🚨 Update on the $220M Cetus hack on Sui. 🚨
Here’s how they froze $162M and validators’ quick response prevented funds from being bridged.
@Sui and CetusProtocol are taking action to recover the remaining funds, offering a $5M bounty.
1️⃣ How were they able to freeze funds ?
Each Sui validator has a config file to ignore txn from specific addresses. Over ⅓ of validators by stake flagged two addresses tied to the attack, freezing $162M before the attacker could bridge more. This is a temporary emergency measure.
2️⃣ Freezing funds isn’t unique to Sui—any validator on any blockchain can do this to manage risk or comply with laws. Sui validators acted fast on May 22 to slow the attacker, giving Cetus leverage to negotiate. Sadly, the attacker hasn’t responded to outreach.
3️⃣ CetusProtocol proposed an on-chain vote for a protocol upgrade to return these funds to users, without rolling back chain history or reversing transactions. This aims to restore funds to liquidity providers safely.
4️⃣ @Sui supports the vote but will remain neutral, ensuring the Sui community decides. They require @CetusProtocol to commit all financial resources to recover all funds, including the $60M on Ethereum, where 20k ETH ($53M) was moved to a new wallet
5️⃣ In the efforts to get the rest of stolen funds CetusProtocol backed by @Sui offers a $5M bounty for info leading to the hacker’s arrest. A $6M white hat fee is also on the table if the hacker returns the $60M.
6️⃣ What are your thoughts on the steps taken by CetusProtocol & @Sui so far? Are you satisfied with their efforts to cover user losses? Comment bellow your thoughts
