Cointime

Cointime

Download App
iOS & Android

Lost in Translation: Polygon Bridge’s Unclaimed Millions

Validated Media

At ZenGo – the non-custodial MPC wallet with no private key – we are preparing to add support for  Polygon’s POS chain (AKA Polygon or MATIC). This will allow ZenGo users to enjoy Web3 DeFi and NFTs with lower gas fees, and offer all Polygon users a wallet with 10x more security than traditional wallets currently supporting Polygon. One of the key elements of Polygon’s success is its bridging technology, allowing users to virtually move assets (such as NFTs and tokens) from the Ethereum blockchain to the Polygon blockchain and vice versa.

Coming Soon! TM 😉

As part of our ongoing research on blockchains and their security features, we investigated the inner workings of Polygon’s bridge. There, we discovered millions of USD of forgotten bridged tokens that have not been claimed by their owners. As a result of this research we were able to help a whale user reclaim $2M of funds, together with the Polygon team.

In this blog we dive into the inner workings of the Polygon bridge, successfully verify its financial soundness by leveraging some newly-developed Dune Analytics capabilities, discuss the phenomena of forgotten funds, and show how they can be claimed by their rightful owners.

How the Polygon Bridge Works

To bridge assets between Ethereum and Polygon, users must rely on a dapp, like the official Polygon bridge.

The Polygon Bridge Dapp (https://wallet.polygon.technology/bridge)

But what happens behind the scenes of this dapp, how does it work?

When users want to transfer an asset from Ethereum to Polygon (AKA “deposit”), say 100 USDT, they send it to a contract deployed by Polygon on the Ethereum blockchain and this contract emits an event. Polygon validator nodes are monitoring for such events and when they find them, they mint the appropriate amount/asset (100 USDT) on the Polygon blockchain and send it to the user’s address. The user’s Polygon address remains the same address as on Ethereum.

Therefore as users, in order to bridge an Ethereum based token to Polygon, we send just a single transaction on Ethereum and after a while the tokens will appear in our wallet on the Polygon side.

Once that token is on the Polygon side, users can engage in whatever form of DeFi they choose and enjoy Polygon’s lower fees and faster completion times. The value of the bridged USDT on the Polygon side remains the same as it was on the Ethereum side, as it’s 1:1 backed by original Ethereum USDT, held by the Polygon’s Ethereum contract.

Let’s assume that after a while, our users profit and now want to bridge their newly earned 200 USDT back to Ethereum (AKA “withdraw”). The process is similar in nature, but a bit different in details.

First, the user has to “burn” (send to the 0 address) their USDT Polygon tokens. As before, Polygon validators are monitoring for such burn events on the Polygon network, accumulate, and aggregate a few of such burns over a period of time and update the Polygon Ethereum side with this aggregated information.

But unlike Polygon deposits, when a user withdraws their assets back to the Ethereum side, they need to send an additional Ethereum transaction to claim their USDT from the Polygon Ethereum contract. The claim transaction contains a cryptographic proof that the withdrawer actually burned their tokens on the Polygon side. Once the contract gets the proof, it validates it and sends the tokens to the withdrawer address on Ethereum. 

Summing up, the deposit side (Ethereum → Polygon) is a one click process that takes a few minutes. However, the withdrawal side (Polygon → Ethereum) is a two step process, and may take a few hours between the first step and the availability of the final step.

Verifying the Financial Soundness of Polygon Bridge

The financial soundness of the bridge stems from the fact that for each asset minted on the Polygon side of the bridge, Polygon’s contract on the Ethereum side holds the appropriate amount – given recent news with custodial exchanges and phantom assets, you might consider this inquiry as an attempt to confirm a blockchain’s “Proof of reserves”

Luckily, unlike with centralized exchanges, in DeFi all information is available on the blockchain and we can easily and directly verify it without trusting an obscure proof of reserve document.

Using Etherscan we can see that the Polygon contract holds (as of November 13th, 2022) more than a $7 billion worth of ERC20 tokens alone (without taking into account ETH and NFTs).

When we compared the numbers across the bridge, we were happy to find out that the Ethereum side always had more tokens than the Polygon side, meaning that all of the tokens that were bridged to Polygon are indeed properly backed by Ethereum tokens.

However, we noticed a big surplus of about 1% extra token on the Ethereum side, which required an explanation.

For example: On November 13th, USDT on the Polygon side had 675M units (see below) while the Ethereum side had 683M units (see above).

Polygon bridge ERC20 holdings greater than $7B, on November 13th, 2022 (Source: Etherscan)

We verified that the same phenomena of 1% differences repeat on other major assets such as USDC, ETH, DAI.

Difference in main asset balances across the bridge (as of November 25, 2022)

While 1% may not sound like much, when dealing with $7B sums it can be material.

Forgotten Funds Analysis

To spot the missing funds, we tried to match burned transactions on the Polygon side with their counterpart claim transactions on the Ethereum side. To do so, we took advantage of a new query engine recently developed by Dune Analytics that allows cross-chain queries.

Unclaimed USDT Dune Analytics query (see https://dune.com/queries/1536897)

Using this query, we were able to verify that indeed there were more withdraw calls on the Polygon side than the expected counterpart claim calls on the Ethereum side. As the screenshot above shows, there were about 3000 withdraw calls that are unmatched to a claim just for USDT.

We have since developed and are happy to share a generic Dune Analytics query that supports any bridged ERC20 pair. 

Our generic Dune Analytics query that supports any Polygon bridged ERC20 pair

Holidays came early: Saving $2M for user 007

Looking deeper into individual cases we found many interesting examples. For example, this mysterious user (appropriately abbreviated to 0x007) made two withdraws of both Wrapped ETH and Wrapped BTC on Polygon, each of them worth more than $1M over half a year ago but still have not claimed it on the Ethereum side.

Burning on Polygon (sending to the “0” address) but never claiming on the Ethereum side

We can see that this user was still active on Ethereum a month later, so we can rule out key loss as the reason for not claiming the funds.

To make sure that indeed these funds can be claimed by the user, we simulated the claiming transaction on a simulation platform that can ignore we are not user 0x007, providing it with the appropriate burn proof and were able to claim the $1M lost ETH, meaning the original user can do it too.

Although it’s hard to imagine how someone can just “forget” about millions of USD, we assume that it might be related to the fact that additional transactions are required and that the funds are not claimable immediately, therefore creating room for such mistakes.

When we reported our findings to the Polygon team on November 23rd, 2022, they sent the relevant claiming transactions to the user, releasing $2M from the Polygon bridge to that user’s account. It’s worth noting that any altruistic user willing to pay the gas price, not just Polygon, could claim the unclaimed funds and move them to the original withdrawing account.

007’s account reunited with their $2M unclaimed funds on November 23rd (Source: Debank )

We could only imagine that it was a very nice surprise for 007, waking up and finding an extra $2M in their Ethereum account!

Summing up

The Polygon blockchain and its bridging capabilities can be very useful to users. Bridging from Ethereum is quite straightforward, however bridging back might be more cumbersome to users, currently resulting in potential losses currently valued in millions of USD.

Luckily, nothing is permanently lost! If you have such unclaimed bridge funds, feel free to reach out to us and we will try to help you get your money back!

In the meantime…

  • Follow ZenGo on Twitter for latest updates: @ZenGo
  • Learn more about ZenGo X, our open-source MPC library, and github here.
Polygon
Comments

All Comments

Recommended for you

  • U.S. Department of Justice: Two Chinese nationals arrested for allegedly defrauding at least $73 million through cryptocurrency investments

    According to the official website of the United States Department of Justice, a complaint from the central region of California was made public yesterday, accusing two Chinese nationals of playing a major role in a money laundering scheme involving cryptocurrency investment fraud.Daren Li, 41 years old, is a dual citizen of China and St. Kitts and Nevis, and is also a resident of China, Cambodia, and the United Arab Emirates. He was arrested on April 12th at Hartsfield-Jackson Atlanta International Airport and later transferred to the central region of California. Yicheng Zhang, 38 years old, is a Chinese national currently residing in Temple City, California. He was arrested yesterday in Los Angeles. Today, they are accused of leading a money laundering scheme related to an international cryptocurrency investment scam, involving at least $73 million. These arrests were made possible thanks to the assistance of our international and US partners, demonstrating the Department of Justice's commitment to continuing to combat the entire cybercrime ecosystem and prevent fraud in various financial markets.

  • Hong Kong expands digital yuan pilot to allow e-CNY wallets for cross-border payments

    The Hong Kong Monetary Authority and the People's Bank of China have expanded their cross-border digital yuan pilot to allow Hong Kong residents to use e-CNY wallets for cross-boundary payments. The digital yuan is China's central bank digital currency, which has been piloted for several years and is among the most advanced of its kind globally. Users can set up wallets using just a phone number and top them up in real-time through 17 Hong Kong retail banks. The HKMA plans to work with the Digital Currency Institute to explore enhancing interoperability in payments and corporate use cases, such as cross-border trade settlement.

  • WSJ: GPU cloud computing platform CoreWeave raises $7.5 billion to promote artificial intelligence computing

    CoreWeave, an artificial intelligence cloud computing startup supported by Nvidia, has raised $7.5 billion from investors including BNY Mellon, KKR, and BlackRock. This financing is one of the largest private debt financings ever. Just two weeks ago, CoreWeave completed a $1.1 billion equity financing round with a valuation of $19 billion. As of the end of last year, the company had 14 data centers and plans to double that number to 28 by the end of this year.

  • In the past 24 hours, the entire network has liquidated $139 million, and long orders have liquidated $83.5374 million

    According to Coinglass data, there were liquidations totaling $139 million in the past 24 hours, with a total of 56,471 people being liquidated.Of these, long positions were liquidated for $83.5374 million, short positions were liquidated for $55.4391 million, BTC was liquidated for $39.2379 million, ETH was liquidated for $26.5550 million, and SOL was liquidated for $10.2312 million.

  • Türkiye proposes to align crypto legislation with international standards

    Turkey's ruling party submitted a draft encryption bill to parliament on May 16. The bill focuses on licensing and registration of encryption service providers and aligning with international standards.The draft law aims to update existing legislation to comprehensively regulate the emerging cryptocurrency market. The key areas of focus for the bill include consumer protection, platform transparency, and compliance with financial regulations. The proposed legislation aims to regulate cryptocurrency trading platforms and other service providers in the industry, requiring them to obtain a license from the Capital Markets Board of Turkey.

  • Binance assisted Taiwan’s law enforcement agencies in cracking a major virtual asset case involving nearly NT$200 million

    On May 17th, Binance announced that the Financial Crime Compliance department (FCC) of Binance, in collaboration with the Taiwan Department of Justice Investigation Bureau, has successfully cracked a major criminal case involving money laundering of virtual assets, with an involved amount of nearly 200 million New Taiwan dollars. Throughout the entire case, Binance provided support to Taiwan's crime fighters, offering crucial intelligence and assistance, and played a key role in promoting the investigation.

  • $1.2 billion in notional value of BTC options and $930 million in ETH options are set to expire

    Greeks.live data shows that on May 17th, 18,000 BTC options with a put/call ratio of 0.63 and a maximum pain point of $63,000 (nominal value of $1.2 billion) will expire. Additionally, 320,000 ETH options with a put/call ratio of 0.28 and a maximum pain point of $3,000 (nominal value of $930 million) will also expire. Greeks.live states that this week, inspired by the meme stock craze in the US, BTC ETFs have seen significant inflows, causing BTC to surge above $65,000. However, the rest of the crypto market remains weak, with trading volume continuing to decline, and the divergence in the options data of BTC and ETH reflects this. Looking at the structure of bulk trades and market trades, the downward trend in IV for major deadlines has ended and entered a consolidation phase, with limited downside potential at present. BTC longs and shorts are relatively balanced, while the weak ETH price has led to a continuous decline in market confidence, with selling calls becoming the absolute main transaction.

  • Tether CEO: 1 billion USDT will be issued on Tron Network, but it has been authorized but not yet issued

    On May 17th, Tether CEO Paolo Ardoino announced that 1 billion USDT had been issued on the Tron Network early this morning Beijing time, but not yet released. This means that the amount will be used as inventory for the next issuance request and chain exchange.

  • On-chain indexing service Subsquid completes financing of US$17.5 million, with participation from DFG and others

    Subsquid, a chain indexing service, announced the completion of a $6.3 million financing through the CoinList community. As of now, its total financing amount has reached $17.5 million, with participation from DFG, Hypersphere, Zee Prime, Blockchange, and Lattice. It is reported that its native token, SQD, is scheduled to be listed this Friday. The Subsquid SDK has been integrated with Google BigQuery, allowing developers to use Google's technology to analyze blockchain data and reduce the data costs of large-scale deployment in the blockchain and developer communities.

  • In April, Polygon’s on-chain NFT sales exceeded US$50 million, setting the second highest record of the year

    According to Cryptoslam data, the NFT sales on Polygon chain in April exceeded 50 million US dollars, reaching 51,539,690.69 US dollars, setting the second highest monthly sales record in 2024, second only to January's sales of 112 million US dollars this year. In addition, the NFT trading volume on Polygon chain in April increased significantly to 1.5 million transactions, with nearly 90,000 independent sellers and over 33,000 independent buyers.

Daily Must-Read

Popular Activities

Delysium $AGI & AI Private Yacht Party

Delysium $AGI & AI Private Yacht Party

March 27 - March 27
Seoul

Popular Tags

Cointime
News
Contents
RSS
Company