Unchained Unconfirmed: Why Did the Poly Network Attacker Return Half the Money They Stole? - Ep.263
Aug 13, 2021
Mudit Gupta, a security researcher and core developer at SushiSwap, provides an expert analysis of the recent $600M Poly Network hack. He breaks down how the attacker exploited vulnerabilities and the reasons behind the hacker's decision to return half the stolen funds. Gupta discusses the obscurity of Poly Network prior to the breach and how 'keepers' failed to protect it. He also sheds light on the intricate cat-and-mouse game between the hacker and Poly Network, as well as the implications for crypto regulations and security moving forward.
AI Snips
Chapters
Transcript
Episode notes
Poly Network's Functionality
- Poly Network is a cross-chain application, primarily a bridge between blockchains.
- It lets users move tokens between chains like Ethereum and BSC by locking and unlocking them, maintaining a balance.
Poly Network's Target Audience
- The Poly Network hack, while appearing simple, involved complex steps.
- Poly Network primarily targets users in China, explaining its relative obscurity outside that region.
Exploiting the Keeper System
- The hacker exploited Poly Network's keeper system by replacing trusted entities.
- This allowed them to create and sign false transactions, draining funds without locking tokens.