The hacker stole my money; can Sui seize the hacker's money? The decentralized exchange Cetus on the Sui chain was attacked by hackers due to a smart contract vulnerability, resulting in a loss of approximately 223 million dollars, of which 162 million dollars were frozen, and 60 million dollars ran away across chains.

Author: anymose |
Cetus suffered heavy losses from the hacker attack, and the Sui foundation ordered the freezing of hacker assets at the consensus layer, with even more impressive capabilities to transfer assets back to the pool!

I can understand not providing the hacker with an address to bundle transactions, but how is it possible to directly transfer the hacker's assets?

This not only subverted my understanding of Sui but also my understanding of blockchain.

Let's delve deeper!

What happened?

A brief recap for friends who just opened the elevator.

The decentralized exchange Cetus on the Sui chain was attacked by hackers due to a smart contract vulnerability, resulting in a loss of approximately 223 million dollars, of which 162 million dollars were frozen and 60 million dollars ran away across chains.

The Sui foundation acted decisively, unplugged the network cable—no, that's not an accurate description; it should be that they acted deaf and dumb. The Sui foundation coordinated verification nodes to 'blacklist' the hacker's address, not allowing this address to confirm transactions on the chain, pretending not to see, effectively suffocating it.

At this point in the story, the next routine operation would be to negotiate with the hacker, offer a bounty, and let everyone go about their business as if nothing had happened, like in 2023 Euler Finance recovered 90% of their funds through negotiation.

But a miraculous scene occurred.

Sui CPO @emanabio stated that the funds had been frozen and would soon be returned to the pool. The official Sui Twitter also reported that the Cetus team was tracking the path and would soon restore the funds to the community.

This is interesting. Just stolen and frozen, and it's confirmed that it can be returned immediately? Is this confidence derived from technology or negotiation skills? Cetus negotiated a bounty of 6 million dollars (10%), but if the hacker does not agree, according to this tone, doesn't it mean they can just transfer the money?

Why can Sui freeze assets?

This needs to first discuss Sui's governance mechanism.

Sui is a blockchain based on Delegated Proof of Stake (DPoS). Unlike PoS chains like Ethereum, it adds a D, meaning delegated verification nodes. This is very similar to a people's congress system where Sui holders delegate their votes to validators to help them vote.

Sui has a total of 150 verification nodes, which frankly is not a small number in public chains. However, some have revealed that 84% of the staking supply is controlled by the founding team. Later, the team refuted this, saying it's not that much, with 50% managed by the foundation and the team having 10%-20%, which added up... it really isn't that much, and the locked tokens are managed by third-party custodians.

From this incident, it seems that since the proportion cannot be clarified, it doesn't matter; the result has already proven that the foundation can 'unify at least 2/3 of the verification nodes in 0 minutes' and freeze the hacker's assets at lightning speed.

So how did the verification nodes freeze the hacker's assets?

The operation of DPoS is that verification nodes confirm transactions, package them, and put them on the chain. Now the verification nodes have reached a consensus, not allowing transactions to confirm for the hacker's address. In other words, aside from the 60 million dollars that ran away, the 220 million dollars worth of assets still on the Sui chain remains in the hacker's address, but they cannot operate. If they try to operate, the verification nodes will not confirm it, rendering it useless, leaving only the balance number.

Suffocate it.

To add, both Sui and Aptos use the Move language, which is an object-centered data model; assets are also objects, so it is theoretically easier to freeze, and it can even precisely freeze which assets it is.

Why freeze assets at the consensus layer?

This is a very good question! What is the consensus layer? Then we need to talk about the application layer. For example, if a child fights at school, the application layer can be understood as the child resolving it themselves, while the consensus layer would need to go to court...

The hacker stole assets, and Cetus first acted at the application layer, suspending the contract (yes, it can be suspended). Other cross-chain bridges and DEXs also intercepted and blacklisted at the application layer, but they still lost 60 million dollars to the hacker.

Generally speaking, it's better to keep quiet if you can, and if it can be resolved privately, don't go to court. Cetus and other protocols have already taken action to control, but the foundation said to prevent potential risks, without even opening a court, just called the judges and made a ruling... a global freeze.

There are no more detailed technical elements here; I can only say that either the entire Sui chain still has huge risks or the foundation is absolutely strong, protecting the asset security of the people.

The vulnerability exploited by the hacker is at the underlying level of the Move language, so other protocols on the entire chain may be at risk again. Thus, going to court, from any angle, can be understood as:

Something big has happened.

Can't the money that ran away be frozen?

The hacker exchanged 60 million dollars' worth of assets across chains for ETH and ran away, meaning that the assets are no longer on Sui's territory, and the Sui foundation can no longer manage them. Can't ETH be frozen? Theoretically, yes, it has been done before, and rollbacks have occurred, but Ethereum has developed to a point today where it has achieved 'high' decentralization, so hackers love ETH. It's like entering a no-man's land here, and various money laundering tools are particularly useful.

Isn't USDC directly freezeable? If that's the case, then hackers on the Sui chain can also ask Circle to freeze it. That's right, USDC and USDT are assets that can be centrally frozen, specifically blacklisted, preventing them from being transferred. But if you want Circle to cooperate with you, sorry, it requires a law enforcement request.

So even if the hacker switches to USDC on the Sui chain, for Cetus to ask Circle to freeze it, they would have to tear their face with the hacker, report it, and take the receipt to request it, but there's no need. Because the daddy foundation has directly frozen the entire chain; their own court can solve it.

Can verification nodes take away the hacker's money?

This is the most absurd of all absurdities.

If the verification nodes refuse to package and confirm, then at most the assets just die there, and no one can move them, leading to negotiations. But the content from the CPO and the Sui official Twitter, along with the Chinese media translations being unclear, seems to suggest that the officials have super permissions and can directly modify asset ownership.

This is really impressive. If you say you're a fast chain, I say I'm fast, you say you're insecure, I say I'm fast; that's all fine. But if you can directly manipulate asset permissions, then that just doesn't make sense.

But the reasoning lies in the details.

Sui's DPoS mechanism and the object model of the Move language support freezing and transferring assets. Validators can approve special transactions (like governance transfers) through consensus. Cetus can receive assets through Move contracts; for example, SUI or USDC objects locked in a liquidity pool can be transferred to a safe address through governance logic.

Assets are controlled by private keys, which is the bottom line. If the Sui foundation dares to break this bottom line, then run quickly; your key is no longer your coin. I think the probability of this is extremely low. Cetus can only transfer and allocate liquidity within its own contracts; after the hacker withdraws from the Cetus protocol, they are powerless.

Moreover, if they really want to transfer, it's not that simple. The hacker can completely complicate matters through various assets and multiple distributions, but none of this is meaningful because the foundation has already capped it.

Now, it's negotiation.

Under the umbrella of negotiations, there are morals, technology, law, and human affairs.

//

Has this kind of thing happened in history? Yes, it has happened exactly the same way. In 2021, a protocol on the EOS mainnet was attacked, resulting in the theft of 13 million dollars worth of EOS, and in the end, the super nodes decided to freeze the assets at the consensus level.

What happened later? It sparked a community tsunami of discussions and widespread doubts and criticisms regarding decentralization, asset security, governance transparency... In the end, Yves La Rose, the head of EOS Nation, resigned in shame.

Looking at Sui this time, the community has shown unity, and the foundation has been decisive. As of now, there have been almost no doubts voiced in the Chinese community, but I noticed that there are still quite a few foul words in the English community.

This article does not discuss the rationality, only records and analyzes the process. Your butt determines your head; if it were your own assets, you'd want a 24-hour customer service to help you chase them back. Forget about the so-called blockchain spirit; getting my money back is the most important thing.

But some things, once they are dirty, are just dirty.

This is a soft-core popular science article. Through this article, you can gain a rudimentary understanding of the following knowledge:

▰ DPoS governance process and implementation
▰ Analysis of Sui consensus layer freezing of assets
▰ Who resigned in Sui this time (not

Author: anymose | A soft-core popular science writer