I've been accumulating $eth, and for the rest, I'm accumulating $sui. Give it some time, this thing could likely become the biggest entry point for the younger generation. The ecosystem is doing quite well. More and more projects are rising. I’ve given it a relatively long timeline (three years)!
A while ago, when I saw that Cetus was attacked, I was stunned. Not because it was unexpected, but because my heart sank— not out of worry for losses, but rather, would Sui also run into problems? Would my own assets be affected?
The sudden code vulnerability in Cetus caused a lot of distress for many users, but it also brought the issue of security in the Sui ecosystem back into the spotlight. It’s not hard to say that this is a problem of Cetus itself. It’s not a problem with Sui, and certainly not with the MOVE language, but rather a common array overflow. Such vulnerabilities can happen in any language and on any chain. Ultimately, it stems from a lack of systemic security awareness among protocol developers.
After the incident, the hacker’s attempts to trade on-chain assets were unsuccessful. It wasn't because Sui “forcefully froze” things, nor was it a hard fork rollback—none of that. This was a truly decentralized cooperation:
1/ Validators decided not to package the hacker’s transactions (not a command, but a consensus).
2/ Many protocols actively shut down, working together to block the hacker's further actions.
3/ No one activated any “super privileges,” the whole process was completed through collaboration.
I suddenly realized something: decentralization does not mean being indifferent; decentralization can also have responsibility and warmth. Long live!
————————————————
Currently, one of the projects worth following on Sui is @MMTFinance, which is Momentum. @MMTFinance still has some LP in it, although not much. There have been discussions about liquidity and changing pools, back and forth operations, haha. But to be honest—what really made me stay firm was their response after the Cetus attack incident.
On the day of the incident, many protocols on Sui entered “self-inspection” mode. Some directly halted, while others took measures to mitigate risks. But Momentum was the first protocol to complete its code self-inspection and resume operations. At that moment, I hesitated—should I withdraw the LP first? But when their audit report came out, I directly checked the contract comparison, and indeed, there were no issues. Looking at the on-chain data, a bunch of whales started increasing their positions. Isn’t this stable? This isn’t luck; this is solid.
In terms of security, Momentum is the most “engineered” DeFi protocol I’ve seen.
To put it simply, in the DeFi space, anyone can shout “security,” and anyone can tell a story. But what truly convinces me is Momentum’s entire set of “engineer-style security systems.”
1/ Permission Mechanism: Layered + Multi-signature
Not everyone can touch the contract; key operations are all controlled by multi-signature, making “single point accidents” impossible. Even if the front end is hacked or the server is compromised, the contract funds remain safe.
2/ Testing Coverage: Detail-Oriented
I write code myself, and I can see that their testing coverage is very comprehensive. They not only have standard unit tests, but also integration tests under extreme conditions. Vulnerabilities like the “array overflow” level seen with Cetus have long been guarded against in their testing framework.
3/ 24/7 Monitoring + One-Click Pause
It’s not like once the contract is deployed, everything is fine. Momentum is the most real-time monitored DeFi project I’ve seen. If there’s an anomaly, it directly triggers an alert, and if necessary, they can pause the protocol’s operation with one click, cutting off the attack chain.
4/ Multiple Audits: Internal and External Collaboration
Every major version upgrade must undergo multiple external audits from different teams, not just checking off with one audit company but cross-validating from multiple perspectives. If there’s a vulnerability, this method can cover it.
5/ Bug Bounty Mechanism: Co-creation instead of Closed-Door Development
They are also promoting a co-created bounty pool within the Sui ecosystem. Personally, I strongly support this; DeFi cannot rely on closed-door development. It needs the entire developer community to continuously refine it, and bounties are the best incentive.
Additionally, everyone can take note: starting from May 25, a new round of incentives is launching!! A 3x $SUI incentive from the Sui Foundation, which is three times more than the previous week!! Additionally, a 3x $Bricks incentive funded by Momentum itself, starting at one week but possibly extended.
Do you know why the project is called Momentum? It’s not a random name; it comes from Sui’s philosophy—“the force of water.” The Sui ecosystem has everything: walrus, hippos, scallops, beavers, but Momentum is the “force” that drives these lives forward. The key point: responding to security incidents in real-time has made it the only DeFi protocol that didn’t encounter issues.
It has become the platform with the deepest liquidity for SUI-USDC and suiUSDT-USDC pools on Sui, with liquidity reaching $12M and $27M respectively.
APR is as high as 297% and 21% respectively.
Let me give everyone simple steps to add LP, in case some newcomers may not know:
1/ Visit https://t.co/6cX8EXuu3t
2/ Connect your wallet (I use the okx wallet)
3/ Then + add liquidity.
Projects must withstand the test of the market. Momentum has passed the test and has also brought me high returns; this time, I’m adding some LP for long-term gains.
