Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available.
Polymarket vice president of engineering Josh Stevens has officially denied rumors that the platform's smart contracts were hacked. According to him, user funds are completely safe, and the incident that alarmed the crypto community has been localized and did not affect the trading architecture.
The cause of the panic was not a hacker exploit in the code, but the compromise of an old private key from six years ago. This key was used in an internal configuration for automatic balance top-ups, known as the top-up config. Because of this vulnerability, funds began moving to an external address.
How 6-year-old key led to $520,000 leak on Polymarket
On-chain analysts were the first to raise the alarm after detecting a suspicious outflow of more than $520,000 in assets. The losses affected the UMA CTF Adapter infrastructure on the Polygon blockchain, a gateway that connects Polymarket betting markets with the UMA blockchain oracle for outcome settlement and payout processing.
Security researchers traced the transaction chain and identified the wallet of the presumed attacker, 0x8F98...9B91, where the stolen funds were consolidated, as well as one drained technical wallet belonging to the platform.
At the time of writing, the compromised key had been fully rotated and replaced, while all of its access rights and permissions in the production environment had been revoked. As an additional security measure, Polymarket has initiated a full migration of all private keys to cloud-based key management systems, or KMS keys, to prevent similar incidents in the future.
The security incident coincided with regulatory pressure on prediction markets. Earlier, the U.S. House Oversight Committee launched a review of prediction markets to identify possible insider trading linked to geopolitical and election-related betting. The Polymarket team must submit a report on its user verification methods and suspicious transaction monitoring by June 5.
Despite external pressure and the technical incident, Polymarket's management emphasizes that the platform is operating normally, and that the old-key incident had no impact on liquidity or user balances.
Dan Burgin
