He used a hairdryer to "print money" worth $34k on Polymarket

Hey Ou Ba, Jinse Finance

In April 2026, the crypto prediction platform Polymarket repeatedly staged absurd yet real “money printing” scenes: someone, using nothing more than a hairdryer, interfered with meteorological sensors through hot air and manipulated temperature prediction contracts twice, for total profits of nearly $34,000.

This was neither a sophisticated hacking attack nor a hidden code vulnerability, but the most primitive and lowest-cost form of physical interference. This ridiculous operation directly punctured the core truth of prediction markets: no matter how precise the smart contracts on-chain are, they remain helpless in the face of physical interference in the real world off-chain.

How does a hairdryer “print money” in Web3?

At 18:30 on April 6, there were bizarre temperature fluctuations at the meteorological station at Charles de Gaulle Airport in France: within just 12 minutes, the temperature surged by about 4°C, briefly touched 22.5°C, and then quickly dropped back. What was abnormal was that nearby stations showed no anomalies at all, and indicators such as wind direction and humidity also remained completely steady. Meteorological experts clearly stated that the phenomenon could not be explained by natural principles.

At that time on Polymarket, there was a betting contract on whether “the day’s highest temperature in Paris will exceed 21°C.” Before settlement, market participants generally expected the highest temperature to be only 18°C, and the share of bets related to this was as high as 95%. This artificially manufactured temperature anomaly enabled a newly registered user—who had only signed up two days earlier—to profit $14,000 at extremely low cost.

At 21:30 on April 15, the same plot played out again 9 days later. Under clear skies, the temperature reading at Charles de Gaulle Airport spiked abnormally to 22°C, then returned to normal within a few minutes. The temperatures on the days before and after were both around 18-19°C, but only that day precisely hit the contract’s settlement threshold. Another trader then profited more than $20,000 from it.

The total cost of the two operations was nothing more than a hairdryer, transportation expenses, and several hours of waiting—yet it produced earnings of tens of thousands of dollars. It can be called a “textbook” case of prediction market manipulation. After the incident, jokes kept coming from the community: “The invisible hand of the market is now holding a hairdryer.” “Someone analyzed the data for half a day, but in the end lost to a hairdryer in the parking lot.”

Facing public questioning, Polymarket did not publicly admit manipulation, but quietly switched the data source for the Paris temperature market—effectively confirming the reality of this physical tampering.

Polymarket Manipulation History: A Roundup

The hairdryer incident drew worldwide attention not only because the operation was absurd, but also because this was not the first time Polymarket had seen market manipulation. This prediction platform, with a valuation of $9 billion and claiming to “aggregate collective intelligence,” has long turned into a testing ground for all kinds of “creative manipulations,” and the underlying mechanism vulnerabilities behind it have been exposed multiple times already.

Oracles Become Tools

In March 2025, Polymarket launched a betting contract on whether the “US-Ukraine mineral agreement” would be signed. At that time, the agreement had not been officially signed, and there were no public details. Large bettors who bet on “not signed,” leveraging their heavy voting weight in the UMA oracle of the adjudicator, forced the result to be ruled as “signed” at the final moment, executing an upset reversal.

The community strongly protested, but the platform refused refunds, citing “no system failure.” This incident laid bare the industry’s contradictions: once decision-making power is concentrated in the hands of a small group of capital holders, the so-called decentralized oracle is nothing more than a self-deceiving narrative. Similar absurd rulings have happened before—there was even a farce where, because someone didn’t wear a tie, they were judged as “not wearing a suit,” causing massive losses for many users.

The Platform’s Silent Permission for Faking

In January 2026, a user who called themself ascetic claimed that they hit 16 straight wins with $12 in principal, earning $100,000—an ROI of over 8,300x—which briefly made them a top figure in the community.

The truth, however, was that the user controlled hundreds of witch-account profiles to place random bets, packaging the accounts that happened to win as “the chosen ones.” Even more ironically, the platform’s head of growth publicly posted congratulating them—effectively hyping traffic. The underlying logic was obvious: the platform needed a “get-rich-quick” story to attract new users and earn fees, while fairness and truth were placed in a secondary position.

Insider Trading, and Chaos Appears Again and Again

Also in January 2026, a trader exploited a loophole created by low market liquidity: they first bought XRP up-contracts on Polymarket, then used a small amount of capital to pump the spot price on an exchange. After the contract settlement was triggered, they quickly exited—directly harvesting large gains from automated trading bots.

In addition, the platform has repeatedly been pulled into accusations of insider trading: suspected insiders within the U.S. government placing bets on geopolitical conflicts ahead of time, and traders gaining advance access to important information and building large positions—each earning huge profits. There was even a case where OpenAI insiders used company confidential information to place bets, and were ultimately punished.

Why Are Prediction Markets So Easy to Manipulate?

The hairdryer incident may look like a coincidence, but it actually exposes structural flaws inherent to prediction markets—its fragility does not come from on-chain code, but from the real-world environment off-chain, and from innate shortcomings in mechanism design.

1. The “Last Mile” Dilemma of Oracles

Prediction markets can achieve true decentralization: smart contracts settle automatically, funds are escrowed on-chain, transaction records are public and transparent, and no one can tamper with them. But there is one link that can never be decentralized—data input.

No matter how precise the on-chain logic is, the smart contract ultimately needs an external data source (an oracle) to tell it what “the event outcome” is. This data input step is the prediction market’s “last mile,” and also the most fragile part of the entire system. As Citrini Research found in its research on the Strait of Hormuz, public data sources often have blind spots or biases, and the prediction market’s reliance on a single data source only amplifies this risk.

The temperature sensors at Charles de Gaulle Airport are publicly accessible—people can easily approach them from public roads. Polymarket uses their readings to settle temperature contracts, essentially handing the market’s fairness to a physical device that can be easily interfered with. The logic behind it is simple: a system’s security does not depend on the strongest on-chain contracts—it depends on the weakest data input link. This is the reality prediction markets cannot avoid.

2. Manipulation Costs Are Far Lower Than the Returns

The prevalence of manipulation is, at its core, a rational choice where “profits outweigh costs”—this is not a moral issue, but a pure economics issue. We can do a quick calculation:

By contrast, in traditional gambling, manipulation costs are extremely high: bribing referees requires millions of dollars, bribing athletes requires building relationship networks over the long term, and you also have to bear severe criminal liability. But in prediction markets, manipulators only need a hairdryer, and a publicly available sensor location information—then they can easily profit. This “low investment, high return” temptation is almost impossible to resist.

3. The Natural Fragility of Low-Liquidity Markets

According to DeFiLlama data, Hyperliquid’s trading volume over the past 24 hours was about $7 billion, while the total trading volume of the entire prediction market over the past 30 days was only $20 billion—meaning Hyperliquid’s volume over three days is close to the entire prediction market’s monthly volume.

Low liquidity means small amounts of capital can significantly influence market prices, or even directly manipulate outcomes. In the hairdryer incident, manipulators did not need to fight against the entire market’s liquidity. They only needed to ensure that the temperature briefly hit the threshold before settlement, thereby locking in profits. Prediction markets also have a natural liquidity trap: most contracts are “event-driven,” active only during specific event windows. Once the event ends and contracts settle, liquidity drops to zero instantly. The 2024 U.S. election caused Polymarket’s monthly trading volume to spike to $1.9 billion, but such peaks cannot last; under normal conditions, low liquidity makes manipulation even easier.

This is also the core reason Polymarket and Kalshi announced their entry into the perpetual contracts market on the same day in April 2026—they must find a way to maintain long-term liquidity, otherwise manipulation events will only intensify.

How Can Prediction Markets Save Themselves?

After the hairdryer incident, Polymarket’s community and industry insiders proposed various improvement plans, attempting to patch the mechanism vulnerabilities of prediction markets. The following are several mainstream ideas, along with their respective pros and cons and the scenarios they fit:

1. Multi-Source Data Verification

Proposal: abandon a single data source, and select multiple sensors or data interfaces distributed across different geographies; use the average value and median as settlement references, while also adding anomaly detection algorithms to identify and exclude obviously abnormal data (such as short-term temperature spikes and sudden drops).

Pros: simple to implement, low development and operational costs; can significantly increase the difficulty of manipulation—attackers would need to interfere with multiple dispersed data sources, greatly raising their costs and risks; this is also the core idea proposed by Citrini’s research in its Strait of Hormuz survey: by cross-verifying multi-source data, it can compensate for the blind spots of a single source.

Cons: still relies on centralized data sources (such as weather stations and official APIs), so it cannot fundamentally achieve decentralization; if multiple data sources are geographically close, they may still be manipulated simultaneously; anomaly detection algorithms may be circumvented (e.g., by controlling the magnitude of manipulation and disguising it as natural fluctuation).

Applicable scenarios: physical events such as weather and temperature—situations where data sources are easy to obtain and can be verified through multiple channels.

2. Decentralized Oracle Networks

Proposal: adopt established decentralized oracle networks such as Chainlink and UMA. Multiple independent nodes separately collect and submit data. Through a consensus mechanism, abnormal values are filtered out; only data that a majority of nodes agree on can be used as the settlement basis. If nodes maliciously submit false data, they will have guarantees slashed (slashing).

Pros: truly decentralizes data sources and eliminates single points of failure; the cost for nodes to do harm is high, which can effectively curb the submission of false data; there are already mature solutions available for platforms to integrate, so they do not need to be developed from scratch. As a leading player in decentralized oracles, Chainlink has already provided data security solutions for prediction markets through an “on-chain + off-chain” coordinated model. However, governance still faces the “impossible trilemma” challenge—how to strike a balance among data objectivity, processing efficiency, and node security.

Cons: higher operating costs—the platform needs to pay service fees to oracle nodes; data submission must wait for multiple nodes to reach consensus, which increases settlement latency; for physical events like temperature and meteorological conditions, nodes still need to rely on external sensors, so they cannot completely escape reliance on real-world equipment.

Applicable scenarios: financial data (such as cryptocurrency prices, interest rates, and exchange rates), events whose APIs are available, and markets with high decentralization requirements.

3. Delayed Settlement + Community Arbitration

Proposal: after the contract settlement result is announced, set an objection period (e.g., 24 hours). If community users find data abnormalities, they can initiate challenges. The final settlement result is decided through community voting. At the same time, design reasonable incentive mechanisms to encourage users to report manipulation behavior.

Pros: introduces human judgment and can effectively identify events like hairdryer manipulation that are “technically without loopholes, but logically abnormal”; increases the chance of accountability after manipulation is discovered, reducing manipulators’ chances of getting away with it.

Cons: settlement delays affect user experience, especially for short-term traders seeking immediate profits; community voting may be manipulated by large players (see the 2025 UMA oracle manipulation incident); it requires a well-designed challenge incentive mechanism; otherwise users lack motivation to report.

Applicable scenarios: high-value contracts and highly controversial events (such as geopolitical conflict and policy changes).

4. Limit High-Risk Markets

Proposal: for events that are easy to be physically or manually manipulated (such as weather, single sports events, and personal behaviors), set betting amount limits, increase margin requirements, or directly delist such markets. Guide users toward markets that are harder to manipulate (such as financial data predictions).

Pros: directly reduces manipulation motivation—when bet limits are low, manipulation profits are limited, so manipulators naturally give up; simple to implement and does not require complex technical upgrades.

Cons: reduces market diversity and may cause user outflow, pushing some users toward unregulated gray platforms; cannot fundamentally solve manipulation problems—only passively avoid risk.

Applicable scenarios: weather, single sports events, personal behaviors, and other easily manipulated events.

Where Are the Boundaries of Prediction Markets?

The hairdryer incident is not the end of prediction markets, but a necessary pain point during the industry’s rapid development. Decentralization can resist code attacks and prevent hacking, but it cannot stop physical interference, and it cannot curb capital’s profit-seeking nature.

For prediction markets to truly mature, they must first recognize their own boundaries: clarify that standardized scenarios like financial data are suitable for prediction, while events involving physical intervention have inherent defects. Only by facing mechanism vulnerabilities head-on and improving risk controls can the industry move from wild, unchecked growth toward stability and compliance—realizing the original aspiration of aggregating collective wisdom.

The hairdryer manipulator may never be found, but the lesson they leave is worth remembering by the entire industry: at the boundary between on-chain and off-chain, security does not depend on the smartest contracts—it depends on the most fragile sensors; it does not depend on the most precise code—it depends on the most rigorous mechanism design.

This is not only an issue for prediction markets, but a shared dilemma across the entire Web3 industry: when decentralization collides with the real world, and code logic collides with physical rules, systems that are truly secure and fair may not need more complex code—but instead require humility and reverence toward reality, rules, and fairness.