On January 15, whitehat Niv Yehezkel reported a consensus bypass vulnerability to Polygon, accompanied with a local mainnet fork proof of concept (PoC).
Niv Yehezkel Was Rewarded $75,000 For Reporting A Consensus Bypass Vulnerability To Polygon. discovered a flaw in the proof of stake (PoS) system in Polygon’s smart contract on Ethereum, which would have enabled an attacker to reduce total staking power, allowing a consensus (23) bypass that could presumably have allowed an attacker to deplete all funds from the deposit manager, engage in unlimited withdrawals, DoS, and more.
Because of the sophistication of the exploit, the bug was assigned a high severity level, and the whitehat was paid with a $75,000 bounty.
Specific market circumstances would have had to be satisfied for the attacker to exploit this issue. For example, a validator position had to be available, and the financial requirements were significant (less capital means longer the attack takes).
The cost of directly paying miners to stay in the validator position via flashbots was priced comparably. Furthermore, the checkpoint period for the Polygon network is every 30–45 minutes, and the attacker would have required to keep the validator position for a long time, raising the attack costs owing to time constraints.
Join CoinCu Telegram to keep track of news: https://t.me/coincunews
Follow CoinCu Youtube Channel | Follow CoinCu Facebook page
Patrick
Coincu News
Explore the best new meme coins with 1000X potential. Learn how BTFD Coin leads with…
BlockDAG crosses $170.5M in presale success with BDAG250 bonus and Whitepaper V3 launch! Solana grows…
Discover why Qubetics, Toncoin, and XRP are the best coins to invest in right now.…
Over the years, meme coins have evolved from inside jokes into serious investment opportunities.
Discover BlockDAG's five-tier bonus program's closing phases that enhance buyer holdings. Gain insights on the…
Discover why Qubetics, Solana, and Cardano are redefining the crypto landscape. Learn about milestones, price…
This website uses cookies.