Jessy, Jinse Finance
On May 22, the Sui ecosystem DEX Cetus was hacked, resulting in the theft of $223 million. Of this, only $60 million was exchanged into ETH via cross-chain bridges into the hacker's pocket, while the remaining $162 million was frozen by the Sui Foundation coordinating with nodes.
On May 27, the community vote was launched to 'decide whether to implement a protocol upgrade to recover funds frozen in accounts controlled by hackers.' Ultimately, the protocol upgrade was realized, successfully recovering $162 million.
The Sui Foundation's rapid response to this theft incident and the swift implementation of solutions have sparked significant controversy within the community. On one hand, it has recovered most of the funds, safeguarding the interests of the affected users. On the other hand, the method of recovery forced a modification of asset ownership through node consensus, marking the first time 'keyless asset transfer' has been achieved at the public chain level.
In the face of user interests, this so-called 'bold' operation that goes against the 'spirit of decentralization' has been overlooked.
How is keyless asset transfer achieved?
On May 22, the Sui ecosystem DEX Cetus was attacked by hackers due to a low-level coding error, resulting in a loss of $223 million. After the incident, $162 million of the stolen funds were frozen by the Sui Foundation coordinating with verification nodes.
On May 27, the Sui Foundation initiated a community vote aimed at deciding whether to implement a protocol upgrade to recover funds frozen in accounts controlled by hackers. Ultimately, within 48 hours, 114 nodes voted, with 103 participating in the voting process, resulting in 99 votes in favor, 2 against, and 2 abstentions, achieving a high approval rate of 90.9%.
Through proposals, it is indicated that the Sui protocol upgrade will allow a specific address to represent the hacker address for two transactions to facilitate the recovery of funds. These transactions will be designed and announced after the recovery address is finalized. The recovered assets will be stored in a multi-signature wallet controlled by Cetus, the Sui Foundation, and a trusted auditor OtterSec within the Sui community.
In terms of protocol upgrade, the feature of address aliasing was introduced. Specifically, rules were predefined at the protocol level: disguising certain governance operations as 'legitimate signatures from hacker accounts', and then verifying that nodes recognize the forged signatures after the upgrade, thereby legitimizing the transfer of frozen funds. This allows for the forced modification of asset ownership through node consensus without touching private keys (similar to a central bank freezing a bank account and transferring funds).
But how was the initial freezing of assets achieved? Sui itself supports the Deny list (freeze list) and Regulated tokens (regulated tokens) functions, and this time it directly called the freezing interface to lock the hacker's address.
The technical hidden dangers of intervention by the powerful remain.
Although this action has recovered most of the frozen assets, it inevitably raises concerns, as the protocol upgrade forcibly modified asset ownership through node consensus, indicating that Sui officials can replace any address to sign and thus transfer out the assets within.
What constrains the Sui officials from doing this is not the smart contract code, but the voting power of the nodes. And who holds the results of the node voting? It is simply the large nodes controlled by the foundation with capital! This means that stakeholders of Sui have the greatest say, and even voting is merely a formality.
The user's private key is no longer the absolute proof of asset control; as long as the node consensus agrees, the protocol layer can directly override private key permissions.
On the other hand, this has achieved an efficient recovery of assets. Thanks to Sui's built-in regulatory functions, assets were quickly frozen, allowing for swift loss mitigation. The voting was completed within 48 hours, and the protocol upgrade was implemented.
However, in my opinion, the address aliasing feature sets a dangerous precedent—allowing the protocol layer to forge any address's 'legitimate operations', which lays the technical groundwork for powerful intervention.
The series of operations in recovering funds by Sui is merely a choice made by the public chain to prioritize user interests when they conflict with the principles of decentralization. For both users and Sui, it seems that whether it violates the principles of decentralization is no longer important, as they can always respond to criticism by saying it was decided by 'voting'.#加密市场回调 #币安HODLer空投PLUME
BTH BTC ETH
