The Cetus Protocol decentralized exchange platform, based on Sui and Aptos, was relaunched on Sunday after recovering from a $223 million security vulnerability on May 22, which led to the restoration of the platform's full functionality and a rejuvenation of the affected pools by between 85% and 99% of their original liquidity, according to the Cetus team.
The hack, which occurred after an unknown attacker exploited an integer overflow vulnerability in a shared math library used by Cetus contracts to make a single deposited token appear as millions of dollars, was the most devastating attack on any DeFi protocol in May. However, shortly after the hack, $162 million was frozen on Sui by investigators and ultimately returned to the protocol.
The protocol announced in its statement that Cetus has now been relaunched, plugging the gaps in the affected liquidity pools with recovered funds, its full cash reserves of $7 million, and a $30 million USDC loan from the Sui Foundation. The recovery rate of funds for affected liquidity partners ranges from 85% to 99%; the remainder will be returned as CETUS tokens over 12 months according to a consistent unlock schedule, unless any further funds are recovered from the attacker.
Cetus announced that it has identified and fixed the security vulnerability that led to the exploit, thoroughly audited the protocol, and rebalanced all affected liquidity pools in preparation for the restart. However, assets worth tens of millions of dollars remain under the control of the hacker, who has transferred some assets to an EVM address and has begun laundering some funds through transfers to the mixing service "Tornado Cash."
Cetus wrote: "The attacker ignored our previous rule-violating offer and began attempting to launder assets - a futile and traceable act." "We are fully confident that capturing him and recovering the remaining assets is just a matter of time."
An analysis conducted by blockchain security firm "SlowMist" revealed that the hacker prepared for the attack two days in advance by funding the wallet with enough gas to execute it, and even attempted to use a previous version of the exploit, which failed. The exploit only affected the Sui-based cryptocurrency pools, with the Aptos side of the protocol remaining unaffected.
SlowMist wrote: "The attacker meticulously chose the parameters and exploited the check_shlw function to gain billions of dollars in liquidity at the cost of just one token." They added: "This was an extremely advanced mathematical attack."
In the future, Cetus Protocol announced it plans to start an additional round of comprehensive audits, update the protocol's real-time monitoring system, launch a new rewards program for lawbreakers, and review its roadmap for upcoming product features.
Cetus wrote: "This restart means not just a relaunch, but a renewal."
The value of the native token of Cetus Protocol, CETUS, has fallen by approximately 44% since May 21, the day before the attack, according to CoinGecko data.