đš Update on the $220M Cetus hack on Sui. đš
Hereâs how they froze $162M and validatorsâ quick response prevented funds from being bridged.
@Sui and CetusProtocol are taking action to recover the remaining funds, offering a $5M bounty.
1ïžâŁ How were they able to freeze funds ?
Each Sui validator has a config file to ignore txn from specific addresses. Over â of validators by stake flagged two addresses tied to the attack, freezing $162M before the attacker could bridge more. This is a temporary emergency measure.
2ïžâŁ Freezing funds isnât unique to Suiâany validator on any blockchain can do this to manage risk or comply with laws. Sui validators acted fast on May 22 to slow the attacker, giving Cetus leverage to negotiate. Sadly, the attacker hasnât responded to outreach.
3ïžâŁ CetusProtocol proposed an on-chain vote for a protocol upgrade to return these funds to users, without rolling back chain history or reversing transactions. This aims to restore funds to liquidity providers safely.
4ïžâŁ @Sui supports the vote but will remain neutral, ensuring the Sui community decides. They require @CetusProtocol to commit all financial resources to recover all funds, including the $60M on Ethereum, where 20k ETH ($53M) was moved to a new wallet
5ïžâŁ In the efforts to get the rest of stolen funds CetusProtocol backed by @Sui offers a $5M bounty for info leading to the hackerâs arrest. A $6M white hat fee is also on the table if the hacker returns the $60M.
6ïžâŁ What are your thoughts on the steps taken by CetusProtocol & @Sui so far? Are you satisfied with their efforts to cover user losses? Comment bellow your thoughts