The Decentralization Dilemma: Hackers Steal Money, So Can Sui Rob It?

ForewordThis

event is a victory for capital, not users, and it is a regression for the development of the industry.

Bitcoin to the left, Sui to the right, and every industry move that shakes up decentralization brings a stronger belief in Bitcoin.

The world needs not just a better global financial infrastructure, but a group of people who will always need freedom.

Once upon a time, the alliance chain was more prosperous than the public chain, because it met the regulatory needs of that era, and now the decline of the alliance actually means that it simply complies with this demand, not the needs of real users.

1. Background

On May 22, 2025, Cetus, the largest decentralized exchange (DEX) in the Sui public chain ecosystem, was attacked by hackers, causing a sharp drop in liquidity and the collapse of multiple trading pairs, with a loss of more than $220 million.

As of press time, the timeline is as follows:

On the morning of May 22, hackers attacked Cetus to extract $230 million, Cetus urgently suspended the contract, and announced

on the afternoon of May 22, hackers transferred about $60 million across chains, and the remaining $162 million was still in the Sui chain address, and the Sui validator node quickly took action to add the hacker address to the "Deny List" and freeze the funds

On the evening of May 22, Sui CPO @emanabio tweeted to confirm: The funds have been frozen, and the return will start soon

May 23, Cetus began to fix the vulnerability and update the

contractMay 24, Sui opened source PR, explaining that the funds will be recovered through the aliasing mechanism and whitelist

On May 26, Sui started the on-chain governance vote,

On May 29, the voting results were announced, and more than 2/3 of the validator nodes were supported by the weight of the proposed protocol upgrade and the transfer of hacked assets to the escrow address; The protocol upgrade is ready to be executedFrom

May 30th to early June, the protocol upgrade takes effect, the specified transaction hash is executed, and the hacked assets are "legally transferred"

2.

Instantly dropped the price of the trading pool by

99.90%. This huge sell order brought the target pool price down from about 1.8956×10^19 to 1.8425×10^19, almost bottoming out.

Subsequently, the attacker creates a liquidity position on Cetus with an extremely narrow range (Tick lower limit of 300000, upper limit of 300200, and the width of the interval is only 1.00496621%). Such a narrow interval amplifies the impact of subsequent calculation errors on the number of tokens required.

The core principle of the attack

is that there is an integer overflow vulnerability in the get_delta_a function used by Cetus to calculate the required number of tokens. The attacker deliberately stated that he wanted to add a huge amount of liquidity (about 10^37 units), but in fact only put 1 token into the contract.

Due to the wrong overflow detection condition of checked_shlw, the contract was truncated at a high level when the left shift calculation, which caused the system to seriously underestimate the amount of haSUI required, thus exchanging a huge amount of liquidity for a very small cost.

Technically, the above vulnerability stems from Cetus' use of incorrect masks and judgment conditions in the Move smart contract, resulting in any value less than 0xffffffffffffffff << 192 being able to bypass detection; After moving 64 bits to the left, the high-level data is truncated, and the system only charges a very small number of tokens to consider that it has gained a lot of liquidity.

After the event, two official operations were derived: "freezing" vs "recovery", which is two stages:

freezing phase is completed by Deny List + node consensus;

In the clawback stage, on-chain protocol upgrade + community voting + designated transaction execution is required to bypass the blacklist.

3. Sui's freezing mechanismThere

is a special Deny List (denial list) mechanism in the Sui chain, which realizes the freezing of hacker funds. Not only that, but Sui's token standard also has a "regulated token" model with a built-in freezing function.

This emergency freeze takes advantage of this feature: validator nodes quickly add addresses related to stolen funds in their local configuration files. Theoretically, each node operator can modify the TransactionDenyConfig to update the blacklist on their own, but in order to ensure network consistency, the Sui Foundation has centralized coordination as the original configuration publisher.

The Foundation first officially released a configuration update containing the hacker's address, and the validator took effect synchronously according to the default configuration, so that the hacker's funds were temporarily "sealed" on the chain, which actually has a high degree of centralization behind it,

in order to rescue the victim from the frozen funds, the Sui team immediately launched a patch for the Whitelist mechanism.

This is for subsequent transfers back of funds. Legitimate transactions can be constructed in advance and registered on the whitelist, even if the fund address is still on the blacklist, it can be enforced.

This new feature transaction_allow_list_skip_all_checks allows specific transactions to be pre-added to the "censorship" so that they can skip all security checks, including signatures, permissions, blacklists, and more.

It is important to note that whitelisting patches do not directly steal hacker assets; It only gives certain transactions the ability to bypass the freeze, and the real asset transfer still needs to be done with a legal signature or additional system permission module.

In fact, the mainstream freezing scheme in the industry often occurs at the token contract level, and is controlled by the issuer for multi-signature.

Taking the USDT issued by Tether as an example, its contract has a built-in blacklist function, and the issuing company can freeze the offending address so that it cannot transfer USDT. This scheme requires multisig to initiate a freezing request on the chain, and the multisig is agreed before it is actually executed, so there is an execution delay.

Although the Tether freezing mechanism is effective, statistics show that there is often a "window period" in the multisig process, leaving opportunities for criminals.

In contrast, Sui's freeze occurs at the underlying protocol level, is collectively operated by validator nodes, and is executed much faster than normal contract calls.

In this model, to be fast enough, it means that the management of these validator nodes themselves is highly uniform.

3. Sui's "transfer recycling" implementation principle

is even more amazing is that Sui not only froze the hacker's assets, but also planned to "transfer and recover" the stolen funds through on-chain upgrades.

On May 27, Cetus proposed a community vote to upgrade the protocol to send frozen funds to a multisig custodial wallet. The Sui Foundation then initiated an on-chain governance vote.

On May 29, the results of the vote were announced, and about 90.9% of the validators supported the scheme. Sui officially announced that once the proposal is approved, "all funds frozen in the two hacker accounts will be recovered to a multisig wallet without the hacker's signature".

There is no need for a hacker to sign, which is such a difference that there has never been such a fix in the blockchain industry.

As can be seen from Sui's official GitHub PR, the protocol introduces an address aliasing mechanism. The upgrade includes pre-specifying alias rules in ProtocolConfig so that certain permitted transactions can be treated as if the legitimate signature was sent from a hacked account.

Specifically, a hashlist of rescue transactions to be executed is tied to a destination address (i.e., a hacker address), and any executor who signs and publishes a summary of these fixed transactions is considered to have initiated the transaction as a valid hacker address owner. For these specific transactions, the validator node system bypasses the Deny List check.

At the code level, Sui adds the following judgment to the transaction validation logic: when a transaction is blocked by the blacklist, the system iterates through its signer to check whether protocol_config.is_tx_allowed_via_aliasing(sender, signer, tx_digest) is true.

As long as a signer satisfies the alias rule, that is, the transaction is allowed to pass, the previous interception error is ignored and the normal package execution continues.

4.

160 million views, tearing apart is the industry's deepest underlying belief

Cetus event, from the author's personal point of view, this may be the turmoil will pass soon, but this model will not be forgotten, because he subverted the foundation of the industry, and also broke the traditional consensus that the blockchain cannot be tampered with under the same set of ledgers.

In blockchain design, the contract is the law, and the code is the referee.

But in this case, the code failed, governance intervened, and power overrode the pattern, forming a pattern of voting behavior ruling code results".

This is because Sui's direct appropriation of transactions is very different from the handling of hackers on mainstream blockchains.

This is not the first time that consensus has been tampered with, but it is the most silent in

history:

Ethereum's 2016 The DAO incident used a hard fork to roll back the transfer to make up for losses, but this decision led to the split of the two chains, Ethereum and Ethereum Classic, the process was highly controversial, but in the end, different groups formed different consensus beliefs.

The Bitcoin community has experienced similar technical challenges: the 2010 value spillover vulnerability was urgently fixed by developers and the consensus rules were upgraded, completely erasing some 18.4 billion illegally generated bitcoins.

It's the same hard fork model, rolling back the ledger to the point where it was before the problem, and then the user can still decide which ledger system to continue using under the issue.

Compared with the DAO hard fork, Sui did not choose to split the chain, but targeted this event accurately by upgrading the protocol and configuring aliases. In doing so, Sui keeps the chain continuity and most of the consensus rules unchanged, but also shows that the underlying protocol can be used to implement targeted "rescue operations".

The problem is that historically, the "forked rollback" is a user's choice of beliefs; Sui's "protocol correction" is that the chain makes the decision for you.

Not Your Key, Not Your Coin？ I'm afraid not anymore

In the long run, this means that the idea of "Not your keys, not your coins" is dismantled on the Sui chain: even if the user's private key is intact, the network can still block the flow of assets and redirect assets through collective agreement changes.

If this becomes a precedent for blockchain to respond to large-scale security incidents in the future, it is even considered to be a practice that can be followed again.

"When a chain can break rules for justice, it has a precedent for breaking any rules."

Once there is a success of "public welfare money grabbing", the next time it may be the operation of the "moral ambiguity",

so what will happen?

The hacker did steal the user's money, so can the crowd vote rob him of his money?

Vote based on whose money is more (pos) or more people? If the one with more money wins, then Liu Cixin's final producer will come soon, and if the one with more people wins, then the group rabble will also be loud.

Under the traditional system, it is very normal for illegal gains to be unprotected, and freezing and transferring are the routine operations of traditional banks.

But the fact that this cannot be done technically is not the root of the development of the blockchain industry.

Now the stick of industry compliance is continuing to ferment, today you can freeze for hackers and modify the account balance, then tomorrow you can do arbitrary modifications for geographical factors and contradictory factors. If the chain becomes part of the regional tool.

The value of that industry has been greatly reduced, and at best it is a more difficult financial system.

This is also the reason why the author is firmly in the industry: "Blockchain is not valuable because it cannot be frozen, but because even if you hate it, it will not change for you." "

With the general trend of regulation, can the chain keep its soul?

Once upon a time, the alliance chain was more prosperous than the public chain, because it met the regulatory needs of that era, and now the decline of the alliance actually means that it simply complies with this demand, not the needs of real users.

From the perspective of industry development

, efficient centralization", is it a necessary stage for the development of blockchain? If the ultimate goal of decentralization is to protect the interests of users, can we tolerate centralization as a means of transition? The

word "democracy", in the context of on-chain governance, is actually token weighted. So if a hacker holds a large amount of SUI (or one day the DAO is hacked and the hacker controls the votes), can they also "legally vote to whitewash themselves"?

In the end, the value of blockchain is not whether it can be frozen, but whether the group chooses not to do so even if it has the ability to freeze.

The future of a chain is not determined by the technical architecture, but by the set of beliefs it chooses to protect.