Alisa Davidson
Revealed: Could 23, 2025 at 8:05 am Up to date: Could 23, 2025 at 8:05 am
Edited and fact-checked:
Could 23, 2025 at 8:05 am
In Temporary
Sui Community launched a whitelist function and restore module as a part of its fund-freezing measures following Cetus hack, enabling chosen transactions to bypass restrictions and facilitating potential restoration of stolen funds.
Sui Community applied an replace introducing a whitelist function as a part of its fund freezing measures, following a latest Cetus decentralized trade (DEX) hack, ensuing within the lack of over $220 million in cryptocurrency.
This function permits transactions included within the whitelist to bypass all safety checks. As well as, Sui has deployed a restore module with system-level privileges and added the corresponding upgraded transaction to the whitelist, doubtlessly making ready for the long run return of stolen funds to liquidity suppliers.
Notably, if fund restoration or return turns into obligatory, officers can pre-construct a chosen “rescue transaction” and add it to the whitelist, permitting it to bypass blacklist restrictions and execute in a single step. Nonetheless, the whitelist itself doesn’t grant the power to straight seize hacker funds–it merely permits transactions to bypass blacklist limitations.
The replace can not signal the hacker’s non-public key or invoke privileged Transfer capabilities however solely controls blocking or releasing funds. To truly transfer the funds, both possession of the hacker’s non-public key’s required or activation of the restore module with system-level privileges together with the upgraded transaction being added to the whitelist.
As a part of the fund freezing measures, Sui nevertheless, initially used a blacklist operate, adopted later by the addition of a whitelist patch. The Sui blockchain has lengthy maintained a function often called the Deny Listing, which acts as a denial-of-service blacklist. Addresses positioned on this blacklist have their related transactions blocked by nodes. This present performance enabled the quick freezing of the hacker’s tackle throughout the latest incident.
In keeping with @0xTodd consumer, with out this function, even with solely 113 nodes, coordinating individually would have prompted delays. Sui has not instantly turn into a centralized community–it has operated this fashion at the least because the blacklist function was launched, he highlighted in a put up on social media platform X.
As, the blacklist was formally launched first, and whereas nodes theoretically have the choice to observe it or not, it’s usually enforced mechanically by default.
The implementation of the freezing technique involving the whitelist operate has sparked criticism amongst decentralization advocates, who argue that the power to override transactions contradicts the rules of a decentralized permissionless community.
“Sui Central froze a number of the cash stolen by the hacker, but it surely can’t be withdrawn in the interim (as a result of it includes underlying stage modifications). So now we’re paving the best way to get this a reimbursement, however at the price of SUI turning into extra centralized,” famous the researcher @tmel0211.
Sui Community And Cetus Freeze $160M Stolen In Hack, Providing $6M Bounty To Attacker
Following the safety breach at Cetus, the Sui Community said that its validator community coordinated efforts to freeze the hacker’s tackle and efficiently recovered $160 million. After the assault, a number of the stolen USDC and different property have been shortly moved to different blockchains, together with Ethereum, through the cross-chain bridge. These property at the moment are past restoration. Nonetheless, a portion of the stolen funds stays on addresses inside the Sui community managed by the attacker. These remaining funds are the main focus of the freezing efforts. The official assertion famous that many validators have recognized the addresses related to the stolen funds and are actively ignoring transactions involving these addresses.
In the meantime, Cetus has introduced a white hat bounty of as much as $6 million, providing this reward to the exploiter for the return of 20,920 ETH, valued at over $55 million, in addition to the remaining stolen funds presently held on the Sui. If the property are returned, the exploiter might maintain 2,324 ETH as a bounty and the matter shall be thought of resolved with no additional authorized, intelligence, or public actions pursued.
Disclaimer
Consistent with the Belief Venture tips, please word that the knowledge offered on this web page isn’t supposed to be and shouldn’t be interpreted as authorized, tax, funding, monetary, or every other type of recommendation. You will need to solely make investments what you possibly can afford to lose and to hunt unbiased monetary recommendation in case you have any doubts. For additional info, we advise referring to the phrases and situations in addition to the assistance and assist pages offered by the issuer or advertiser. MetaversePost is dedicated to correct, unbiased reporting, however market situations are topic to vary with out discover.
About The Writer
Alisa, a devoted journalist on the MPost, focuses on cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a eager eye for rising developments and applied sciences, she delivers complete protection to tell and interact readers within the ever-evolving panorama of digital finance.
Extra articles
Alisa Davidson
Alisa, a devoted journalist on the MPost, focuses on cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a eager eye for rising developments and applied sciences, she delivers complete protection to tell and interact readers within the ever-evolving panorama of digital finance.
Extra articles
