Hashing it Out

So far we’ve covered events in 2024, 2023, and 2022. It’s time for 2021 to take the stand.

In this episode we cover an attack on Poly Network, an open source and decentralized cross chain network that enabled communication between different blockchains.

To make the network work (lol), you need a lot of liquidity in wallets on the chains you’re integrating. Well what if you could, just, you know, add yourself as the owner of those wallets?

Of course it wasn’t that simple. But the great thing about security is that, it also kind of was? This is another one where you can crack out your CS textbook, because hash collisions are taking center stage. All it takes is one - and 610 million can be out the door.

Show notes:

https://research.kudelskisecurity.com/2021/08/12/the-poly-network-hack-explained/

https://slowmist.medium.com/the-analysis-and-q-a-of-poly-network-being-hacked-8112a35beb39

https://blog.merklescience.com/hacktrack/hack-track-an-analysis-of-poly-network-hack-and-latest-related-events

https://blog.kraken.com/product/security/abusing-smart-contracts-to-steal-600-million-how-the-poly-network-hack-actually-happened