Recently, the largest decentralized exchange on Sui, Cetus, was hacked for $220 million, with approximately $60 million transferred cross-chain to Ethereum. Amber Group’s security researchers shared on Twitter that the issue stemmed from a vulnerability in the Cetus protocol, which is not significantly related to the security that the MOVE language prides itself on. Moreover, Adeniyi, the product lead at Mysten Labs, also stated that $160 million had been frozen from the hackers on the validator side. This article will take you through the timeline of the incident and the dialectics of decentralization.
(Tears from the Sui community! The major DEX Cetus lost over $260 million, evaporating 83% of its TVL)
The vulnerability lies in Cetus’s own coding issues
Amber Group’s security researcher @neeksec stated on Twitter that he had identified the main cause of the Cetus incident, pointing out: “The root cause of the vulnerability originates from the type conversion from u256 to u64 in the get_amount_by_liquidity function.” However, he later corrected himself, indicating that the real issue should be in the “failure of the overflow check in the get_delta_a function.”
The function get_delta_a is responsible for calculating the amount of token A required to increase a specified amount of liquidity within a certain price range. For example, in Uniswap v3 calculations, the liquidity is first multiplied by the price range delta. The product obtained needs to be left-shifted by 64 bits. However, if the liquidity is too large and the product exceeds 192 bits, the high 64 bits will overflow and be truncated. To prevent this from happening, checked_shlw performs an overflow check before executing the shift.
The key issue in this case is that there was a coding error in the overflow check of the checked_shlw function, failing to prevent invalid large liquidity values. The attacker cleverly designed a liquidity value that led checked_shlw to return a smaller value. In the subsequent div_round calculation, utilizing the mechanism of rounding up, div_round returned 1, resulting in the required amount of token A being only 1.
The author adds:
In other words, the attacker first claimed to provide a large amount of liquidity, and the product obtained in the function exceeded the system’s settings, just like a computer can only display the first ten digits, but the final multiplication results in an eleven-digit number. Generally, such values exceeding the set limits would overflow and be truncated, requiring an overflow check before executing the shift. But it was precisely in the overflow check where the error occurred, allowing the attacker to exploit this vulnerability, requiring only a minimal amount of tokens to withdraw huge sums of funds. Therefore, this issue is unrelated to the object-oriented security claimed by the suiMOVE language.
How does Sui freeze funds? Does this mean centralization?
After the incident, Adeniyi, the product lead at Mysten Labs, immediately stated in a live broadcast that $160 million of the stolen $220 million had been frozen. This may seem like good news for Cetus, but it also raises questions about whether this action violates the principles of decentralization. However, it is essential to clarify that decentralization is not a binary black-and-white issue. In the early days of Ethereum, about 14% of the supply was hacked, leading to a hard fork proposal to recover the stolen tokens. This is also the origin of ETC (Ethereum Classic).
Independent researcher Haotian pointed out that at the time of the incident, the hacker cross-chained part of the USDC assets to Ethereum. However, most of the assets remain on the Sui chain. As for how the freezing occurred, it is essentially that the network validators collectively turned a blind eye. If a blacklisted address attempts a transaction, the validators will directly ignore it. Therefore, the network records show that the hacker still holds these assets, but they are effectively under soft custody, unable to have transactions packaged on-chain. In this regard, Damien from the Bucket protocol stated that although this approach is somewhat centralized, at least it is within the rules.
Cosine also mentioned that if hackers wanted to go all the way, they would likely still be thinking about how to bypass this freezing mechanism. It’s like having an ATM card, but the ATM refuses to provide service.
It is noteworthy that Sui’s official claim to return the frozen funds to the liquidity pool might be the more controversial part. After all, if an object-oriented public chain can directly transfer ownership of objects, it would be a significant controversy. However, Kyrie from the Typus protocol also commented in the message area that direct transfer should be impossible unless the hacker is willing to return it. For reference, Cetus is currently negotiating with the hacker, and if the hacker returns the stolen assets, they can retain around $6 million worth of Ethereum, with Cetus not pursuing further action.
Decentralization is a goal, not a starting point
Regarding the issue of decentralization, Damien stated that decentralized finance is relative; the value of DeFi does not lie in “absolute decentralization,” but in creating an open, permissionless financial experimentation environment. Compared to traditional finance, it allows more ordinary individuals to participate, whether as users or developers. This is what truly attracts us. Appropriate centralization can ensure the safety of users, developers, and investors. He also pointed out that if your only concern is whether illicit money can be transferred out, your motives are suspect.
Decentralization is a goal, not a starting point. In the future, if we hope for more institutions to enter the market, what they want is the safety of funds, not to watch $200 million being washed away without recourse. Ultimately, decentralization is not intended to self-destruct the Great Wall.
Similarly, regarding the issue of decentralization, Raccoon believes that Sui is not Ethereum; its underlying genes come from Meta’s Libra, thus the requirements for decentralization are inherently different. He pointed out that such coordinated actions differ from centralized database “rollbacks.” As long as handled properly, with public relations follow-ups and transparent procedures, they can still be understood and accepted by the community. Sui must be more decentralized than the BNB Chain but does not need to achieve the faith-based goal of being a complete “world computer.”
(Sui/Cetus ecological crisis and currency price observation: from hard injuries to resilience, 7 viewpoints at a glance)
Risk Warning
Cryptocurrency investments carry a high level of risk, and their prices can be highly volatile; you may lose all your principal. Please assess the risks carefully.