Polymarket confirms internal wallet compromise after up to $700K drained Polymarket disclosed on Friday that an internal “top‑up” wallet used for rewards payouts was drained after its private key was compromised — but stressed that user funds and market outcomes were not affected. What happened - On May 22, on‑chain investigator ZachXBT flagged a suspected drain tied to Polymarket’s Polygon infrastructure, initially estimating more than $520,000 taken from addresses linked to the prediction market. - Polymarket Developers later confirmed the incident in a tweet, saying the breach involved a wallet used for internal rewards top‑ups and “not contracts or core infrastructure.” The team said user funds and market resolution remain safe. - About an hour after the first disclosures, analytics platform Bubblemaps put the loss at roughly $700,000, reporting the stolen funds were split across 16 addresses and routed through centralized exchanges and other services. Bubblemaps also reported that suspected withdrawals have since stopped. Security analysis - Independent reviewers and security firms reached similar conclusions: this appears to be an operational security failure rather than a protocol exploit. - Andy Yajin Zhou, associate professor at the Chinese University of Hong Kong and co‑founder of on‑chain security firm BlockSec, told Decrypt the evidence points to a private key compromise of an admin wallet and not a flaw in adapter contract logic or the prediction‑market infrastructure. - Cyvers, a blockchain security firm, echoed that this incident affected admin/operational wallets rather than core settlement contracts and highlighted the broader industry risk around privileged wallets and key management. - Dan Dadybayo, strategy lead at infrastructure firm Horizontal Systems, framed the incident as part of a larger trend: attackers are increasingly targeting operational layers (admin wallets, permissions, signing processes) instead of directly exploiting smart contracts. Why it matters - Polymarket’s core contracts that record bets and resolve markets rely on external services to confirm outcomes. Because the compromised wallet was used for rewards payments only, Polymarket says market settlements and user balances were not impacted. - The event underscores an industry‑wide operational security challenge: even secure smart contracts can be undermined by weak key management, lax access controls, or insufficient monitoring of privileged wallets. Polymarket and on‑chain analysts continue to monitor fund flows. Decrypt has reached out to Polymarket for further comment. This is a developing story and will be updated as new information becomes available.
Polymarket Confirms $700K Stolen from Internal Wallet, User Funds Unaffected
ChainGPTShare
Summary
Polymarket confirmed $700K was stolen from an internal wallet after its private key was compromised, according to on-chain data. The affected wallet was used for rewards payouts, and user funds remain untouched. On-chain analysis by ZachXBT and Bubblemaps showed the funds were split across 16 addresses. Security experts point to operational errors, not a protocol flaw, as the likely cause.
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.