Sui Network implemented an update introducing a whitelist feature as part of its fund freezing measures, following a recent Cetus decentralized exchange (DEX) hack, resulting in the loss of over $220 million in cryptocurrency.
This feature permits transactions included in the whitelist to bypass all security checks. In addition, Sui has deployed a restore module with system-level privileges and added the corresponding upgraded transaction to the whitelist, potentially preparing for the future return of stolen funds to liquidity providers.
Particularly, if fund recovery or return becomes necessary, officials can pre-construct a designated “rescue transaction” and add it to the whitelist, allowing it to bypass blacklist restrictions and execute in one step. However, the whitelist itself does not grant the ability to directly seize hacker funds–it merely allows transactions to bypass blacklist barriers.
The update cannot sign the hacker’s private key or invoke privileged Move functions but only controls blocking or releasing funds. To actually move the funds, either possession of the hacker’s private key is required or activation of the restore module with system-level privileges along with the upgraded transaction being added to the whitelist.
关于 SUI 这一手冻结的操作,我好奇研究了黑名单具体是怎么实现的,以及昨天更新的白名单补丁又要干嘛?
1. 冻结如何实现?
首先是 SUI 这条链一直就有个功能,叫做 Deny List (拒绝服务的黑名单),凡是进了黑名单的地址,节点都不执行相关的交易。… https://t.co/DuzoVYzRqT pic.twitter.com/cg7hTQ4fXS
— 0xTodd
(@0x_Todd) May 23, 2025
As part of the fund freezing measures, Sui however, initially used a blacklist function, followed later by the addition of a whitelist patch. The Sui blockchain has long maintained a feature known as the Deny List, which acts as a denial-of-service blacklist. Addresses placed on this blacklist have their associated transactions blocked by nodes. This existing functionality enabled the fast freezing of the hacker’s address during the recent incident.
According to @0xTodd user, without this feature, even with only 113 nodes, coordinating individually would have caused delays. Sui has not suddenly become a centralized network–it has operated this way at least since the blacklist feature was introduced, he highlighted in a post on social media platform X.
As, the blacklist was officially released first, and while nodes theoretically have the option to follow it or not, it is generally enforced automatically by default.
The implementation of the freezing strategy involving the whitelist function has sparked criticism among decentralization advocates, who argue that the ability to override transactions contradicts the principles of a decentralized permissionless network.
“Sui Central froze some of the money stolen by the hacker, but it cannot be withdrawn for the time being (because it involves underlying level modifications). So now we are paving the way to get this money back, but at the cost of SUI becoming more centralized,” noted the researcher @tmel0211.
很多人疑惑,Sui官方称 @CetusProtocol 被黑客攻击后,验证者网络协调"冻结"了黑客地址,挽回了1.6亿美元。究竟是如何做到的?去中心化难道是“谎言”吗?以下,从技术视角试着分析下:… https://t.co/7AvvUCujQj
— Haotian | CryptoInsight (@tmel0211) May 23, 2025
Sui Network And Cetus Freeze $160M Stolen In Hack, Offering $6M Bounty To Attacker
Following the security breach at Cetus, the Sui Network stated that its validator network coordinated efforts to freeze the hacker’s address and successfully recovered $160 million. After the attack, some of the stolen USDC and other assets were quickly moved to other blockchains, including Ethereum, via the cross-chain bridge. These assets are now beyond recovery. However, a portion of the stolen funds remains on addresses within the Sui network controlled by the attacker. These remaining funds are the focus of the freezing efforts. The official statement noted that many validators have identified the addresses associated with the stolen funds and are actively ignoring transactions involving those addresses.
Meanwhile, Cetus has announced a white hat bounty of up to $6 million, offering this reward to the exploiter for the return of 20,920 ETH, valued at over $55 million, as well as the remaining stolen funds currently held on the Sui. If the assets are returned, the exploiter may keep 2,324 ETH as a bounty and the matter will be considered resolved with no further legal, intelligence, or public actions pursued.
The post Sui Network Releases Whitelist Feature To Facilitate Recovery Of Frozen Funds Following $220M Cetus Hack appeared first on Metaverse Post.
