On Wednesday, the $SUI validator community acted quickly to freeze $162M of the stolen funds. Here’s how that happened:

- Each validator has a configuration file that allows it to ignore transactions from a specific address.

- Adding addresses to this file is at the discretion of each individual validator, and can be reversed at any time.

- More than ⅓ of validators by stake chose to ignore transactions from the two addresses they believed to be connected to the attack, effectively freezing the funds.

- The ability of an individual validator to ignore transactions from a specific address is not unique to Sui–any validator in any network can choose to do this, such as to operate within their individual risk tolerance or to comply with law.

- Sui validators acted quickly enough to freeze some (but not all) of the stolen funds, worth approximately $162M at the time of the freeze, before the attacker attempted to bridge them out.

- Freezing is intended as a temporary, emergency measure to slow down an attack and give the victim leverage to negotiate with the attacker. It served precisely this purpose in the Cetus attack. Unfortunately the attacker has not responded to outreach from the Cetus team.

Earlier today, Cetus called for a community vote on a protocol upgrade to return the frozen funds, without rolling back chain history or reversing transactions.

This is an extraordinary request in response to extraordinary need–Cetus’s customer funds are at stake. After consideration, we support their call for an on-chain vote on two conditions:

1) We will abstain from the vote and remain neutral on the outcome – our role is to design and facilitate a process that will reflect the will of the Sui community at large.

We will share design details and code soon.

2) Cetus must publicly commit to marshalling all of its financial resources to recover all funds and return them to customers until everyone has been made whole.