- Related wallets revealed
- Infrastructural risks arise
The cryptocurrency community is concerned about a possible security incident involving Polymarket-linked infrastructure on Polygon after on-chain analysts noticed unusual contract activity and large fund outflows.
Related wallets revealed
More than $520,000 worth of assets appears to have been drained, according to the explorer alerts and blockchain monitoring channels, from addresses linked to the Polymarket UMA CTF Adapter system, which connects Polymarket’s conditional token markets to UMA’s oracle, enabling payouts on Polygon
As of this writing, neither Polymarket nor UMA has made the nature of the incident, or whether user funds were directly affected, publicly known.
Beeple Drops Wild 2140 Michael Saylor Art
Hyperliquid (HYPE) Nears All-Time High, Shiba Inu (SHIB) Faces Strong Downside Volume, Toncoin (TON) Returns to $2: Crypto Market Review
This wallet has been identified as the potential attacker: 0x8F98075db5d6C620e8D420A8c516E2F2059d9B91.
PolygonScan’s blockchain records reveal the address interacting with several contracts and obtaining funds through a sequence of transactions that were detected by on-chain observers just prior to the reported drains. Additionally, the following related contract was identified by researchers as possibly connected to the incident: 0x91430CaD2d3975766499717fA0D66A78D814E5c5.
In the meantime, we’ve discovered that the following address had a depleted wallet associated with the incident: 0x871D7c0f9E19001fC01E04e6cdFa7fA20f929082.
Infrastructural risks arise
Polymarket’s resolution infrastructure on Polygon appears to be connected to the UMA CTF Adapter architecture. The adapter system is essential to market settlement and dispute resolution procedures because it facilitates the connection between conditional token markets and UMA oracle results.
You Might Also Like
The exploit vector is still unknown at this point.
After independent investigators and traders started tracking the flow of drained funds on-chain, the suspected exploit quickly gained traction in the crypto security community.
Shortly after the initial illicit activity was discovered, the attacker used intermediary transactions to consolidate assets.
An official post-mortem or emergency response from the Polymarket team is yet to be delivered. The investigation is still ongoing.