolen assets.
On August 10, Poly Network also released a message to the hacker:
— Poly Network (@PolyNetwork2) August 10, 2021
“Dear hacker, we are the Poly Network team. We want to contact you and convince you to return the stolen funds. The amount of funds you stole is the largest in DeFi history. Law enforcement agencies of any country will treat this as a serious economic crime and will prosecute you. It would be very unreasonable of you to try to conduct transactions [with stolen funds]. The money that you stole belongs to tens of thousands of crypto community members, that is, ordinary people. You should talk to us so that together we can start working on finding a solution to this problem. Poly Network Team “.
A few hours after the incident, the blockchain security company SlowMist published its analysis of the situation, where it explained how the hacker managed to break the Poly Network protocol. According to SlowMist experts, he was able to exploit a vulnerability in one of the protocol’s smart contracts.
This smart contract, which allows users to move tokens from the Binance Smart Chain, Ethereum and Polygon blockchains, had access to a large amount of liquidity as it enabled the efficient exchange of assets of these networks. The hacker was able to rewrite the smart contract instructions for each of the three blockchains and send funds from them to the addresses of their crypto wallets.
The technical details of the hack and the functions of the smart contract that were used by the hacker can be found on the SlowMist blog (in English) or in a series of tweets from developer Kelvin Fichter.
Also, SlowMist experts said they found out the e-mail address of the criminal, his IP address and the digital fingerprint of his device. This was achieved after the hacker’s ID was tracked. Moreover, the company learned that to finance an attack on the protocol, an attacker could use Monero, which he exchanged for BNB, ETH, MATIC and other tokens. According to SlowMist specialists, this information was obtained thanks to the Chinese crypto exchange Hoo and other platforms.
Interestingly, after the hack, empty tokens with various messages began to arrive at the hacker’s addresses. For example, one of the crypto users sent a coin called “HelloSerHackerSorryForAskingButWouldYouMindShareingYourWealthImPoorMan”. This literally translates as:
“Hello Mr. Hacker. I’m sorry to disturb you, but could you please share your wealth? I am a poor man. “
It is noteworthy that one of the users actually managed to get some of the stolen funds back. Someone under the nickname hanashiro.eth advised the criminal not to use USDT tokens so that they would not be blocked. For this, he received 13.37 ETH from the attacker in the amount of about $ 42,000. However, hanashiro.eth did not keep the funds for himself and redirected them to the address of Ethereum creator Vitalik Buterin.
Crypto community’s reaction to the Poly Network hack
Major crypto companies have responded to Poly Network’s call for help. So, the head of the largest cryptocurrency exchange Binance Changpeng Zhao said that his company is ready to help Poly Network and will do everything in its power. First and foremost, Binance coordinated with its security partners to actively support the project.
Zhao also posted a tweet linking to his blog post on Binance on how to properly and securely store cryptocurrency. He even posted a whole series of tweets where he discussed security and hacking issues with the crypto community, and also posted discussions about which is safer: DeFi, centralized exchanges or fiat.
OKEx CEO Jay Hao noted that the exchange monitors stolen cryptocurrencies and tokens and is ready to help the Poly Network team.
At the same time, the crypto company Tether blacklisted the stolen USDT stablecoins based on Ethereum in the amount of about $ 33 million, Paolo Ardoino, CTO of Tether and Bitfinex, announced this on Twitter.
Huobi co-founder Jun Du noted that the company is monitoring the situation, and its risk and security teams are tracking all the addresses of the culprit.
Why did the hacker return all Poly Network funds?
The day after the hack, the hacker first sent an empty transaction, in which he announced his readiness to return the funds. He then went from words to action and began returning the stolen funds to the protocol team. This was also confirmed by Poly Network:
Hope you will transfer assets to addresses below:
Polygon: 0xA4b291Ed1220310d3120f515B5B7AccaecD66F17 pic.twitter.com/mKlBQU4a1B
— Poly Network (@PolyNetwork2) August 11, 2021
“At the moment, we have received assets from the hacker in the amount of $ 4,772,297,675. Among them, $ 2 654 946.051 came to the ETH address, $ 1 107 870.815 to the BSC address and $ 1 009 480.809 to the Polygon address. “
By the morning of Thursday, August 12, the hacker had returned more than half of the stolen funds in the amount of $ 342 million, $ 256 million of which were in tokens on the Binance Smart Chain blockchain.
In the comments to numerous transactions, the hacker also answered questions about why he decided to return users’ funds. So, according to the attacker, when he discovered a bug in the Poly Network smart contract, he had mixed feelings:
“Ask yourself, what would you do if you had access to such a state? Would you politely ask the team to fix the bug? Anyone could be a billion dollar traitor! I couldn’t trust anyone! ” – posted by an anonymous hacker.
Following this logic, the hacker decided to send the compromised assets to a secure address, while he chose to remain “in the shadows” and not reveal his identity. However, he said that he was not very interested in money and initially planned to return users’ funds back to the Poly Network team.
He also admitted to carrying out the attack “for fun. ” For this reason, when the Poly Network team offered to transfer $ 500,000 to him as part of a bug bounty – a reward for finding a vulnerability in the protocol’s smart contract – he replied that he did not want to:
“I was offered a reward, but I never answered. Instead, I sent all the funds back, ”said the anonymous hacker.
Poly Network Perspective
Despite the reputational damage caused by the hacking of an anonymous hacker, Poly Network has good prospects for development. The key mission of the project – to provide an interaction environment for various blockchains – is successful and in demand on the crypto market. This is evidenced by the partnership not only with the pro-state Chinese blockchain network BSN, but also with many crypto startups from various fields.
The Poly Network offers the crypto market an important solution to many of the interoperability problems of different blockchain networks. And the technologies incorporated in this protocol are being developed by a team of successful blockchain developers, which can also speak of the future prospects of the project.