Poly Network Whitehat Exploit — August 2021

Poly Network was a cross-chain interoperability protocol operating bridges between Ethereum, Binance Smart Chain, Polygon, Neo and other networks. Cross-chain transfers were authorised by a set of "keeper" signatures recorded on each connected chain.

The exploit targeted a function permitting any address to modify the keeper list on the destination chain. The attacker replaced the legitimate keepers with addresses they controlled, then authorised transfers totalling approximately $611 million from the Poly bridge contracts.

Within hours of the exploit, the attacker began posting on-chain messages — using the same wallets that held the stolen funds — describing the action as a demonstration of vulnerability rather than theft. They returned funds in tranches over the following two weeks. Poly Network publicly offered a $500,000 bug bounty and a "Chief Security Advisor" role, which the attacker rhetorically declined.

The full return was completed by 24 August 2021. Tether's $33M USDT exposure on the exploited chain was frozen shortly after the initial drain, complicating the attacker's position. No further legal proceedings were announced.