Firm Belief After the Security Crisis: Why SUI Still Has Long-Term Rise Potential?

1. A Chain Reaction Triggered by an Attack

On May 22, 2025, the leading AMM protocol Cetus on the SUI network was hacked, resulting in a loss of over $200 million in assets. This is not only one of the largest security incidents in the DeFi space so far this year, but also the most destructive hack since the launch of the SUI mainnet.

On the day of the attack, the total value locked (TVL) across the SUI blockchain plummeted by over $330 million, with the locked amount in the Cetus protocol evaporating by 84% in an instant. Several popular SUI tokens experienced a drop of 76% to 97% within just one hour, triggering widespread concern in the market regarding the security and ecological stability of SUI.

However, after the shockwave, the SUI ecosystem has demonstrated strong resilience and recovery capability. Although it has caused fluctuations in confidence in the short term, on-chain funds and user activity have not experienced a sustained decline; instead, it has significantly increased the entire ecosystem's focus on security, infrastructure development, and project quality.

2. Analysis of the Causes of the Cetus Incident Attack

2.1 Attack Implementation Process

According to the analysis by the Slow Mist team, hackers exploited a critical arithmetic overflow vulnerability in the protocol, utilizing flash loans, precise price manipulation, and contract flaws to steal over $200 million in digital assets in a short period of time. The attack path is divided into three stages:

1. Initiate a flash loan to manipulate the price
2. Add Liquidity
3. Withdraw liquidity

The attack resulted in the theft of the following assets:

• 12.9 million SUI (approximately 54 million USD)
• 60 million USDC
• 4.9 million USD Haedal Staked SUI
• 19.5 million USD TOILET
• Other tokens such as HIPPO and LOFI have fallen by 75-80%, liquidity has dried up.

2.2 The causes and characteristics of this vulnerability

The vulnerability of Cetus has three characteristics:

1. The cost of fixing is extremely low: only two lines of code need to be modified to completely eliminate the risk.

2. High concealment: The contract has been running smoothly for two years with zero faults, and multiple audits have not found any vulnerabilities.

3. Not a problem unique to Move: Similar vulnerabilities have also appeared in other languages (such as Solidity, Rust).

3. The consensus mechanism of SUI

3.1 Introduction to SUI Consensus Mechanism

SUI adopts a Delegated Proof of Stake (DPoS) framework, with an average of 106 validators and an average Epoch cycle of 24 hours.

Advantages of DPoS:

• High efficiency: The network can achieve confirmation in milliseconds, meeting high TPS requirements.
• Low cost: Fewer nodes participating in the consensus, reduced hardware and operational costs.
• High security: The staking and delegation mechanism synchronizes the increase of attack costs and risks.

3.2 The performance of SUI in this attack

3.2.1 Operation of the Freezing Mechanism

SUI quickly froze the addresses related to the attacker, preventing transfer transactions from being packed on-chain. The built-in deny list mechanism of SUI played a key role.

3.2.2 Who has the authority to change the blacklist?

TransactionDenyConfig is the configuration file loaded locally by each validator. In fact, to ensure consistency and effectiveness of security policies, updates to this critical configuration are usually coordinated.

3.2.3 The essence of the blacklist function

The blacklist function is actually an additional layer of security to respond to emergencies and ensure the safety of user funds. The key factor in determining "whether it is decentralized" should be whether users have control over their assets.

3.3 The Decentralized Boundaries and Realities: Governance Controversies Triggered by SUI

In the emergency response of SUI, the joint actions of the community and validators have sparked discussions about its level of "decentralization". Some believe SUI is relatively decentralized, while others think it is too centralized.

From the perspective of macroeconomic theory, due to information asymmetry and the market's underdevelopment, moderate and slight centralization is necessary at the current stage.

4. The Technical Moat of Move Language

The Move language, with its resource model, type system, and security mechanisms, is gradually becoming an important infrastructure for the new generation of public blockchains.

1. Clear ownership of funds, natural isolation of permissions.
2. Language-level protection against reentrancy attacks
3. Automatic Memory Management and Resource Ownership Tracking
4. The structure is derived from Rust, providing stronger safety and readability.
5. Lower gas costs and higher execution efficiency

5. Thoughts and Suggestions on SUI Attack Events

5.1 hacker attack

1. The mathematical boundary conditions must be strictly analyzed.
2. Complex vulnerabilities require professional mathematical audits
3. Raise the review standards for projects that have been attacked.
4. Strict boundary checking for cross-type value conversion
5. The massive damage caused by "dust attacks"
6. Strengthen real-time monitoring and response capabilities against hacking activities

5.2 On-chain Fund Security Assurance and Emergency Handling

5.2.1 Crisis Management Response Mechanism of SUI

1. Validator nodes interconnect and promptly block hacker addresses.
2. Audit subsidies and on-chain security enhancement
3. The collaborative response between Cetus and SUI

5.2.2 Reflection on the Cetus hacking incident regarding user fund security

1. From a technical perspective, directly restoring funds on-chain is not entirely impossible.
2. Community co-construction, improve the security tracking mechanism
3. Introduce insurance compensation to ensure the safety of funds

6. The Continuously Flourishing SUI Ecosystem: Beyond DeFi, Everything Grows

As of now, the TVL of the SUI network is approximately $1.6 billion, with the daily trading volume of DEX maintaining around $300 million. SUI has ranked among the top in terms of developer activity, and the pace of ecological construction is rapid.

The rapid development of the stablecoin ecosystem has laid a crucial foundation for DeFi on SUI. The total scale of stablecoins deployed on the SUI chain has now surpassed 1 billion USD.

SUI is currently ranked 8th in total TVL across all chains and 3rd among non-EVM chains. In terms of on-chain transaction activity, SUI ranks 5th globally and 3rd among non-EVM networks.

The attention of Binance towards the SUI ecosystem has significantly increased recently. Its Alpha project zone has successively launched several representative projects including NAVI, SCA, BLUE, HIPPO, and NS.

The SUI ecosystem is composed of the following representative projects:

DeFi Protocol

• Navi Protocol
• Bucket Protocol
• Momentum
• Bluefin
• Haedal Protocol
• Artinals

DePIN & AI

• Walrus Protocol

The SUI ecosystem is growing at an astonishing rate, attracting a large number of developers, users, and capital participation thanks to its unique technological architecture and rich application scenarios. With more mainstream exchanges increasing their support for the SUI ecosystem, SUI is expected to further consolidate its industry position as a "gaming chain" and diversified application platform in the future, opening a new chapter in ecological development.