Cetus – the largest decentralized automated market maker (AMM) in the Sui ecosystem – was stolen over 200 million USD yesterday due to an arithmetic precision error in the source code, allowing attackers to create fake liquidation.
Two hours after the attack, Cetus posted an announcement:
"Currently, it has been confirmed that an attacker has stolen approximately 223 million USD from the Cetus protocol. The development team has locked the contract to prevent further damage and has frozen 162 million USD of that. We are working with the Sui Fund and ecosystem members to find the next solution with the goal of recovering the remaining assets. Most of the affected funds have been frozen, and we are working to restore the remaining amounts. A detailed report on the incident will be published later."
However, it should be noted that the term used here is "frozen", not "recovered". In other words, it is still unclear whether these funds can be recovered to compensate users.
Except for the assets that the hacker has transferred to Ethereum and converted to over 20,000 ETH (equivalent to about 60 million USD), most of the stolen funds remain in the hacker's wallet on the Sui chain. This "freezing" is essentially a consensus action among validators on the Sui network – they collectively "ignore" those addresses.
Objectively, this action has violated the principle of "censorship resistance" in the decentralized world and is a highly controversial, centralized measure.
How to "recover" funds after they have been frozen? The founder of Sui stated that if recoverable, the funds would be returned to Cetus's liquidity pools. However, to do this, assets need to be transferred from the hacker's address without the hacker's signature. Is this feasible?
In fact, a Solayer engineer named Chaofan said: The Sui team requested validators to implement a "bug fix" code that allows fund recovery without the hacker's signature. This is clearly a centralization act that has sparked controversy in the community – as it means assets can be transferred out of a wallet without the owner's signature.
(Note: Sui validators responded that they have not received such a "request", and Chaofan later clarified that the recovery code has not been implemented.)
However, this is clearly a special case that must be addressed, and it shows that the Sui network still has an "emergency switch". The reason Sui can act this way is that currently, there are only over 100 validators, mostly organizations with good relationships with the Sui Fund – making coordination easy. (To become a Sui validator, one needs to hold or raise over 10 million SUI for staking – something only financial institutions can typically do.)
Cetus is the largest AMM in the Sui ecosystem, and its liquidity pools contain the savings and survival assets of many users. Additionally, most project tokens on Sui also use Cetus's pool as their primary liquidity – if liquidity is withdrawn, projects will suffer heavy losses. Recovering the stolen funds is necessary to protect Sui's young DeFi ecosystem.
If you choose to "ignore" all the stolen funds just to maintain "absolute decentralization", you would be like those who chose to stay with Ethereum Classic (ETC) after Ethereum's hard fork due to the DAO incident. I agree with the view: decentralization is the goal, not the starting point. If I need absolute decentralization, I would use Ethereum. For now, I am satisfied that Sui can help affected users on Cetus recover their assets.
