Blockchain researcher ZachXBT has highlighted a suspected security breach involving Polymarket, the world’s largest decentralized prediction market platform.
Over $520,000 was reportedly drained from two smart contracts on the Polygon blockchain, according to on-chain data shared by ZachXBT. The affected addresses are 0x871D7c0f9E19001fC01E04e6cdFa7fA20f929082 and 0x91430CaD2d3975766499717fA0D66A78D814E5c5, allegedly sent to attacker address 0x8F98075db5d6C620e8D420A8c516E2F2059d9B91.
Polymarket developers said the company is aware of reports linked to its reward payout system in a post on X. The team emphasized that user funds and market solutions remain secure, describing the issue as a private key compromise of an internal operations wallet rather than a broader smart contract exploit or core infrastructure breach. Further updates are expected.
Polygon Labs’ CTO Mudit Gupta also commented on the incident, saying:
“Polymarket contracts are safe. User funds are safe. It appears their market initializer was compromised. No impact to users or contracts.”
Polymarket has yet to issue an official statement from its primary X account. CoinDesk has reached out to the company for further comment. The incident comes amid heightened scrutiny of decentralized finance platforms.
