PolyNetwork hack never happened, says Coincover CEO
David Janczewski, CEO and co-founder of Coincover, a crypto insurance platform, has shared his opinion about the recent hack of the decentralised financial protocol PolyNetwork, which excited minds of thousands of crypto enthusiasts.
During the hack of the PolyNetwork DeFi protocol, the platform lost $613 million (~£449 million) worth of digital assets. However, eventually the attacker returned all the stolen assets and PolyNetwork even offered him a position of Chief Security Adviser.
According to David Janczewski, the PolyNetwork hack can’t be considered a traditional one. A usual exploit implies an attacker getting unauthorised access to the protocol functionality by editing the code or stealing private keys. However, in PolyNetwork’s case, it seems that the hacker simply ran the publicly available code and took advantage of undiscovered security issues.
This significantly changes the matter since any slightly technically savvy user could steal the protocol tools. So, it’s not the merit of the hacker but the result of inattention or outright negligence of the developers who managed to leave a full-fledged backdoor to the attacker.
Not the only owner
According to SlowMist, the hacker may have used the code-based functions links in the smart contract to bypass the onlyOwner modifier and got the rights equal to the owner’s address used during the initial deployment of the PolyNetwork protocol.
OnlyOwner is a modifier used in the code to restrict users’ access to certain functions of a smart contract. Unavailable functions can be unlocked for the address used to deploy a smart contract or any other address mentioned right in the code.
Gold mine for hackers
About 30 hacks of DeFi projects have already been recorded in 2021. The funds “earned” by hackers during these exploits significantly exceed the profit of the platforms’ customers. That is why there won’t be fewer hacks of DeFi ecosystems. Now developers should definitely pay more attention to the security of their products.
According to David Janczewski, risk is the price of innovation, and we have to pay this price, but only within reasonable limits. He also believes it won’t be any easier to work effectively in a field where firms have to rely on hackers’ goodwill to return stolen funds.
Weak security of DeFi solutions is a problem not only for investors but also for the rest of the crypto community. Frequent exploits and losses estimated in billions of dollars provoke a negative attitude towards the DeFi sector from regulators. Moreover, major investors aren’t prone to risk directing their capital into digital assets, as nothing guarantees the security of their investments. In turn, this also reduces funds allocated to novel solutions which have every opportunity to change the financial sector for the better.
I am sure that crypto assets are a new type of economy. We are at the origins of the crypto revolution. Right now, it is worth studying what cryptocurrencies and the blockchain are in order to make the most of this knowledge and these skills in the future.