Layer 1 permissionless blockchain Sui Network stated that the recent incident involving the Cetus decentralized exchange (DEX) was caused by a flaw in a math library specific to Cetus, rather than any inherent vulnerability within the Sui network or the Move programming language. Despite the technical origin, the outcome for users remains unchanged. The platform emphasized the importance of adopting a comprehensive approach to ecosystem security and acknowledged the need to enhance its support in this area. Sui Network also indicated that it will highlight its current security measures and introduce additional initiatives to reinforce its commitment to helping developers safeguard their applications. As part of this effort, the network has pledged an extra $10 million toward security enhancements. This funding will be allocated to activities such as code audits, bug bounty programs, formal verification, and other methods aimed at strengthening the network’s security framework, with implementation strategies to be developed in coordination with the developer community. We’re kicking this off by committing to spend an additional $10M on security initiatives. These funds will be spent on audits, bug bounty programs, formal verification, and other ways to harden Sui — we’ll figure out the details in collaboration with our developer community. — Sui (@SuiNetwork) May 26, 2025 Cetus Unveils Incident Report Following $223M Exploit At the same time, Cetus published an exploit analysis outlining the root cause and planned mitigation steps. The issue stemmed from a misinterpretation of the left-shift operation in the integer-mate open-source library, which the CLMM contract relies on. Specifically, the checked\_shlw method should have validated whether the input was less than or equal to 2^192; however, the version in use incorrectly checked against 2^256, leading to a failure in proper overflow detection. This flaw was the primary enabler of the recent exploitation. By exploiting this error, the attacker manipulated the pool’s tick and liquidity logic, enabling the extraction of substantial funds over multiple exploit cycles. Currently, Cetus is working closely with the Sui security team and several audit firms to conduct a comprehensive re-evaluation of the updated contracts, including a collaborative audit process. CLMM pools and associated services will only be gradually reactivated once the revised contracts are fully validated. Additional audits are scheduled to begin immediately, and the platform plans to issue regular audit reports based on total value locked (TVL). Efforts to improve on-chain monitoring are also underway, including enhancements to risk management parameters and more controlled asset flow rate limits. Furthermore, efforts are currently underway in collaboration with key ecosystem stakeholders to develop a recovery plan for the impacted pools and liquidity providers, with the objective of restoring full functionality, including liquidity withdrawals, as promptly as possible. In pursuit of fully compensating users for their losses, the platform has initiated an on-chain governance vote and is requesting support from Sui validators. If approved, the proposal would facilitate the expedited return of a significant portion of affected assets to users. The platform views this measure as a step toward both financial recovery and the restoration of trust within the community. On May 22, Cetus experienced a security breach that resulted in user losses estimated at $223 million over the span of 24 hours. In response to the incident, Cetus and the Sui Foundation reported that a large portion of the compromised assets was promptly frozen through coordinated action by Sui network validators. According to information provided by the Cetus team, approximately $163 million of the affected funds were frozen on the same day the exploit occurred, with support from validators and ecosystem partners. The post Sui Network Commits $10M To Strengthen Security Measures After Cetus $223M Exploit appeared first on Metaverse Post.