Polymarket investigates private key compromise, no contract exploit found

More than $520,000 drained from wallets linked to Polymarket’s operations on the Polygon network after what the prediction market platform confirmed was a private key compromise. Not a smart contract exploit, not a protocol vulnerability. Just someone getting hold of keys they shouldn’t have had.

Blockchain investigator ZachXBT first flagged the suspicious outflows on May 22, identifying two addresses tied to Polymarket’s UMA Conditional Token Framework (CTF) Adapter contracts. The Polymarket development team moved quickly to clarify the situation: the compromised wallet was an internal one used for rewards payouts, and no user funds were affected.

What happened and what didn’t

Here’s the thing about crypto security incidents. The difference between “someone stole a key” and “someone broke the vault” matters enormously. In this case, approximately 5,000 POL tokens and an undisclosed amount of USDC were siphoned from what Polymarket described as an internal operations wallet.

Think of it like someone stealing the key to a company’s petty cash drawer versus cracking the actual bank vault. The money is still gone, but the structural integrity of the system isn’t in question.

Polymarket investigates private key compromise, no contract exploit found

Other newsrooms on this story

Related reading

Polymarket investigates suspicious transactions, confirms no contract hack

Other newsrooms on this story

Related reading

Polymarket investigates suspicious transactions, confirms no contract hack

Polymarket says user funds safe after admin wallet compromise triggers $700,000…

Polymarket probes suspected private key compromise of internal top-up wallet on…

Polymarket Hit By ‘Internal Top-Up’ Wallet Exploit, $700K Drained - Decrypt

Polymarket-Linked UMA Adapter Exploited For at Least $520K

ZachXBT flags $520K Polymarket exploit on Polygon, team says funds are safe