Cetus Hack: Solana Past, Sui Present
The recent $223 million exploit of the Sui-based decentralized exchange (DEX) Cetus bears a striking resemblance to a successful hack response strategy employed three years prior by a Solana project.
Cetus and Crema: A Shared History
Cetus shares its development team with Crema Finance, a Solana DeFi project that experienced a $9 million hack in 2022. Crema successfully negotiated with the hacker, recovering most of the stolen funds. Cetus is now employing a similar tactic, offering a $6 million bounty for the return of the remaining funds, promising to drop legal action in exchange.
This approach has faced considerable backlash, with community members advocating for a formal compensation plan for affected CETUS token holders. Many believe that the damage, particularly to token value, has already been done, regardless of fund recovery.
Sui Validators Under Scrutiny
Sui validators are also facing criticism for their role in freezing approximately $162 million of the stolen funds. While intended to aid recovery efforts, this action highlights potential centralization risks within the Sui network, a point emphasized by critics who point to the relatively small number of validators (114) compared to networks like Ethereum (over 1 million) and Solana (1,157).
Crema Finance’s Hack: A Precedent?
The Crema Finance hack, where a similar negotiation strategy resulted in the hacker retaining $1.6 million after returning $8 million, now appears to have involved a hacker subsequently apprehended and sentenced to prison. While the details remain unclear and the exact method used to apprehend the hacker is unknown, the incident highlights the challenges of prosecuting such crimes.
Reports suggest that the founder of both Cetus and Crema Finance is Henry Du, though this has yet to be officially confirmed. This information has been widely circulated in Sui's developer circles. Cointelegraph has attempted to reach Cetus for confirmation.
The Decentralization Debate
The actions of the Sui validators have ignited a broader discussion regarding decentralization. While some defend the decision as a necessary response to protect users, others argue that it underscores a significant centralization risk within Sui and undermines the principles of a truly decentralized network.
This controversy isn't unique to Sui. The $1.4 billion Bybit hack, linked to North Korean state actors, prompted similar debates concerning the role of decentralized exchanges in preventing the movement of illicit funds. The differing responses of networks like THORChain and Sui highlight the complexities and evolving interpretations of decentralization within the cryptocurrency ecosystem.
Codeum: Your Partner in Blockchain Security
At Codeum, we understand the critical need for robust security in the blockchain space. We offer a range of services to help protect your projects, including:
- Smart contract audits
- KYC verification
- Custom smart contract and DApp development
- Tokenomics and security consultation
- Partnerships with launchpads and crypto agencies
Contact us today to learn more about how we can help secure your blockchain project.