Poly Network hack $ 611 million and the hacker return the fund
Analysis of Poly Network Security Hole
On August 10, 2021, a critical exploit was discovered on the Poly Network that enabled the hacker(s) to steal more than $600M USD worth of investor funds. Shortly after, the Poly Network Official Twitter made the following announcement:
What is the Poly Network?
Poly Network is a blockchain system to implement interoperability cross-chain interactive services. It could support Bitcoin, Ethereum, Neo, Ontology, Switcheo, Binance Smart Chain(BSC), Heco blockchains. Currently, PolyBridge can cross Ethereum, Ontology, Neo, BSC, Heco, OKExChain and Polygon(Matic) including token transaction and smart contract interaction.
How does the Poly Network connect with other networks?
Poly Network cross-chain interaction between chains architecture as below:
The figure shows that Chain A user interactive with Poly Network and Chain B mechanism, the detail process as below:
- Chain A user invoke the DApp Contrac
- Chain A user trigger the business logic on DApp Contrac
- Chain A invoke the cross-chain interface to Cross-Chain Manager Contract
- Chain A Cross-Chain Manager Contract process the request and generate merkle-tree
- Chain A Cross-Chain Manager Contract write merkle root into block header
- Chain A relayer sync the block header
- Chain A relayer commit merkle proof to Poly Network chain
- Poly Network Header Sync Contract read the block header from Chain A relayer sent to Cross-Chain Manager Contract
- Poly Network Cross-Chain Manager Contract verify proof by merkle root in header
- Poly Network Cross-Chain Manager execute tx and write into ledger
- Poly Network relayer sync the block header
- Poly Network relayer commit merkle proof to Chain B
- Chain B Header Sync Contract read the block header from Poly Network relayer sent to Cross-Chain Manager Contract
- Chain B Cross-Chain Manager Contract invoke DApp Contract on Chain B
- Chain B DApp Contract execute business logic
What are “Keepers”?
Keepers is a kind of service to provide blockchain at the moment to sync the ledger on Chain A or Chain B or Poly Network. For example, a relay chain validator is a kind of keeper.
What are Cross Chain Managers?
Cross-Chain Manager is the contract to provide blockchain DApp contract business logistic execution process to generate the merkle tree. It has higher authority to trigger messages sent to a relative relayer.
Which networks were impacted?
Poly Network impacted three blockchains Ethereum, BSC, Polygon.
Poly Network provides cross-chain service that connects different blockchains. To reach consensus between blockchains, Poly Network design and deploy higher privilege Cross-chain Manager Contract on each blockchains and this manager communicates with their Keepers, which is relayed between blockchains to provide consistent communication messages and maintain the blockchains synchronize, but the Cross-chain Manager Contract has security vulnerability problems. It’s basically an access control issue with three functions:
- Contract “EthCrossChainManager” may have too much authority to modify the following contract.
- Function “verifyHeaderAndExecuteTx” that anyone can call to execute a cross-chain transaction. It verifies that the block header is correct by checking the signatures of the keepers(relayers) public key.
Change keeper operation transaction on BSC:
Change keeper operation transaction on Ethereum:
The putCutEpochConPubKey Bytes function of EthCrossChainData.sol code:
The attacker used the verifyHeaderAndExecuteTx function to call the putCurEpochConPubKeyBytes function to change the keeper public key stored in the EthCrossChainData contract.
3. Function “call _executeCrossChainTx” makes the call to the target contract. Here’s where the critical flaw is because this requires only checking the address of the contract without checking the owner of the contract.
The contract only checks that the address is in fact a contract, but does not check whether the contract’s owner is authorized to engage with it.
4. Checks that the transaction was included within that block with a Merkle proof.
The key problem of Poly Network is that the “verifyHeaderAndExecuteTx function” of the EthCrossChainManager contract can execute specific cross-chain transactions through the _executeCrossChainTx function.
- The analysis by PeckShield
Poly Network Cross-chain Manager Smart Contract has security vulnerability, the hacker successfully sent normal transactions and modified the public key of the keeper. Using the new keeper public key, the hacker successful withdrawal the fund from Poly Network to hacker address:
Attacked Contract on BSC:
Attacked Contract on Ethereum:
2021/8/11 Hacker returns $ 477 million funds. Poly Network Official Twitter Announcement:
Smart contract access control is the key problem that enabled hackers to perform this attack. The EthCroseChainManager function can modify the target contract to any address the owner wants to change. These kind of situation can solve by three possible methods:
- Check the owner of contract before sending transaction
- Design timelock of target contract
1. What are the potential security vulnerabilities specific to cross chain smart contract codes?
2. Is this hack a setback to interoperability specifically or smart contracts generally?