Contract Audit Passed, Thermometer Did Not: Polymarket's 'Physical Vulnerability' Moment

marsbitPublished on 2026-04-23Last updated on 2026-04-23

Abstract

According to reports, an individual manipulated temperature sensors at Paris Charles de Gaulle Airport (LFPG) on April 6th and 15th, causing brief, anomalous spikes of over 3°C. These events were allegedly orchestrated to profit from corresponding low-probability bets on the prediction market Polymarket, turning a small investment into approximately $34,000. The French national meteorological service, Météo-France, filed a criminal lawsuit after discovering signs of physical tampering. The attack required minimal technical skill; the perpetrator reportedly used a battery-powered hairdryer to briefly heat the publicly accessible sensor. Polymarket’s market for Paris temperature settles based on the day's highest recorded temperature from a data chain that runs from the physical sensor to Météo-France, to Weather Underground, and finally to its smart contract. In response, Polymarket did not void the profits or make an official statement. It silently changed the data source for its Paris market from LFPG to Le Bourget Airport (LFPB), a location with similarly unprotected sensors. This incident highlights a critical vulnerability: while the smart contracts are audited and secure, the physical data sources feeding them remain exposed and easy to manipulate.

Original Author: Sanqing, Foresight News

According to French media Le Monde, on April 6th and 15th, the meteorological sensors at Paris Charles de Gaulle Airport experienced two anomalies. The temperature surged by more than 3°C within minutes before quickly returning to normal, as if nothing had happened. Behind each anomaly, someone had placed bets on the corresponding low-probability temperature range on Polymarket in advance. From a principal of just tens of dollars, they collectively walked away with approximately $34,000 from these two incidents. The account that placed the first bet was created just two days before the anomaly occurred.

Météo-France subsequently conducted a physical inspection of the sensors and found signs of human intervention. They filed a criminal complaint with the Charles de Gaulle Airport Gendarmerie, with the charge being "interfering with an automated data processing system." According to an analysis in an AR15 forum post, based on Article 323-2 of the French Penal Code, and because Météo-France is a public institution, the related charges could carry a maximum penalty of 7 years imprisonment and a fine of 300,000 euros.

The Technical Sophistication of This Scam Is Approximately Zero

The settlement chain for Polymarket's Paris temperature market is as follows: Physical Sensor → Météo-France → Weather Underground → Polymarket Contract.

On this chain, the smart contract part is audited, data transmission is automated, and Weather Underground's data scraping is real-time. The only weak point is at the very beginning: a thermometer standing by the airport roadside, without fencing, without cameras, accessible to anyone who walks by.

All the attacker needed was a battery-powered heat gun/hairdryer.

Polymarket bases its settlement on the day's maximum temperature. This means that creating one brief temperature peak is enough to rewrite the official record for the day.

Acting in the evening or at night is more ideal, as the daytime high has usually already passed, making subsequent readings more likely to become the new record. Therefore, the suspect chose 7 PM on April 6th and 9:30 PM on April 15th.

The operational procedure was likely: buy the low-probability option in advance, walk to the sensor at night, turn on the heat gun, wait for the reading to cross the target temperature, stop, leave, and wait for on-chain settlement.

The entire operation required no technical skill whatsoever, just some understanding of the settlement mechanism and a willingness to walk to the edge of the airport.

Polymarket's Response: Quietly Swapped the Thermometer

Polymarket has not issued any official statement regarding this incident. The only thing it did was change the settlement data source for the Paris temperature market from Charles de Gaulle Airport (LFPG) to Le Bourget Airport (LFPB).

The profits from the two accounts were not revoked; the market settled normally according to the on-chain records.

The sensor at Le Bourget Airport is also placed outdoors, similarly without physical protection. They changed the address, but the problem remains entirely unchanged.

This is not Polymarket's first controversy. In October 2024, a French trader was accused of manipulating Trump election odds using 4 linked accounts, reportedly profiting $85 million; in March 2025, a whale used 5 million tokens to forcibly push through a UMA governance vote, settling a controversial market with a "Yes" outcome, involving $7 million; in January and March 2026, anomalous bets appeared in markets related to Venezuela and Iran respectively, with the latter already drawing attention from the US Congress...

Previous incidents at least required millions of dollars in capital or governance tokens; this time the cost was just a heat gun.

The Contract Was Audited, The Thermometer Was Not

This story has an absurd sense of humor. A prediction market running on the blockchain, touting decentralization and immutability, was thoroughly exploited twice by a battery-powered heat gun. Cryptography was of no help in this matter because it never verifies whether the input data is real.

Polymarket currently has 173 active weather markets. The settlement basis for most of these markets is a single physical sensor in some location.

When a sensor is used as a meteorological tool, its credibility comes from the fact that no one has a motive to tamper with it. Polymarket gave it a new incentive structure but provided no new physical protection.

The Météo-France thermometer dutifully recorded the temperature it sensed. It just didn't know it had become a financial settlement terminal.

Related Questions

QWhat was the key vulnerability exploited in the Polymarket Paris temperature market incident?

AThe physical vulnerability of the meteorological sensor at Charles de Gaulle Airport, which was unprotected and could be easily manipulated with a simple tool like a battery-powered hairdryer.

QHow did the attackers profit from manipulating the temperature sensor?

AThey placed bets on low-probability temperature ranges on Polymarket just before artificially spiking the temperature, turning a small investment of tens of dollars into approximately $34,000 in profits across two incidents.

QWhat was Polymarket's response to the temperature manipulation incidents?

APolymarket did not issue an official statement or reverse the profits. They silently changed the data source for the Paris temperature market from Charles de Gaulle Airport (LFPG) to Le Bourget Airport (LFPB), which had the same physical vulnerability.

QWhat legal consequences might the perpetrators face according to the article?

AUnder French law, specifically Article 323-2, and because Météo-France is a public institution, the charges for interfering with an automated data processing system could result in up to 7 years in prison and a €300,000 fine.

QWhat does the incident reveal about the limitations of blockchain-based prediction markets like Polymarket?

AIt highlights that while smart contracts are audited and the blockchain is secure, the system remains vulnerable if the real-world data inputs (oracles) are not physically secure and can be easily manipulated, undermining the integrity of the market.

Related Reads

SharpLink CEO: How to Interpret Ethereum Developers Surpassing 1 Million?

SharpLink CEO reflects on the milestone of Ethereum surpassing one million historical developers, a figure unmatched in crypto. Based on Electric Capital data and observations from Asian developer hubs, the article argues that Ethereum’s true strength isn't raw speed, but where top builders choose to build long-term. The core advantage is a decade-deep ecosystem of standards, tools, liquidity, and culture. Of the over one million developers, about 232,000 were active in the past year, working on hard problems: protocol scalability (e.g., the upcoming Glamsterdam upgrade), synchronous composability across rollups, and post-quantum security preparedness. Ethereum’s defensibility stems from network effects beyond numbers: deep composability (the "financial Lego" of DeFi), the universal EVM/Solidity stack, credible neutrality (secured by ~900k validators), and its role as the trusted settlement layer for major institutions. The convergence of top researchers, a modular rollup ecosystem, and a culture of long-term thinking create a compounding advantage that is difficult to replicate. The conclusion is that Ethereum has consolidated its position as the default operating system for programmable finance and internet-native capital, attracting the builders who are architecting the next generation of financial infrastructure.

marsbit4m ago

SharpLink CEO: How to Interpret Ethereum Developers Surpassing 1 Million?

marsbit4m ago

SharpLink CEO: How to Understand Ethereum Developers Just Exceeded 1 Million?

SharpLink CEO reflects on the milestone of Ethereum surpassing 1 million historical developers, emphasizing that this figure represents the largest pool of technical talent ever assembled around an open, permissionless blockchain network. While approximately 232,000 developers remain active, the key question for the crypto industry is not which chain is fastest, but where the best builders choose to build long-term. Ethereum's advantage lies in a decade-long accumulation of infrastructure, standards, tools, liquidity, and a cohesive culture, making it the default operating system for programmable finance. This developer base is tackling complex challenges: the Glamsterdam upgrade aims to enhance scalability while preserving core principles; synchronous composability seeks to unify Rollup ecosystems; and significant efforts are underway for post-quantum security. Ethereum's deeper network effects stem from composability and shared standards (like the EVM and Solidity), creating a flywheel of more developers, tools, and liquidity. Three reinforcing strengths cement Ethereum's lead: credible neutrality (secured by ~900k validators), a modular architecture with interconnected Rollups, and a culture that attracts top researchers. The ecosystem is consolidating as the trusted coordination layer for internet-native finance, favored by large institutions valuing security and liquidity. The future of Ethereum is being built by this global community of founders and architects.

链捕手8m ago

SharpLink CEO: How to Understand Ethereum Developers Just Exceeded 1 Million?

链捕手8m ago

A Clod of Chinese Soil Chokes Two Japanese Giants

"Chinese Soil Chokes Japanese Giants" The production of a key electronic specialty gas, tungsten hexafluoride (WF6), vital for manufacturing AI chips, was halted by two leading Japanese producers—Kanto Denka and Central Glass. Their shutdown was not due to a technological failure but a sudden, critical shortage of a raw material they had long taken for granted: ultra-high-purity (6N-grade) tungsten powder, which is almost entirely sourced from China. Following a quiet Chinese export announcement in January 2026, tungsten powder shipments to Japan dropped to zero for months. Despite frantic efforts, Japanese companies found no viable alternative; imported powder was three times more expensive and lacked the required purity. Their existing stockpiles were exhausted by mid-2026. WF6 is essential for depositing tungsten into the microscopic contact holes of High Bandwidth Memory (HBM) chips, which are crucial for advanced processors like those from Nvidia. While Japanese firms had mastered producing ultra-pure WF6 gas, their entire supply chain relied on China's 6N tungsten powder—a dependency now revealed as a fatal vulnerability. China's dominance in this "soil" results from decades of painstaking R&D by companies like Xiamen Tungsten and China Tungsten & Hightech. They overcame immense technical hurdles, such as separating chemically similar molybdenum from tungsten, to achieve mass production of the world's purest tungsten powder. With their primary suppliers gone, Kanto Denka and Central Glass announced a permanent halt to WF6 production starting July 1, 2026. This immediately created a supply crisis for major semiconductor manufacturers like Samsung and SK Hynix, forcing them to urgently seek and certify new Chinese suppliers for WF6 itself. The reversal marks a dramatic shift: China has moved from exporting low-value raw materials to controlling the high-purity foundation of a critical global tech supply chain, upending a long-established industrial hierarchy.

marsbit39m ago

A Clod of Chinese Soil Chokes Two Japanese Giants

marsbit39m ago

From Identity Protocol to AI Gateway: How Ambitious Is World?

The article discusses Worldcoin's (WLD) evolution from a "proof of personhood" network to a potential identity infrastructure for the AI era. Initially focused on unique digital identities via iris scans, Worldcoin faced skepticism over real-world use cases. However, entering "The Simple Plan" Phase 3, it's shifting from token incentives to utility-driven growth. Key applications are emerging: enterprise solutions (e.g., deepfake verification with Zoom, Okta), consumer use cases (e.g., reducing bots on Tinder or in ticket sales), and notably, the AI Agent sector via AgentKit, which aims to establish trusted authorization between humans and AI agents. The author argues AI's proliferation makes authentic human identity a scarce and valuable resource. Worldcoin's strategy is now focused on key markets for network effects and developing self-service Orb hardware to scale sustainably. The launch of World ID 4.0 introduces a fee model for issuers/protocols, creating a potential revenue stream. In conclusion, WLD's rise reflects a market reassessment. Worldcoin's ambition is to become the foundational identity layer and crucial entry point for the coming AI Agent economy, moving crypto narratives beyond finance into verifiable human identity.

marsbit1h ago

From Identity Protocol to AI Gateway: How Ambitious Is World?

marsbit1h ago

Without Tencent, What's Left for Suiyuan?

The article centers on the crucial question posed in the title: what is Seyond Technology really worth if its dominant customer, Tencent, were to stop purchasing its AI chips? As the last of China's "Four AI Chip Dragons" to secure approval for a public listing, Seyond's IPO filing reveals a profound and controversial dependency. In 2025, 74.9% to over 80% of its revenue came from Tencent. The piece argues that this extreme customer concentration is not merely a vulnerability but a strategic outcome of China's AI industry evolution. It contrasts Seyond's path with its peers (Moore Thread, Biren Technology, and MetaX), noting that while others raced to market with ambitious stories, Seyond focused first on securing and delivering for a major client. Its explosive revenue growth—with Q1 2026 up 1474.85% year-on-year—is driven by concentrated orders from Tencent, which itself faces massive, escalating AI compute demands for products like its Yuanbao and Hunyuan models. The relationship is framed as a deliberate, symbiotic cultivation of a supply chain. As both a major shareholder (20.26%) and primary client, Tencent is actively fostering Seyond to build a controllable, stable alternative to NVIDIA, similar to how global tech giants historically nurtured key suppliers. The high switching costs—involving software stacks and deployed systems—create a deep "ecological moat" for Seyond within Tencent's ecosystem. The analysis positions the AI chip landscape in three tiers: NVIDIA as the global leader, Huawei's Ascend as the state-backed player, and commercial firms like Seyond competing for market orders. Seyond is increasingly seen as "Tencent's compute foundation," with its product roadmap closely aligned with the tech giant's needs. The conclusion is that the industry's metric for success is shifting from fundraising and technical specs to real orders, delivery capability, and ecosystem binding. Seyond's value, therefore, lies not just in its chips but in holding a massive, multi-year procurement order from China's largest internet company—a tangible asset arguably more telling than any technical whitepaper in the current climate. The core insight is that for domestic chips, the ultimate challenge isn't just catching up technologically with NVIDIA, but earning the trust, scenarios, and recurring orders from a major anchor client.

marsbit1h ago

Without Tencent, What's Left for Suiyuan?

marsbit1h ago

Trading

Spot
Futures
活动图片