Claiming to be a secure and decentralized public chain, why was Sui able to freeze the $160 million stolen by hackers?

PANews
PANews
SUI-3.02%
ETH-0.93%
USDC+0.42%

Many people are puzzled, Sui officially said that after the hacker attack@CetusProtocol the validator network coordinated to "freeze" the hacker's address, saving $160 million. How, exactly? Is decentralization a "lie"? Let's try to analyze it from a technical perspective:

The part of the cross-chain bridge transfer: After the hack is successful, some assets such as USDC are transferred to other chains such as Ethereum through the cross-chain bridge. This part of the funds is no longer recoverable, because once they leave the Sui ecosystem, there is nothing the validator can do.

The portion that is still on the Sui chain: There are also a significant amount of stolen funds that are still stored in Sui addresses controlled by the hackers. This part of the funds became the target of the "freeze".

According to the official announcement, "a large number of validators have identified the stolen funds addresses and are ignoring transactions on these addresses".

- How?

1. Transaction filtering at the validator level - simply put, validators collectively "pretend to be blind":

  • The validator directly ignores the transaction of the hacker's address during the mempool phase;
  • These transactions are technically fully valid, but they just don't give you a package on the chain;
  • The hacker's funds were thus placed under "house arrest" in the address;

2. The key mechanism of the Move object model - the object model of the Move language makes this "freezing" feasible:

  • The transfer must be on-chain: Although the hacker controls a large number of assets in the Sui address, in order to transfer these USDC, SUI and other objects, the transaction must be initiated and confirmed by the validator.
  • The validator has the power of life and death: if the validator refuses to pack, the object will never move;
  • The result: the hacker nominally "owns" the assets, but in reality has nothing to do.

It's like you have a bank card, but all ATMs refuse to serve you. The money is in the card, but you can't withdraw it. With the continuous monitoring and intervention (ATM) of SUI validators, tokens such as SUI in hacker addresses will not be able to circulate, and these stolen funds are now like they have been "burned", objectively playing a "deflationary" role?

Of course, in addition to ad-hoc coordination of validators, Sui may have a denylist feature preset at the system level. If this is the case, then the process could be that the relevant authority (such as Sui Foundation or through governance) adds the hacker's address to the system deny_list, and the validator executes the system rule and refuses to process transactions at the blacklisted address.

Whether it is ad-hoc coordination or system rule enforcement, most validators need to be able to act in unison. Obviously, Sui's validator network is still too centralized, and a few nodes can control key decisions across the network.

Sui's over-concentration of validators is not an isolated case of PoS chains - from Ethereum to BSC, most PoS networks face a similar risk of validator concentration, but Sui has exposed the problem more obviously this time.

——How can the so-called decentralized network have such a strong centralized "freezing" ability?

What's worse is that Sui officially said that he would return the frozen funds to the pool, but if it is true that the validator "refuses to package the transaction", these funds should theoretically never be moved. How did Sui get it back? This further challenges the decentralized nature of the Sui chain!

Could it be that, except for a small number of centralized validators who refuse to trade, the official even has super authority at the system level to directly modify the ownership of assets? (Sui is required to give further details of the "freezing")

Before revealing the specifics, it's worth exploring the trade-offs of decentralization:

Is it necessarily a bad thing to interfere with emergency response and sacrifice a little decentralization? If there is a hacker attack, does the entire chain do nothing, is it necessarily what the user wants?

I would say that people naturally don't want money to fall into the hands of hackers, but what makes the market even more worried is that the freezing criteria are completely "subjective": what counts as "stolen funds"? Who defines it? Where are the boundaries? Freeze hackers today, freeze who tomorrow? As soon as this precedent is opened, the core anti-censorship value of the public chain will be completely bankrupt, which will inevitably cause damage to user trust.

Decentralization is not black and white, and Sui has chosen a specific balance between user protection and decentralization. The key sticking point is the lack of transparent governance mechanisms and clear boundary standards.

Most blockchain projects are making this trade-off at this stage, but users have the right to know the truth and not be misled by the label of "fully decentralized".

Show original
The content on this page is provided by third parties. Unless otherwise stated, OKX is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.