Contract Audit Passed, Thermometer Did Not: Polymarket's 'Physical Vulnerability' Moment

marsbitPubblicato 2026-04-23Pubblicato ultima volta 2026-04-23

Introduzione

According to reports, an individual manipulated temperature sensors at Paris Charles de Gaulle Airport (LFPG) on April 6th and 15th, causing brief, anomalous spikes of over 3°C. These events were allegedly orchestrated to profit from corresponding low-probability bets on the prediction market Polymarket, turning a small investment into approximately $34,000. The French national meteorological service, Météo-France, filed a criminal lawsuit after discovering signs of physical tampering. The attack required minimal technical skill; the perpetrator reportedly used a battery-powered hairdryer to briefly heat the publicly accessible sensor. Polymarket’s market for Paris temperature settles based on the day's highest recorded temperature from a data chain that runs from the physical sensor to Météo-France, to Weather Underground, and finally to its smart contract. In response, Polymarket did not void the profits or make an official statement. It silently changed the data source for its Paris market from LFPG to Le Bourget Airport (LFPB), a location with similarly unprotected sensors. This incident highlights a critical vulnerability: while the smart contracts are audited and secure, the physical data sources feeding them remain exposed and easy to manipulate.

Original Author: Sanqing, Foresight News

According to French media Le Monde, on April 6th and 15th, the meteorological sensors at Paris Charles de Gaulle Airport experienced two anomalies. The temperature surged by more than 3°C within minutes before quickly returning to normal, as if nothing had happened. Behind each anomaly, someone had placed bets on the corresponding low-probability temperature range on Polymarket in advance. From a principal of just tens of dollars, they collectively walked away with approximately $34,000 from these two incidents. The account that placed the first bet was created just two days before the anomaly occurred.

Météo-France subsequently conducted a physical inspection of the sensors and found signs of human intervention. They filed a criminal complaint with the Charles de Gaulle Airport Gendarmerie, with the charge being "interfering with an automated data processing system." According to an analysis in an AR15 forum post, based on Article 323-2 of the French Penal Code, and because Météo-France is a public institution, the related charges could carry a maximum penalty of 7 years imprisonment and a fine of 300,000 euros.

The Technical Sophistication of This Scam Is Approximately Zero

The settlement chain for Polymarket's Paris temperature market is as follows: Physical Sensor → Météo-France → Weather Underground → Polymarket Contract.

On this chain, the smart contract part is audited, data transmission is automated, and Weather Underground's data scraping is real-time. The only weak point is at the very beginning: a thermometer standing by the airport roadside, without fencing, without cameras, accessible to anyone who walks by.

All the attacker needed was a battery-powered heat gun/hairdryer.

Polymarket bases its settlement on the day's maximum temperature. This means that creating one brief temperature peak is enough to rewrite the official record for the day.

Acting in the evening or at night is more ideal, as the daytime high has usually already passed, making subsequent readings more likely to become the new record. Therefore, the suspect chose 7 PM on April 6th and 9:30 PM on April 15th.

The operational procedure was likely: buy the low-probability option in advance, walk to the sensor at night, turn on the heat gun, wait for the reading to cross the target temperature, stop, leave, and wait for on-chain settlement.

The entire operation required no technical skill whatsoever, just some understanding of the settlement mechanism and a willingness to walk to the edge of the airport.

Polymarket's Response: Quietly Swapped the Thermometer

Polymarket has not issued any official statement regarding this incident. The only thing it did was change the settlement data source for the Paris temperature market from Charles de Gaulle Airport (LFPG) to Le Bourget Airport (LFPB).

The profits from the two accounts were not revoked; the market settled normally according to the on-chain records.

The sensor at Le Bourget Airport is also placed outdoors, similarly without physical protection. They changed the address, but the problem remains entirely unchanged.

This is not Polymarket's first controversy. In October 2024, a French trader was accused of manipulating Trump election odds using 4 linked accounts, reportedly profiting $85 million; in March 2025, a whale used 5 million tokens to forcibly push through a UMA governance vote, settling a controversial market with a "Yes" outcome, involving $7 million; in January and March 2026, anomalous bets appeared in markets related to Venezuela and Iran respectively, with the latter already drawing attention from the US Congress...

Previous incidents at least required millions of dollars in capital or governance tokens; this time the cost was just a heat gun.

The Contract Was Audited, The Thermometer Was Not

This story has an absurd sense of humor. A prediction market running on the blockchain, touting decentralization and immutability, was thoroughly exploited twice by a battery-powered heat gun. Cryptography was of no help in this matter because it never verifies whether the input data is real.

Polymarket currently has 173 active weather markets. The settlement basis for most of these markets is a single physical sensor in some location.

When a sensor is used as a meteorological tool, its credibility comes from the fact that no one has a motive to tamper with it. Polymarket gave it a new incentive structure but provided no new physical protection.

The Météo-France thermometer dutifully recorded the temperature it sensed. It just didn't know it had become a financial settlement terminal.

Domande pertinenti

QWhat was the key vulnerability exploited in the Polymarket Paris temperature market incident?

AThe physical vulnerability of the meteorological sensor at Charles de Gaulle Airport, which was unprotected and could be easily manipulated with a simple tool like a battery-powered hairdryer.

QHow did the attackers profit from manipulating the temperature sensor?

AThey placed bets on low-probability temperature ranges on Polymarket just before artificially spiking the temperature, turning a small investment of tens of dollars into approximately $34,000 in profits across two incidents.

QWhat was Polymarket's response to the temperature manipulation incidents?

APolymarket did not issue an official statement or reverse the profits. They silently changed the data source for the Paris temperature market from Charles de Gaulle Airport (LFPG) to Le Bourget Airport (LFPB), which had the same physical vulnerability.

QWhat legal consequences might the perpetrators face according to the article?

AUnder French law, specifically Article 323-2, and because Météo-France is a public institution, the charges for interfering with an automated data processing system could result in up to 7 years in prison and a €300,000 fine.

QWhat does the incident reveal about the limitations of blockchain-based prediction markets like Polymarket?

AIt highlights that while smart contracts are audited and the blockchain is secure, the system remains vulnerable if the real-world data inputs (oracles) are not physically secure and can be easily manipulated, undermining the integrity of the market.

Letture associate

a16z: Scaling AI Without Cryptographic Verification Is a Dangerous Liability

A16z argues that scaling AI without cryptographic verification is a dangerous liability. As AI agents rapidly evolve from tools into autonomous economic participants, they currently lack standardized, portable identities, verifiable permissions, and programmable payment methods. This creates systemic risks in an economy where non-human entities already vastly outnumber human users in sectors like finance. Blockchain infrastructure offers a solution by providing a neutral coordination layer. It enables verifiable, on-chain credentials for agent identity (a "Know Your Agent" standard), ensures transparent governance to prevent centralized control of AI systems, and facilitates native payments through stablecoins and emerging markets for AI-to-AI commerce. Without cryptographic guarantees—such as auditable transaction records, constrained agent behavior, and proof of origin—scaling AI agents accumulates unmanaged risk. Trust deficit, not intelligence, becomes the bottleneck. The authors conclude that cryptographic verification is essential to maintain user control, ensure accountability, and safely delegate economic activity to autonomous systems.

marsbit14 min fa

a16z: Scaling AI Without Cryptographic Verification Is a Dangerous Liability

marsbit14 min fa

SpaceX and OpenAI Are About to Go Public, Your Index Fund Might Be Forced to 'Buy at the Peak'

The imminent mega-IPOs of companies like SpaceX and OpenAI pose a significant risk to index fund investors, who may be forced to buy these overvalued stocks at peak prices. Index funds, designed to replicate market performance, must purchase new listings once they are included in major indices, often through "fast entry" rules that allow inclusion within days. This creates a hidden cost: hedge funds and other intermediaries front-run these predictable purchases, driving up prices before the inclusion date, after which the shares typically underperform. Historical data shows that IPOs, especially those with low float (like SpaceX’s planned <5% float), tend to dramatically underperform the market over time. High valuations, low float, and forced buying during index rebalancing result in a performance drag for passive investors, effectively acting as a hidden tax. Attempting to invest pre-IPO via private markets is also risky due to survivor bias, high fees, and liquidity issues. For index investors, this costly mechanism is an unavoidable aspect of passive investing.

marsbit28 min fa

SpaceX and OpenAI Are About to Go Public, Your Index Fund Might Be Forced to 'Buy at the Peak'

marsbit28 min fa

Russia Advances Bill To Regulate Crypto Market, Eyes July 1st Implementation

Russia has advanced a key crypto bill, "On Digital Currency and Digital Rights," through its first parliamentary reading, aiming to establish a regulatory framework by July 1, 2026. The legislation recognizes digital assets as property and grants the Central Bank of Russia authority to license and oversee the market, permitting only licensed entities like exchanges and brokers to operate. It prohibits using crypto for domestic payments but allows it for cross-border settlements to bypass sanctions. The bill also introduces investor protection measures, including annual purchase limits for non-qualified investors and stricter oversight of mining activities.

bitcoinist37 min fa

Russia Advances Bill To Regulate Crypto Market, Eyes July 1st Implementation

bitcoinist37 min fa

GSR Launches Multi-Asset Crypto ETF With Staking Yields

GSR, an institutional crypto trading platform, has launched its first crypto exchange-traded fund, the Crypto Core3 ETF (BESO), which began trading on Nasdaq. The fund provides exposure to Bitcoin, Ethereum, and Solana and offers staking yields, along with a dynamic allocation strategy to maximize returns. On its first trading day, BESO saw approximately $4.8 million in activity. The ETF charges a 1% management fee and will rebalance its allocations weekly based on research-driven signals. GSR, founded by ex-Goldman Sachs traders, aims to reach more investors through this entry into the crypto ETF market, which has seen growing interest from major financial firms like Morgan Stanley and Goldman Sachs.

TheNewsCrypto2 h fa

GSR Launches Multi-Asset Crypto ETF With Staking Yields

TheNewsCrypto2 h fa

Yao Shunyu's 88 Days

Yao Shunyu, a 27-year-old AI expert with a background from Princeton and OpenAI, joined Tencent in September 2025. Within 88 days, he led a major overhaul of Tencent’s AI strategy and organization, resulting in the release of Hunyuan Hy3 preview—a MoE model with 295B total parameters and 21B active parameters, supporting up to 256K context length. The launch came after Tencent leadership, including CEO Ma Huateng and President Martin Lau, openly criticized Hunyuan's earlier underperformance—citing slow development, over-reliance on superficial benchmark optimization, and poor generalization in real-world applications. Internal adoption was low, with key business units like WeChat and gaming seeking external AI solutions. Yao reshaped Tencent’s AI approach by integrating previously siloed teams, dissolving the ten-year-old Tencent AI Lab, and establishing new units focused on AI infrastructure and data. Hy3 preview was developed using co-design principles, closely aligned with product teams to ensure practical usability from the start. It has already been integrated into core products like Yuanbao, QQ, and enterprise tools. The release signals a shift from chasing rankings to building usable, scalable AI grounded in Tencent’s ecosystem. While external partnerships (like with DeepSeek and OpenClaw) helped retain users temporarily, the focus is now on making Hunyuan a reliable internal foundation. The real test lies in sustaining this new organizational momentum amid fierce competition from Alibaba, DeepSeek, and others.

marsbit2 h fa

marsbit2 h fa

Trading

Spot

Futures