{"id":1045,"date":"2025-05-27T12:01:05","date_gmt":"2025-05-27T12:01:05","guid":{"rendered":"https:\/\/bitunikey.com\/news\/cetus-dex-releases-post-mortem-outlines-recovery-plan-following-223m-exploit\/"},"modified":"2025-05-27T12:01:07","modified_gmt":"2025-05-27T12:01:07","slug":"cetus-dex-releases-post-mortem-outlines-recovery-plan-following-223m-exploit","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/cetus-dex-releases-post-mortem-outlines-recovery-plan-following-223m-exploit\/","title":{"rendered":"Cetus DEX releases post-mortem, outlines recovery plan following $223M exploit"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Cetus, a leading decentralized exchange on the Sui network, has published a detailed post-mortem report following a $223 million exploit that targeted its concentrated liquidity market maker pools on May 22.<\/p>\n<p>In its May 26 incident <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/cetusprotocol.notion.site\/Cetus-Incident-Report-May-22-2025-Attack-Disclosure-1ff1dbf3ac8680d7a98de6158597d416\" target=\"_blank\">report<\/a>, Cetus explained that the attack was caused by a vulnerability in an open-source library used in its smart contracts.\u00a0The hacker exploited a flaw in the platform\u2019s liquidity management system, which controls how users add and remove tokens from trading pools.<\/p>\n<p>The attacker used a feature called a flash swap, a kind of instant loan that lets users borrow tokens as long as they pay them back in the same transaction. Flash swaps were used to distort pool prices, add fake liquidity using only a small number of tokens, and then withdraw large amounts of real tokens over several rounds, draining multiple pools in the process.<\/p>\n<p>Cetus explained that the root of the problem was an error in a third-party code library, where the system incorrectly checked for potential overflows, meaning it didn\u2019t properly limit extremely large numbers.\u00a0<\/p>\n<p>\u201cThis issue has nothing to do with the MAX_U64 arithmetic bug flagged in previous audits,\u201d Cetus clarified, addressing community confusion. \u201cThe root cause was a faulty left-shift overflow check that incorrectly validated values beyond safe limits.\u201d<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<p>The Cetus team detected strange activity within 10 minutes of the hack and quickly paused trading. They also contacted Sui (SUI) validators who voted to freeze the attacker\u2019s wallets. This action stopped roughly $162 million of stolen funds from being moved off the network. However, the rest was already bridged to Ethereum (ETH).<\/p>\n<p>Cetus said it will now re-audit its contracts, improve its monitoring systems, and roll out a plan to help users recover lost funds. It\u2019s also working with ecosystem partners on a liquidity recovery plan and has urged Sui validators to support on-chain votes aimed at helping users recover funds.<\/p>\n<p>The incident caused a drop in total value locked on the Sui network, from $2.13 billion to around $1.92 billion. CETUS, the platform\u2019s token, fell by 40%, and the loss of liquidity briefly caused USD Coin (USDC) to lose its dollar peg.<\/p>\n<p>Some community members praised the quick response from Sui validators, while others raised concerns that the ability to freeze wallets shows a lack of decentralization. Cetus has also reached out to the hacker with a $6 million \u201cwhite hat\u201d bounty, inviting them to return the funds, keep the reward, and avoid legal action.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Cetus, a leading decentralized exchange on the Sui network, has published a detailed post-mortem report following a $223 million exploit that targeted its concentrated liquidity market maker pools on May&hellip;<\/p>\n","protected":false},"author":1,"featured_media":1046,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1045","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/1045","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=1045"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/1045\/revisions"}],"predecessor-version":[{"id":1047,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/1045\/revisions\/1047"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/1046"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=1045"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=1045"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=1045"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}