Boesin’s Analysis of the Fix Code on Poly Network Smart Contracts

Beosin has completed the analysis of the fix code of PolyNetwork Smart Contracts attacked on August 10(link to fix code: This code can repair contract-level vulnerabilities by adding a whitelist of contracts and function names.

The specific repair is as follows.

1 At EthCrossChainManager contract deployment, three white lists are initialized: whiteListFromContract, whiteListToContract, and whiteListMethod. where.

whiteListFromContract is used to specify which contracts can call the crossChain function, and crossChain events are triggered in the crossChain function.

whiteListToContract whitelist specifies the list of allowed target contracts when performing cross-chain transactions, which will only contain LockProxy contract addresses upon confirmation with the project owner.

whiteListMethod is used to specify the functions that can be called for cross-chain transactions. After confirming with the project, this whitelist will only contain the unlock function.

Figure 1 :Constructor

2. Check the corresponding whitelist before executing the function

Figure 2 :whiteListFromContract whitelist check
Figure 3: whiteListToContract、whiteListMethod whitelist check


The fix code strictly restricts the target contracts that can be called by cross-chain messages and the functions that can be called, avoiding the problem of EthCrossChainManager being controlled by attackers at the contract level and calling sensitive functions such as putCurEpochConPubKeyBytes of the EthCrossChainData contract.

Blockchian Security · IDE · Beosin-VaaS · Formal Verification · SAS | China leading enterprise in blockchain security field