Firm Belief After the Security Crisis: Analysis of SUI's Long-term Rise Potential

1. A chain reaction triggered by an attack

On May 22, 2025, the leading AMM protocol Cetus on the SUI network was hacked, resulting in a loss of over $200 million in assets. This incident is one of the largest security incidents in the DeFi space this year and is the most destructive hack since the launch of the SUI mainnet.

On the day of the attack, the total TVL of SUI plummeted by over $330 million, and the locked amount in the Cetus protocol evaporated by 84% in an instant. Several popular SUI tokens fell by 76% to 97% within just one hour, raising widespread concerns in the market about the security and ecological stability of SUI.

However, after the shockwave, the SUI ecosystem has demonstrated strong resilience and recovery capability. Although it brought fluctuations in confidence in the short term, on-chain funds and user activity did not experience a sustained decline; instead, it has significantly raised the entire ecosystem's attention to security, infrastructure development, and project quality.

2. Analysis of the Causes of the Cetus Incident Attack

2.1 Attack Implementation Process

Hackers exploited a critical arithmetic overflow vulnerability in the protocol, using flash loans, precise price manipulation, and contract flaws to steal over $200 million in digital assets in a short period. The attack path can be divided into three stages:

1. Initiate a flash loan to manipulate the price
2. Add liquidity
3. Withdraw liquidity

The situation of capital loss is severe, leading to the theft of the following assets:

• 12.9 million SUI (approximately 54 million USD)
• 60 million USDC
• 4.9 million USD Haedal Staked SUI
• 19.5 million USD TOILET
• Other tokens such as HIPPO and LOFI have dropped by 75-80%, with liquidity exhausted.

2.2 The causes and characteristics of this vulnerability

The recent vulnerability of Cetus has three characteristics:

1. The cost of fixing is extremely low: only two lines of code need to be modified to completely eliminate the risk.

2. High concealment: The contract has been running smoothly without any failures for two years since its launch, with multiple audits finding no vulnerabilities.

3. Not a problem unique to Move: Similar vulnerabilities have also appeared in other languages such as Solidity and Rust.

3. The consensus mechanism of SUI

3.1 Introduction to the SUI Consensus Mechanism

SUI adopts a Delegated Proof of Stake (DPoS) framework, with an average number of validators being 106 and an average Epoch cycle of 24 hours.

Advantages of DPoS:

• High efficiency: The network can achieve confirmation in milliseconds, meeting high TPS requirements.
• Low cost: Fewer nodes participate in the consensus, reducing hardware and operational costs.
• High security: The staking and delegation mechanisms amplify the cost and risk of attacks.

3.2 The performance of SUI in this attack

SUI quickly froze the addresses related to the attacker, preventing transfer transactions from being packed on-chain. The built-in deny list mechanism of SUI played a key role.

The blacklist feature is essentially an additional layer of security protection, which is fundamentally a security assurance mechanism. SUI is currently also working to strengthen decentralization by implementing the SIP-39 proposal to gradually lower the access threshold for validators.

4. The Technical Moat of Move Language

The Move language, with its resource model, type system, and security mechanisms, is gradually becoming an important infrastructure for the new generation of public blockchains.

1. Clear ownership of funds, naturally isolated permissions.
2. Language-level protection against reentrancy attacks
3. Automatic Memory Management and Resource Ownership Tracking
4. The structure is derived from Rust, providing stronger safety and readability.
5. Lower gas costs and higher execution efficiency

5. Thoughts and Suggestions on SUI Attack Events

5.1 Hacker Attack

1. The mathematical boundary conditions must be strictly analyzed.
2. Complex vulnerabilities require professional mathematical auditing
3. Raise the review standards for projects that have been attacked.
4. Strict boundary checking for cross-type numeric conversion
5. The enormous damage caused by "dust attacks"
6. Strengthen the real-time monitoring and response capabilities against hacker activities.

5.2 On-chain fund security assurance and emergency response

SUI's response mechanism:

1. Validator nodes are interconnected, promptly blocking hacker addresses.
2. Audit Subsidies and On-chain Security Enhancement
3. The collaborative response between Cetus and SUI

Reflection on the safety of user funds:

1. On-chain fund recovery methods
2. Community co-construction, improving the security tracking mechanism
3. Introduce insurance compensation to ensure fund safety

6. The Continually Flourishing SUI Ecosystem: Beyond DeFi, Everything Rises

SUI currently leads the Move series public chains, maintaining a leading position in terms of TVL, developer activity, and ecosystem development.

As of now, the SUI network TVL is approximately 1.6 billion USD, and the average daily trading volume of DEX remains around 300 million USD. SUI ranks 8th in total chain TVL and 3rd among non-EVM chains; in terms of on-chain trading activity, SUI ranks 5th globally and 3rd among non-EVM networks.

SUI ecosystem main projects:

DeFi Protocol:

• Navi Protocol
• Bucket Protocol
• Momentum
• Bluefin
• Haedal Protocol

RWA:

• Artinals

DePIN & AI:

• Walrus Protocol

The SUI ecosystem is growing at an astonishing rate, attracting a large number of developers, users, and capital with its unique technological architecture and rich application scenarios. As more mainstream exchanges increase their support for the SUI ecosystem, SUI is expected to further solidify its industry position as a "gaming chain" and diversified application platform, opening a new chapter in ecological development.