Read more of the latest cryptocurrency security news It was in a contract on Plasma, the DepositManagerProxy, that the flaw was discovered. This ‘ blockchain bridge’ uses a network called Plasma to authenticate and process withdrawals. The framework offers a “trustless, two-way transaction channel” between Polygon and Ethereum. Polygon is a protocol and a framework for building and connecting Ethereum-compatible blockchain networks. This could have allowed a malicious actor who has deposited just $4,500 to withdraw $1 million – and an attacker with $3.8 million could exploit the flaw to acquire up to $850 million. The flaw, discovered by ethical hacker Gerhard Wagner, enabled an attacker to double the amount of cryptocurrency they intend to withdraw up to 233 times. UPDATED Polygon, a blockchain technology company, has paid out $2 million in bug bounty rewards for a ‘double spend’ vulnerability that could have wreaked havoc across its network. Ethical hacker bags top prize for double spend flaw in smart contract