The Sui chain recently froze on-chain addresses suspected of hacking, triggering widespread controversy within the community. Although the intention behind this move was to maintain ecological security, it raises questions once again: How can a decentralized blockchain possess the authority for centralized operations?
In 2016, the Ethereum DAO was hacked, and a large amount of ETH was stolen. To recover the losses, Ethereum chose to hard fork, rolling back the on-chain history and returning the funds to the original holders. This led to the birth of Ethereum Classic (ETC), which adheres to the principle of "code is law," and the new Ethereum (ETH), which prioritizes the protection of user asset security. This was a significant split between technological ideals and real-world interests, foreshadowing the wavering of early Web3 ideals.
What Sui is doing today mirrors what happened back then. The project team forcibly froze the hacker's address through on-chain upgrades and emergency governance powers. While this approach can indeed stop losses, it also indicates that the so-called "immutable" and "permissionless" blockchain is willing to yield in the face of reality.
More concerning is that this "governance-first" approach is becoming an industry trend. Many new chains have built-in "freeze mechanisms," and some project teams even retain "backdoor permissions" for emergency interventions. In the context of increasing regulatory pressure and capital-driven narratives, the ideals of Web3 being "anti-censorship and anti-control" are becoming increasingly blurred.
The issue is not whether we should combat hackers, but whether the methods used to combat them violate the principles of decentralization. Once on-chain power becomes centralized in a foundation or core team, will we see situations in the future where "political dissenters are frozen" or "specific funding uses are blocked"? When we rely on human review to maintain "justice," we are no longer in a decentralized system, but rather a traditional governance structure cloaked in the guise of Web3.
Today’s chains are becoming more like banks, and project teams are increasingly resembling governments. The boundaries of Web3 are rapidly retreating, transforming into a "centralized, controllable, visually appealing, token-adorned" Web2.5 system.
We must be vigilant: when blockchains can freeze your assets and roll back your transactions, can it still be called "decentralized"?
The Sui incident is not an isolated case, but a signal: Web3 is quietly moving towards a future that is "regulatable and controllable." This future may be safer and more "compliant," but it is drifting further away from the freedom, transparency, and anti-censorship that we originally sought.
