SlowMist's analysis points out that the core of the $230 million theft from Cetus lies in the overflow detection bypass vulnerability in the checked_shlw function within the get_delta_a function. This vulnerability caused a significant deviation in the system's calculation of the actual amount of haSUI that needed to be added. Due to the undetected overflow, the system misjudged the required quantity of haSUI, enabling attackers to exchange a large amount of liquid assets with only a minimal number of Tokens, thus achieving the attack.
