Polymarket has emerged as a prominent prediction market platform and one of the fastest-growing applications in DeFi. To achieve low-latency trading, it adopts a hybrid architecture that matches orders off-chain but settles them on-chain for final execution. This design creates a consistency gap we call Ghost Fills: an order that is successfully matched off-chain may later fail during on-chain settlement. To understand the security implications of this gap, we investigate such failed settlements by building GHOSTHUNTER, which reconstructs them from on-chain traces and attributes to concrete attack patterns. Across 1,952,440 reverted match-order transactions, we find that attackers exploit the time gap between matching and settlement to invalidate already matched orders before they are finalized on-chain. We then identify four attack vectors from these incidents: nonce bump, balance drain, allowance revoke, and proxy trap, realized via 35 evolving variants. These vectors allow attackers to selectively revert 980,133 filled orders, enabling risk-free prediction, arbitrage-bot hunting, and liquidity reward manipulation, realizing at least \$1.49M in profit, which places \$1.78 B USD at risk and 2.17 M POL (about \$212 K) paid by operator. During peak hours, more than 24.3% of all filled orders reverted, causing de facto DoS attacks. We also find that code derived from the flawed contract still appears in 167 independent contracts across 10 chains holding at least \$23 M in user funds, extending the impact beyond Polymarket. We have disclosed our evidence to affected parties, and the issue has been partially mitigated.

翻译：Polymarket已成为知名的预测市场平台，也是DeFi领域增长最快的应用之一。为实现低延迟交易，其采用混合架构——链下撮合订单，但链上完成最终结算。这种设计导致一致性缺口，我们称之为"幽灵成交"（Ghost Fills）：链下成功撮合的订单可能在链上结算时失败。为探究此缺口的安全影响，我们通过构建GHOSTHUNTER工具，从链上交易追溯并归因具体攻击模式，对这类失败结算展开研究。在1,952,440笔回滚的撮合交易中，我们发现攻击者利用撮合与结算的时间差，在订单链上最终确认前使其失效。进而从这些案例中识别出四种攻击向量：Nonce值篡改、余额耗尽、授权撤销和代理陷阱，并衍生出35种变体。这些攻击向量使攻击者能选择性回滚980,133笔已成交订单，实现无风险预测、猎杀套利机器人、操纵流动性奖励等目的，已获利至少149万美元，同时导致17.8亿美元资金面临风险，并由运营商支付217万枚POL（约21.2万美元）。在高峰期，超过24.3%的已成交订单被回滚，构成事实上的拒绝服务攻击。此外，源自该缺陷合约的代码仍存在于10条链上的167个独立合约中，涉及至少2300万美元用户资金，使影响远超Polymarket本身。我们已向受影响方披露证据，该问题已得到部分缓解。