A security researcher known as pwning.eth discovered and reported a software vulnerability that could have been exploited to steal up to $200 million from three Ethereum-compatible parachains on the Polkadot network.
The vulnerability was found in a program called Frontier that is used for “wrapping” native tokens on the Moonbeam, Astar Network, and Acala parachains.
Wrapping is the process of converting native crypto assets into tokens that can be more easily supported by apps, and is done through the use of a smart contract.
The vulnerability could have been used to mint unlimited wrapped tokens, but was fixed by the respective teams and an emergency patch was released before any malicious actors could exploit it.
Pwning.eth was awarded $1 million for the discovery, with $250,000 coming from Parity, the developer of the Frontier Library.