Polygon Probably the most popular alternative to live trading on baselayer (L1), giving users the opportunity to make transactions quickly with low fees. () is best known as of the , it mean compatible with Virtual Machine Ethereum (EVM), which operates its own set of validator nodes. However, the development team has also invested heavily in Layer-2 technology and provides services such as the zk-STARKs-based Miden scaling solution.


Of course, with success comes the responsibility of protecting all the funds that users hold on the network. In a recent series of tweets, Justin Bons, Founder and CEO of Cyber ​​Capital, accused the Polygon development team of using lax security measures, mainly around , the administrative key control feature of the Polygon smart contract. According to Bons, it is controlling over $5 billion in funds from users.

“Polygon is not secure and centralized right now! It would only take five people to compromise over 5 billion dollars! Four of those people are the founders of Polygon! This is one of the cases Or the biggest scam just waiting to happen.”

What the development team can do with Polygon?

“The Polygon smart contract governance key is controlled by five of the eight multi-signature contracts (). This means that the Polygon development team can gain complete control of the network, with only 1 out of 4 contracts being outside of the project's control. The other four parties in also selected by Polygon”.

Read more  Google admits to losing BTC-e exchange data

According to Bons, this also means that the other four parties are "not entirely fair". Control over the contract administration key is equivalent to the power to change the rules. Anything can happen, including deleting the entire Polygon contract.

Some criticism has also been directed at Polygon's alleged lack of transparency. This is not the first time Polygon has been accused of this issue. Chris Blec at Watch previously sent request to the Polygon development team. However, Polygon did not respond to Blec's request.

The Polygon development team has been vocal about the lack of transparency. The team previously posted report about multisig to clarify the issue. In response to Bons' tweet, Mihailo Bjelic, co-founder of Polygon, indirectly confirmed concerns about multisig as Polygon is "working to eliminate them". Multisig is implemented in the “early stage” and is clearly not the ideal solution as the system grows.

“Multisig is considered the ultimate approach to protecting user funds in the early stages of development and is used by almost any scaling, bridging project.”

Bjelic also cited the transparency report, detailing a “plan to improve and eventually eliminate multisig,” which Bjelic later also explained in a tweet from Bons.

Read more  Arbitrum about to airdrop sparks speculation about new token

Scams affecting Polygon

According to BjelicI, fraud is not a real concern for Polygon; multisig is used to protect users from being hacked and Polygon is using multisig in this way, contrary to the allegations made by Bons.

According to Bons' criticism, five of the eight multisigs were "completely inadequate" to protect up to $5 billion, and that four of those eight multisigs were "given" to other parties selected by Polygon. select. For Bons, this could pose a risk of collusion.

According to BjelicI, however, other parties are “projects” Ethereum/Polygon has a good reputation and was not selected by Polygon, they decided to join”.

“The more people involved in establishing the signature, the harder it is to coordinate them in case an immediate response is needed. We're trying to find the right balance; and now have more participants than most other scaling projects,” BjelicI replied.

How should Polygon solve his problem?

In his tweet, Bons also shared some advice with the Polygon development team.

In Bons' opinion, Polygon must conduct their own decentralized governance protocol, based on token holders. . For now, this is still too model-focused (Delegated ) with a low number of validators. According to data from Plygonscan, only four validators have mined the majority of blocks in the last seven days.

Read more  Drama Binance & FTX when Binance dumped half a billion dollars FTT

Once Polygon has decentralized governance, they will have to pass on the smart contract governance key to Matic token holders, Bons suggested. This will most likely require a move to a new Polygon smart contract.

“This is obviously very difficult and expensive. However, the project didn't get it right from the start, and that's the price they pay for the decentralization and security that comes with it. This is what the market should be aiming for,” Bons tweeted.

In his reply, BjelicI said that the proposed solution “is certainly the goal of the project, as described in the transparency report. However, this will increase the response time in case something goes wrong, so it will be done and activated gradually.”

Join our channel to get the latest investment signals!