Polkadot Parachains Found Critical Vulnerability

Polkadot

A potential vulnerability was found by a security researcher that could have resulted in the theft of around $200 Million from three Ethereum-compatible parachains on the Polkadot network, that are Moonbeam, Astar Network and Acala. The vulnerability was found in June in Frontier, a software used for “wrapping” native tokens on the three blockchain projects on the Polkadot network.

However, the teams behind these three parachains worked to fix the issue and also released an emergency patch before any malicious attacker could exploit it, thus no funds were lost.

Two of the Polkadot parachains, Moonbeam and Astar, awarded pwning.eth a $1 Million bounty through Immunefi, and Parity contributed $250,000 towards the reward. Pwning.eth has previously been rewarded for finding critical bugs. That includes a $6 Million bounty in early 2022 for discovering a vulnerability in Aurora — an EVM (Ethereum Virtual Machine) compatible blockchain.

A representative from Immunefi said in an interview that “Pwning.eth found a bug that impacted the entire Polkadot ecosystem and would allow hackers to steal over $200 million across Moonbeam, Astar Network, and Acala. They were all vulnerable to a bug that could have allowed malicious users to mint wrapped native tokens.” 

Polkadot uniqueness

Polkadot is a sharded multichain network. It can process many transactions on several chains in parallel (“parachains”) that improves scalability. At the end of 2021, Polkadot successfully concluded its first Parachain auctions. The auction followed an un-permissioned candle auction system.

Polkadot assigned the first five slots to the auction winners: Acala, Moonbeam, Astar, Parallel and Clover. These projects will have their parachain slots locked in for 96 weeks, guaranteed by the DOT bidders committed as collateral. As customary on Polkadot, all projects had previously been battle-tested on its de-facto testnet Kusama.

Source: CoinMarketCap

The current price of Polkadot (DOT) is $5.02 USD with a 24-hour trading volume of $183.25 Million USD. Polkadot is up 7.40% in the last 24 hours, with a live market cap of $5.79 Billion USD.

According to ProofOfGitHub — an activity tracker, Polkadot reclaimed the top spot with the highest development activity count. This is important as the Polkadot has recently been dominating in terms of development.

Source: https://www.thecoinrepublic.com/2023/01/09/polkadot-parachains-found-critical-vulnerability/