Poly Network Relaunches With a $500,000 Bug Bounty Program After $600M Hack
Decentralized finance protocol Poly Network relaunched with a bug bounty program with a total pool of $500,000 to reward white hats and security researchers that discover and report bugs on the protocol.
Poly Network Offers Bug Bounty Worth $500,000
Poly Network announced the new program via a Medium blog post on Tuesday (August 17, 2021). According to the team behind the project, the bug bounty program was launched in collaboration with DeFi bug bounty platform Immunefi.
According to the Poly Network team, the bug bounty launch was one of the steps mentioned in its roadmap. The program aims to boost network security and prevent further exploits on its protocol.
Also, the bug bounty program is targeted at white hat hackers who can detect and report bugs in Poly Network’s smart contract. The bounty pool has a total of $500,000, with the reward for bugs reported fixed at a maximum of $100,000.
An excerpt from the blog post about the program states:
“The bounty program focuses on addressing possible theft or loss of users’ funds in the Poly Network ecosystem. Rewards are distributed according to the impact of the vulnerability based on the Immunefi Vulnerability Severity Classification System — the payouts range up to $100,000 for critical vulnerabilities. Payouts are denominated in USD and made in ETH.”
The Fallout of $600 Million Hack
The latest development comes after Poly Network suffered what was regarded as the biggest attack recorded in DeFi history. As reported by BTCManager earlier in August, an unknown hacker(s) exploited a vulnerability found in the protocol and stole about $611 million.
The hacker stole $273 million in ETH, $85 million in USDC from the Polygon Network, and $253 million worth of tokens from the Binance Smart Chain (BSC). However, Tether froze $33 million worth of USDT, preventing the attacker from moving the funds.
Meanwhile, the hacker, whom Poly Network refers to as “Mr White Hat”, said that he had no intentions to steal the funds and proceeded to make a refund. According to the recent blog post, Poly Network stated that Mr White Hat returned approximately $340 million in assets and also transferred around $238 million to a multi-signature wallet on August 13.
Poly Network also offered the hacker a $500,000 bounty, which Mr White Hat refused. While all the funds have been returned apart from the frozen USDT, Poly Network said it was still waiting for the hacker to grant authorization to the private key.