The Poly Network hacker just got offered a job… by Poly Network The Poly Network hacker just got offered a job… by Poly Network
๐Ÿšจ This article is 3 years old...

The Poly Network hacker just got offered a job… by Poly Network

After it suffered a historic exploit, the cross-chain bridging protocol taunts its attacker with an attractive job position.

The Poly Network hacker just got offered a job… by Poly Network

Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.

In the aftermath of the Poly Network exploit, in which the attacker stole more than $600 million worth of crypto, just to return the biggest portion of the take, the network continues mitigating the damage and fixes its vulnerabilities, while continuing a dialogue with the responsive hacker.

The exploited cross-chain bridging protocol that enables flexible interaction between multiple chains, invited the anonymous individual responsible for the biggest decentralized finance (DeFi) heist to fill the teamโ€™s lead security advisor position.

Reward and a job offer

The network claimed it has no intention of holding the hacker legally responsible while putting a โ€œChief Security Adviserโ€ position on the table.

โ€œWe have made constant efforts to establish an understanding with Mr. White Hat and genuinely hope that Mr. White Hat will transfer the private keys as soon as possible so that we can return full asset control back to the users at the earliest,โ€ said the protocol in the latest update, since a portion of the stolen funds remains locked in a multi-signature wallet, with the hacker withholding his key.

Poly Network has pleaded with the attacker to provide the private key and already offered him/her a substantial $500,000 reward, while referring to the individual as โ€œMr. White Hat,โ€ which is supposed to reflect his/her ethical motives.

โ€œI am considering taking the bounty as a bonus for public hackers if they can hack the Poly Network,โ€ the attacker responded, while the network claims it will have no objections withย  โ€œwhatever Mr. White Hat chooses to do with the bounty in the end.โ€ย 

The aftermath

โ€œWe have fixed the cross-chain contract vulnerability that resulted in the keeper address being modified to the address specified by Mr. Whitehat. The fix involves whitelisting the contracts and methods that can be invoked via external calls,โ€ said the protocol on Twitter.

Since the incident, the exploited protocol has made โ€œasset recovery the team’s first priority,โ€ while engaging with multiple security firms that helped them perform contract auditing.

As the new patch went through reviews and the mainnet upgrade went live, the team announced a new $500,000 reward program on a bug bounty platform Immunefi, offering $100,000 per critical vulnerability reporting.

Posted In: DeFi, Hacks