Many people are puzzled, and after the Sui official said that @CetusProtocol was hacked, the validator network coordinated to "freeze" the hacker's address and save $160 million. How, exactly? Is decentralisation a "lie"? Let's try to analyse it from a technical perspective: The part of the cross-chain bridge transfer: After the hacker attack is successful, some assets such as USDC are transferred to other chains such as Ethereum through the cross-chain bridge. This part of the funds is no longer recoverable, because once they leave the Sui ecosystem, there is nothing the validator can do. The part that is still on the Sui chain: There are also a significant amount of stolen funds that are still deposited in Sui addresses controlled by the hackers. This part of the funds became the target of the "freeze". According to the official announcement, "a large number of validators have identified the stolen funds addresses and are ignoring transactions at those addresses". - How? 1. Transaction filtering at the verifier level - simply put, validators collectively "pretend to be blind": - Validators simply ignore transactions from hacked addresses during the mempool phase; - These transactions are technically fully valid, but they just don't give you a package on the chain; - The hacker's funds are thus "placed under house arrest" in the address; 2. The key mechanism of the Move object model - the object model of the Move language makes this "freezing" feasible: - The transfer must be on the chain: Although the hacker controls a large number of assets in the Sui address, in order to transfer these USDC, SUI and other objects, the transaction must be initiated and packaged and confirmed by the validator; - The validator has the power of life and death: if the validator refuses to pack, the object will never move; - Result: The hacker nominally "owns" the assets, but in reality has nothing to do about it. It's like you have a bank card, but all ATMs refuse to serve you. The money is in the card, but you can't withdraw it. With the continuous monitoring and intervention (ATM) of SUI validators, tokens such as SUI in the hacker's address will not be able to circulate, and these stolen funds are now "burned", objectively playing a "deflationary" role? Of course, in addition to the ad-hoc coordination of validators, Sui may have a denylist feature preset at the system level. If this is the case, then the process could be: the relevant authority (e.g., Sui Foundation or through governance) adds the hacker's address to the system deny_list, and the validator executes the system rules and refuses to process transactions at the blacklisted address. Whether it is ad-hoc coordination or system rule enforcement, most validators need to be able to act in unison. Obviously, Sui's validator network power distribution is still too centralised, and a few nodes can control key decisions across the network. The problem of excessive concentration of validators in Sui is not an isolated case of PoS chains - from Ethereum to BSC, most PoS networks face similar validator concentration risks, but Sui has exposed the problem more obviously this time. ——How can the so-called decentralised network have such a strong centralised "freezing" ability? What's worse is that Sui officials said that they would return the frozen funds to the pool, but if it is true that the validator "refuses to package the transaction", these funds should theoretically never be moved. How does Sui return it? This further challenges the decentralised nature of the Sui chain! Could it be that, except for a small number of centralised validators who refuse to trade, the official even has super authority at the system level to directly modify the ownership of assets? (Need Sui to give further details of "freezing") Before revealing the specifics, it's worth exploring the trade-offs of decentralisation: Is it necessarily a bad thing to interfere with emergency response and sacrifice a little decentralisation? If there is a hacker attack, does the entire chain do nothing, is it necessarily what the user wants? What I want to say is that people naturally don't want money to fall into the hands of hackers, but what makes the market even more worried is that the freezing criteria are completely "subjective": what counts as "stolen funds"? Who defines it? Where are the boundaries? Freeze hackers today, freeze who tomorrow? As soon as this precedent is opened, the core anti-censorship value of the public chain will be completely bankrupt, which will inevitably cause damage to user trust. Decentralization is not black and white, and Sui has chosen a specific balance between user protection and decentralisation. The key sticking point is the lack of transparent governance mechanisms and clear boundary standards. Blockchain projects are mostly making this trade-off at this stage, but users have the right to know the truth and not be misled by the label of 'fully decentralised'.