Poly Network was attacked by a Hacker: A contract design flaw led to the withdrawal of funds.

robot
Abstract generation in progress

Analysis of the Attack Incident on the Poly Network Protocol

Recently, the cross-chain interoperability protocol Poly Network became the target of a hacker attack, drawing widespread attention in the industry. Security experts conducted an in-depth analysis of the incident, revealing the specific methods used by the attackers.

The core issue of this attack lies in the verifyHeaderAndExecuteTx function of the EthCrossChainManager contract. This function can execute specific cross-chain transactions through the _executeCrossChainTx function. Since the owner of the EthCrossChainData contract is the EthCrossChainManager contract, the latter is able to call the putCurEpochConPubKeyBytes function of the former to modify the contract's keeper.

The attacker exploited this design flaw by passing carefully crafted data through the verifyHeaderAndExecuteTx function, causing the _executeCrossChainTx function to call the putCurEpochConPubKeyBytes function of the EthCrossChainData contract, thereby changing the keeper role to an address specified by the attacker. After completing this step, the attacker can freely construct transactions to withdraw any amount of funds from the contract.

The specific attack process is as follows:

  1. The attacker first locked onto the target contract.

  2. The putCurEpochConPubKeyBytes function is called through the verifyHeaderAndExecuteTx function of the EthCrossChainManager contract to change the keeper.

  3. Subsequently, multiple attack transactions were carried out to extract funds from the contract.

  4. Due to the modification of the keeper, other users' normal transactions are immediately rejected.

It is worth noting that this incident was not caused by a leak of the keeper's private key, but rather that the attacker cleverly exploited a flaw in the contract design. This case once again highlights the importance of smart contract security audits, especially for complex cross-chain protocols.

The development team and security experts should learn from this incident and strengthen the review of contract permission management and function call logic to prevent similar attacks. At the same time, users are also reminded to remain vigilant when using emerging DeFi protocols and to pay attention to risk prevention.

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 6
  • Share
Comment
0/400
MetaverseMigrantvip
· 07-10 12:43
This bug makes me feel great~
View OriginalReply0
SchroedingerMinervip
· 07-10 09:04
Both inexperienced and loves to play
View OriginalReply0
ForkItAllDayvip
· 07-09 17:13
Lying flat again?
View OriginalReply0
SerumSquirrelvip
· 07-07 15:55
Fell into the pit again.
View OriginalReply0
ParanoiaKingvip
· 07-07 15:54
This security vulnerability is common; those who understand know.
View OriginalReply0
RektButStillHerevip
· 07-07 15:25
A good day is nothing to fuss about.
View OriginalReply0
Trade Crypto Anywhere Anytime
qrCode
Scan to download Gate app
Community
English
  • 简体中文
  • English
  • Tiếng Việt
  • 繁體中文
  • Español
  • Русский
  • Français (Afrique)
  • Português (Portugal)
  • Bahasa Indonesia
  • 日本語
  • بالعربية
  • Українська
  • Português (Brasil)