Strong Belief After the Security Crisis: Why Does SUI Still Have Long-Term Rise Potential?

TL;DR

1. The Cetus vulnerability originates from the contract implementation, rather than from SUI or the Move language itself:

The attack fundamentally lies in the lack of boundary checks in the arithmetic functions of the Cetus protocol------a logical vulnerability caused by overly broad masks and shift overflows, which is unrelated to the resource security model of the SUI chain or the Move language. The vulnerability can be fixed with "a line boundary check" and does not affect the core security of the entire ecosystem.

2. The "reasonable centralization" in the SUI mechanism reveals its value in times of crisis:

Although SUI adopts features such as DPoS validator rounds and blacklist freezing, which exhibit a slight tendency toward centralization, this proved useful in responding to the CETUS incident: validators quickly synchronized malicious addresses to the Deny List and refused to package related transactions, resulting in the immediate freezing of over $160 million in funds. This is essentially a proactive "on-chain Keynesianism," where effective macro-control has a positive impact on the economic system.

3. Reflections and Suggestions on Technical Security:

Mathematics and Boundary Verification: Introduce upper and lower bound assertions for all critical arithmetic operations (such as shifts, multiplications, and divisions), and conduct extreme value fuzzing and formal verification. Additionally, there is a need to enhance auditing and monitoring: in addition to general code audits, incorporate a specialized mathematical auditing team and real-time on-chain transaction behavior detection to catch abnormal splits or large flash loans early.

4. Summary and Suggestions for the Capital Assurance Mechanism:

In the Cetus incident, SUI collaborated efficiently with the project team, successfully freezing over 160 million USD in funds and promoting a 100% compensation plan, demonstrating strong on-chain adaptability and ecological responsibility. The SUI Foundation also added 10 million USD for auditing funds to strengthen the security defenses. In the future, further advancements can be made in on-chain tracking systems, community-built security tools, decentralized insurance, and other mechanisms to improve the funding protection system.

5. The diverse expansion of the SUI ecosystem

SUI has rapidly achieved a leap from "new chain" to "strong ecosystem" in less than two years, building a diversified ecological landscape that includes stablecoins, DEX, infrastructure, DePIN, games, and multiple other tracks. The total scale of stablecoins has surpassed 1 billion USD, providing a solid liquidity foundation for the DeFi module; TVL ranks 8th globally, trading activity ranks 5th globally, and 3rd among non-EVM networks (only behind Bitcoin and Solana), demonstrating strong user participation and asset accumulation capacity.

1. A chain reaction triggered by an attack

On May 22, 2025, the leading AMM protocol Cetus deployed on the SUI network suffered a hacker attack. The attacker exploited a logic flaw related to the "integer overflow issue" to initiate precise manipulation, resulting in a loss of over 200 million dollars in assets. This incident is not only one of the largest security incidents in the DeFi space so far this year, but it has also become the most destructive hacker attack since the launch of the SUI mainnet.

According to DefiLlama data, the total value locked (TVL) across the SUI chain plummeted by over $330 million on the day of the attack, with the locked amount of the Cetus protocol evaporating by 84% in an instant, dropping to $38 million. As a result, several popular tokens on SUI (including Lofi, Sudeng, Squirtle, etc.) fell by 76% to 97% within just one hour, sparking widespread concern in the market regarding the security and ecological stability of SUI.

However, after this wave of impact, the SUI ecosystem has demonstrated strong resilience and recovery ability. Although the Cetus incident caused fluctuations in confidence in the short term, on-chain funds and user activity have not experienced a sustained decline, but rather prompted the entire ecosystem to significantly increase its focus on security, infrastructure development, and project quality.

Klein Labs will analyze the reasons behind this attack incident, the consensus mechanism of SUI nodes, the security of the MOVE language, and the ecological development of SUI, outlining the current ecological landscape of this public chain that is still in the early stages of development, and discussing its future development potential.

2. Analysis of the Causes of the Cetus Incident Attack

2.1 Attack Implementation Process

According to the technical analysis of the Cetus attack event by the SlowMist team, hackers successfully exploited a critical arithmetic overflow vulnerability in the protocol, using flash loans, precise price manipulation, and contract flaws to steal over $200 million in digital assets in a short period of time. The attack path can be roughly divided into the following three stages:

①Initiate a flash loan, manipulate the price

Hackers first used a maximum slippage flash exchange to borrow 10 billion haSUI through a flash loan, lending out a large amount of funds to manipulate the price.

Flash loans allow users to borrow and repay funds within the same transaction, only requiring payment of a fee, characterized by high leverage, low risk, and low cost. Hackers exploited this mechanism to rapidly drive down market prices and precisely control them within a very narrow range.

Then the attacker prepared to create an extremely narrow liquidity position, setting the price range precisely between the lowest quote of 300,000 and the highest price of 300,200, with a price width of only 1.00496621%.

By the above method, the hacker successfully manipulated the haSUI price using a sufficient number of tokens and huge liquidity. Subsequently, they targeted several tokens with no actual value for manipulation.

②Add liquidity

The attacker creates a narrow liquidity position, claiming to add liquidity, but due to a vulnerability in the checked_shlw function, ultimately only receives 1 token.

This is essentially due to two reasons:

1. The mask is set too wide: equivalent to a very large liquidity addition limit, resulting in the validation of user input in the contract being effectively meaningless. Hackers bypassed the overflow detection by setting abnormal parameters, constructing inputs that are always less than this limit.

2. Data overflow is truncated: When performing the shift operation n << 64 on the numerical value n, data truncation occurs because the shift exceeds the effective bit width of the uint256 data type (256 bits). The overflow part in the high bits is automatically discarded, resulting in a computation that is far lower than expected, causing the system to underestimate the amount of haSUI required for the exchange. The final calculation result is approximately less than 1, but due to rounding up, it ultimately equals 1, meaning that the hacker only needs to add 1 token to exchange for a huge amount of liquidity.

③Withdraw liquidity

Repay the flash loan and retain substantial profits. Ultimately withdraw token assets worth hundreds of millions of dollars from multiple liquidity pools.

The situation of funds loss is serious, the attack resulted in the following assets being stolen:

• 12.9 million SUI (approximately 54 million USD)

• 60 million USDC

• 4.9 million USD Haedal Staked SUI

• 19.5 million USD TOILET

• Other tokens such as HIPPO and LOFI have dropped by 75--80%, with liquidity exhausted.

2.2 The causes and characteristics of this vulnerability

The vulnerability of Cetus has three characteristics:

1. The cost of fixing is extremely low: On one hand, the fundamental cause of the Cetus incident is a flaw in the Cetus math library, not an error in the protocol's pricing mechanism or underlying architecture. On the other hand, the vulnerability is limited to Cetus itself and is unrelated to the code of SUI. The root of the vulnerability lies in a boundary condition check, and it can be completely eliminated by modifying just two lines of code; after the fix is completed, it can be immediately deployed to the mainnet, ensuring that the subsequent contract logic is complete and preventing this vulnerability.

2. High Concealment: The contract has been running smoothly for two years without any faults. The Cetus Protocol has undergone multiple audits, but no vulnerabilities were found, mainly because the Integer_Mate library used for mathematical calculations was not included in the scope of the audits.

Hackers use extreme values to precisely construct trading intervals, creating extremely rare scenarios with extremely high liquidity that trigger abnormal logic, indicating that such problems are difficult to detect through ordinary testing. These issues often lie in blind spots in people's vision, and thus have been lurking for a long time before being discovered.

3. Not a problem unique to Move:

Move excels over various smart contract languages in resource security and type checking, with built-in native detection for integer overflow issues in common scenarios. This overflow occurred because, when adding liquidity, an incorrect value was first used for the upper limit check during the calculation of the required token amount, and a bitwise operation was used instead of the conventional multiplication operation. However, if conventional addition, subtraction, multiplication, and division operations were used in Move, it would automatically check for overflow conditions, preventing such high-bit truncation issues.

Similar vulnerabilities have also appeared in other languages (such as Solidity and Rust), and are even more easily exploited due to their lack of integer overflow protection; before the updates to Solidity, the overflow checks were very weak. Historically, there have been addition overflows, subtraction overflows, multiplication overflows, etc., all caused directly by the computation results exceeding the range. For example, the vulnerabilities on the BEC and SMT smart contracts in the Solidity language were both exploited by carefully crafted parameters that bypassed the detection statements in the contract to achieve over-transfers.

3. The consensus mechanism of SUI

3.1 Introduction to SUI Consensus Mechanism

Overview:

SUI adopts a Delegated Proof of Stake framework (DeleGated Proof of Stake, abbreviated DPoS)). Although the DPoS mechanism can improve transaction throughput, it cannot provide the same high level of decentralization as PoW (Proof of Work). Therefore, the degree of decentralization of SUI is relatively low, with higher governance thresholds, making it difficult for ordinary users to directly influence network governance.

• Average number of validators: 106

• Average Epoch Cycle: 24 hours

Mechanism Process:

• Equity Delegation: Ordinary users do not need to run nodes themselves; they can participate in network security assurance and reward distribution by staking SUI and delegating it to candidate validators. This mechanism lowers the participation threshold for ordinary users, allowing them to partake in network consensus by "hiring" trusted validators. This is also a significant advantage of DPoS compared to traditional PoS.

• Representative round of block generation: A few selected validators generate blocks in a fixed or random order, which improves confirmation speed and increases TPS.

• Dynamic Election: After each voting cycle ends, a dynamic rotation is conducted to re-elect the Validator set based on voting weight, ensuring node vitality, interest consistency, and decentralization.

Advantages of DPoS:

• High efficiency: With a controllable number of block-producing nodes, the network can achieve confirmations in milliseconds, meeting high TPS requirements.

• Low cost: Fewer nodes participating in consensus significantly reduce the network bandwidth and computing resources required for information synchronization and signature aggregation. This leads to a decrease in hardware and operational costs, lower requirements for computing power, and lower costs. Ultimately, this achieves lower user transaction fees.

• High security: The staking and delegation mechanism synchronizes the cost and risk of attacks; coupled with the on-chain forfeiture mechanism, it effectively suppresses malicious behavior.

At the same time, in the consensus mechanism of SUI, a BFT (Byzantine Fault Tolerance) based algorithm is used, requiring more than two-thirds of the votes among validators to reach consensus in order to confirm a transaction. This mechanism ensures that even if a minority of nodes act maliciously, the network can still maintain secure and efficient operation. Any upgrades or major decisions also require more than two-thirds of the votes to be implemented.

Essentially, DPoS is a compromise solution to the "impossible triangle" that balances decentralization and efficiency. DPoS reduces the number of active block-producing nodes in exchange for higher performance within the context of the security-decentralization-scalability "impossible triangle." Compared to pure PoS or PoW, it sacrifices a certain degree of complete decentralization but significantly improves network throughput and transaction speed.

![Firm Belief After the Security Crisis: