CetusRecovery
198 views
3 Discussing
Hot
Latest
On Wednesday, the $SUI validator community acted swiftly to freeze $162M in stolen funds. Here's how it unfolded:
Validators have config files that can block transactions from specific addresses.
Each validator decides independently whether to block an address, and can reverse the action at any time.
Over one-third of validators (by stake) chose to block two addresses linked to the attack — effectively freezing the funds.
This isn’t unique to Sui; any network validator can do the same to manage risk or comply with legal obligations.
Thanks to quick action, a portion of the funds — valued at $162M — was frozen before the attacker could bridge them out.
Freezing is a temporary defense to slow attacks and give victims a chance to respond. That’s exactly what happened in the Cetus exploit. Unfortunately, the attacker hasn’t replied to outreach from the team.
Today, Cetus proposed a community vote on a protocol upgrade to return the frozen funds — no chain rollback, no transaction reversals. Given the circumstances, we support a community vote under two conditions:
1. We’ll stay neutral and abstain from voting. Our role is to design a fair, transparent process that reflects the community’s voice.
2. Cetus must commit all its resources to fully recover and return funds to its customers.
More details and code coming soon.
#SuiNetwork #CryptoSecurity #DecentralizedGovernance #CetusRecovery #TrumpTariffs
Validators have config files that can block transactions from specific addresses.
Each validator decides independently whether to block an address, and can reverse the action at any time.
Over one-third of validators (by stake) chose to block two addresses linked to the attack — effectively freezing the funds.
This isn’t unique to Sui; any network validator can do the same to manage risk or comply with legal obligations.
Thanks to quick action, a portion of the funds — valued at $162M — was frozen before the attacker could bridge them out.
Freezing is a temporary defense to slow attacks and give victims a chance to respond. That’s exactly what happened in the Cetus exploit. Unfortunately, the attacker hasn’t replied to outreach from the team.
Today, Cetus proposed a community vote on a protocol upgrade to return the frozen funds — no chain rollback, no transaction reversals. Given the circumstances, we support a community vote under two conditions:
1. We’ll stay neutral and abstain from voting. Our role is to design a fair, transparent process that reflects the community’s voice.
2. Cetus must commit all its resources to fully recover and return funds to its customers.
More details and code coming soon.
#SuiNetwork #CryptoSecurity #DecentralizedGovernance #CetusRecovery #TrumpTariffs
Cetus $230M Hack: How a Math Bug Led to Massive Losses
According to Odaily, a deep analysis by SlowMist has uncovered how a hacker stole $230 million from Cetus by exploiting a math overflow vulnerability in the get_delta_a function. The flaw bypassed a protection mechanism (checked_shlw), letting the attacker manipulate parameters and trick the system into miscalculating token values.
Example :
Imagine a smart contract says:
“You give me 1 haSUI, I give you 1,000,000 USDT.”
Due to an overflow bug in the math calculation, the attacker made it seem like they only needed 1 token to receive millions in liquidity. In reality, they should have needed a huge amount. By carefully choosing the inputs, the attacker got billions in value almost for free.
Takeaway:
This is a powerful reminder that even a tiny math error in a smart contract can lead to massive losses. Overflow vulnerabilities must be taken seriously. Every calculation needs proper limits, validation, and safe coding practices to avoid this kind of disaster.
Source: Binance square.
#TrumpTariffs #HackingAlert #CetusRecovery #Cetus
Example :
Imagine a smart contract says:
“You give me 1 haSUI, I give you 1,000,000 USDT.”
Due to an overflow bug in the math calculation, the attacker made it seem like they only needed 1 token to receive millions in liquidity. In reality, they should have needed a huge amount. By carefully choosing the inputs, the attacker got billions in value almost for free.
Takeaway:
This is a powerful reminder that even a tiny math error in a smart contract can lead to massive losses. Overflow vulnerabilities must be taken seriously. Every calculation needs proper limits, validation, and safe coding practices to avoid this kind of disaster.
Source: Binance square.
#TrumpTariffs #HackingAlert #CetusRecovery #Cetus
Login to explore more contents