Polygon, a blockchain technology company, has paid out $2 million in bug bounty rewards for a ‘double spend’ vulnerability that could have wreaked havoc across its network.
The flaw, discovered by ethical hacker Gerhard Wagner, enabled an attacker to double the amount of cryptocurrency they intend to withdraw up to 233 times.
This could have allowed a malicious actor who has deposited just $4,500 to withdraw $1 million – and an attacker with $3.8 million could exploit the flaw to acquire up to $850 million.
Weak bridge
Polygon is a protocol and a framework for building and connecting Ethereum-compatible blockchain networks.
The framework offers a “trustless, two-way transaction channel” between Polygon and Ethereum.
This ‘blockchain bridge’ uses a network called Plasma to authenticate and process withdrawals. It was in a contract on Plasma, the DepositManagerProxy, that the flaw was discovered.
The vulnerability, which is explained in technical detail in a blog post from Wagner, takes advantage of the fact that when a user deposits funds into the blockchain, they are “locked in” at the first stage (L1) and made available on the Plasma network.
An aggregator called the ‘child’ chain bundles the Plasma transactions into blocks and submits checkpoints to L1, which confirms that transactions have been successfully processed on the child chain and can also detect misbehavior.
When a user decides to withdraw their funds back to L1, the tokens need to be ‘burned’ on the Plasma chain.
The user presents the receipt of the burn transaction to the Plasma bridge as proof that the tokens were burned and, after a challenge period of seven days, the funds can be withdrawn back to the user on L1.
A flaw in the network could have allowed an attacker to burn a single transaction up to 233 times – potentially releasing $850 million in funds.
Third-party peril
Wagner said he believes the vulnerability was present because the Plasma network was built based on third-party code.
“If I had to guess why the bug happened, I would say it might be due to using someone else’s code and not having a 100% understanding of what it does,” he wrote.
Wagner added: “It’s OK to use exiting building blocks when you write smart contracts, but you must understand all implications of doing so. At the end of the day, it’s your code; it does not matter if you or someone else wrote it.”
The researcher said that the issue was fixed by “rejecting any encoding that does not start with 0x00”.
He said: “It’s not very elegant, but it fixes the double-spending bug by hard coding the encoding meta character.”
Source: https://portswigger.net/daily-swig/polygon-pays-out-record-2-million-bug-bounty-reward-for-critical-vulnerability