DeFi Dashboard Zapper Finds and Exploits A Vulnerability in Old 'Polygon Bridge' Smart Contract

Ethereum scaling layer 2 solution, Polygon, has been seeing a lot of adoption as more and more projects integrate with the sidechain in order to lower the fees. Polygon allows users to enjoy faster transactions, lower gas fees, and more scalability as the crypto market continues to grow, which led to congestion on the second-largest network. Originally launched in 2019 as Matic Network and later rebranded as Polygon (MATIC), it gained the backing of billionaire investor Mark Cuban this year. The protocol has a record $11.6 billion of total value locked (TVL) in it, up from $1.16 billion just two months back, as per DeFi Llama. The token MATIC is a $10.6 billion market cap coin trading at $1.66, down 36.5% from its peak of $2.62 about a month back. Polygon is also integrated by the popular dashboard for DeFi users Zapper, which reported a vulnerability in their old Polygon Bridge contract. Their new Polygon Bridge contract went live less than a month ago. On Monday, the team announced on Twitter that they “discovered a vulnerability in our old "Polygon Bridge" smart contract that would allow an attacker to steal funds that had unlimited approvals.” The team exploited the vulnerability themselves, and “all the funds have been rescued.” If a user is affected by the vulnerability, they would see a prompt on Zapper to revoke, if you had an infinite approval for the bridge contract. “If you don't see anything, you were not affected by the vulnerability,” noted the team. Zapper further said the current polygon bridge contract does not have this vulnerability and only affected its old smart contract. Last month, Zapper closed a $15 million funding round by Framework Ventures with other participants, including Spartan Group, DeFiance Capital, Mark Cuban, ParaFi Capital, Aave founder Stani Kulechov and Ashton Kutcher. Coinbase Ventures, Delphi Digital, Synthetix founder Kain Warwick and Libertus Capital were Zapper’s seed investors. [deco-beg-single-coin-widget coin="MATIC"]