Polygon (MATIC) Network Makes Emergency Hard Fork For Security Risk
Polygon, an Etheruem layer-2 scaling solution, carried out a hard-fork in the early hours of last Wednesday (December 8) to fix a bug in its code. However, even after six days, the team has not yet officially addressed the incident.
Polygon Hard-Forks Due to Security Breach
Following the hard-fork and no official announcement by the team, several members of the Polygon community took it to Twitter to show their frustration. One user said:
“Are we all supposed to just shut up and forget about the fact that over a week ago Polygon hard-forked their blockchain in the middle of the night with no warning to a completely closed-source genesis and still haven’t verified the code or explained what is going on?”
As the 14th largest cryptocurrency in terms of market capitalization, the sudden and silent hard fork of the Polygon blockchain was a bit worrying to some. The situation also agonized some of the node operators, who expressed their dissatisfaction upon waking up with their nodes disconnected.
Addressing the incident, Mihailo Bjelic, co-Founder of Polygon, said that the unscheduled hard-fork was due to a vulnerability in a contract. “We are now investing much more in security and we’re making an effort to improve security practices across all Polygon projects,” Bjelic said, adding:
“As a part of this effort, we are working with multiple security researcher groups, whitehat hackers etc. One of these partners discovered a vulnerability in one of the recently verified contracts. We immediately introduced a fix and coordinated the upgrade with validators/full node operators. No funds were lost. The network is stable.”
Bjelic also noted that they will release a blog post detailing the incident as soon as they have finalized “additional security analysis.” Meanwhile, the hark fork was carried out in the early morning hours of December 8 in a hurry, which implies that the code has not been publicly reviewed.
Mentioning this, some of the community members raised questions about the project’s decentralization. “U r saying me that u can fork the chain by yourself and take all my funds as u wish?,” one user said. In response, Bjelic said:
“Absolutely not. The network is run by validators and full node operators, and we have no control over any of these groups. We just did our best to communicate and explain the importance of this upgrade, but ultimately it was up to them to decide whether they will do it or not.”
Back in 2016, something similar also happened to Ethereum. At the time, a Decentralized Autonomous Organization, or DAO, was built on the Ethereum blockchain with the purpose of funding blockchain applications. Long story short, the DAO was exploited and hackers managed to steal 11.5 million ETH tokens, worth approximately $50 million at the time.
The community was divided on how to address the issue. Some wanted the blockchain to remain immutable, while others insisted on reversing the hack. Finally, the Ethereum blockchain underwent a hard fork and created two blockchains: Ethereum (ETH) and Ethereum Classic (ETC). The ETH blockchain reversed the hack while the ETC contained the record of the hack.
Join our Telegram group and never miss a breaking digital asset story.
What is Polygon?
Polygon, formerly known as Matic, is a sidechain that aims to tackle Ethereum’s scalability issue by enabling developers to connect and build Ethereum-compatible blockchain networks. The blockchain has recently emerged as the go-to scaling solution in the crowded space of L2s.
Polygon grew in popularity in 2021, onboarding over 3,000 decentralized applications (DApps) just over the course of one year. In comparison, merely 30 DApss were built on the Polygon blockchain by October 2020.
Among the more obvious benefits of Polygon is that it increases transaction speeds and scaling without sacrificing network security. It is also completely compatible with the Ethereum Virtual Machine (EVM), which allows developers to easily migrate their projects.
As of now, Polygon is home to some of the biggest Web3 apps. These include top-tier DeFi protocols like lending platform Aave, decentralized exchange (DEX) SushiSwap, luxury brands company Dolce & Gabbana, and leading NFT marketplaces including OpenSea and Mark Cuban’s Lazy.com.
Do you support Polygon’s move to quietly carry out a hard-fork and not inform the community? Let us know in the comments below.