Polymarket
An attacker stole roughly $700,000 worth of POL tokens from two of Polymarket's operational wallets on Polygon. The wallets paid out user rewards and managed Polymarket's prediction-market resolution contract; both had their private keys exposed. Customer deposits, open trades, and market settlements were not touched. The stolen funds were routed through Changenow, HTX, and KuCoin within hours.
Our pre-hack assessment of Polymarket flagged operational security as the weakest layer of its defenses. The exact failure mode, a single hot wallet without multisig protection, was already visible in our breakdown.
The attacker held the private keys to Polymarket's reward wallet and admin wallet, drained them through a relay into the primary hub, and fanned the funds across 16 dispersal addresses to centralized exchanges.
Full forensic detail
Step-by-step reconstruction, root cause, counterfactuals, remediation, and disclosure timeline.
Exploit anatomy
native POL transfer (no calldata)native POL transfernative POL transfer (dispersal)CEX deposits / Changenow swapsRoot cause
Polymarket operates a centralized hot-wallet stack on Polygon: a POL reward distribution wallet (0x871D7c0f...929082) and the UMA CTF Adapter administration wallet (0x91430Ca...14E5c5). Both are single-key EOAs with no on-chain timelock, no multisig, no MPC custody, no per-transaction value cap, and no automated outflow-velocity circuit breaker. The private key for at least one (likely both, given synchronized drain timing) was exfiltrated by the attacker. Once held, the key allowed unbounded signing of native POL transfers at the attacker's pace. The drain was operationally trivial, a Python script could execute the entire attack, and the attacker maximized priority gas (~415 gwei effective) to outrun any human reaction or automated revocation. No smart contract was bypassed, no oracle was manipulated, no governance vote was forged. The failure is in custody architecture: operational wallets controlling protocol-adjacent value should not be single-EOA hot keys without HSM or threshold custody. The EIP-7702 delegation present on the POL reward wallet (target: an EIP7702StatelessDeleGator at 0x63c0c19a...e32b) was Polymarket's own batch-execution scaffolding for legitimate payouts; it was NOT the attack vector, since the observed drain txs are plain type-2 native transfers with no calldata.
Prevention analysis
Attack becomes infeasible with a single key compromise. Would have required two coordinated compromises, with the second giving defenders time to revoke via key rotation. Trivial to implement on Polygon, no excuse for single-EOA custody of protocol-adjacent value.
Eliminates the single-key extraction vector entirely. Even if any single node is compromised, no party holds enough material to sign autonomously. Industry-standard for any operator at Polymarket's TVL scale.
The 5,000-POL-per-30s pattern would have tripped a 1%-TVL-per-hour breaker within minutes. Drainage capped at ~$50-80K rather than $700K. The circuit breaker is a 30-line Solidity wrapper.
ZachXBT detected this externally first; Polymarket detected after public disclosure. A simple Tenderly/Forta alert on outflow rate would have shaved the 3.5-hour drain window to <30 minutes.
Similar incidents
Operational private-key compromise enabling unilateral drain. Drift was via long-form social engineering + durable-nonce blind signing on a 2/5 multisig; Polymarket is via direct key exfiltration on a single-EOA hot wallet. Same root cause: weak operational security and centralized access.
Profanity vanity-address private-key recovery on operational hot wallet (Sep 2022, $160M). Same architectural anti-pattern: single-EOA hot key holding operational value with no HSM/MPC.
Aggregator approval contract held EOA admin key that was leaked, allowing arbitrary token transfers (Oct 2022, $21M). Same key-custody anti-pattern.
Remediation
Timeline
Get your protocol scored across 12 dimensions, or request ongoing coverage.