- Pin
- #Over 100 Companies Hold Over 830,000 BTC#
According to reports as of June 19, more than 100 companies collectively hold over 830,000 BTC, worth about $86.476 billion.
💬 Do you think Bitcoin will become a new norm for corporate asset allocation? How might this impact Bitcoin’s price? What’s your recent BTC trading strategy? Post to share your price predictions, market analysis, and strategies with us using the topic tag!
🎁 Meanwhile, Gate’s BTC Staking event is in full swing! Simply stake your BTC and earn up to 3% APY. Click the link to start staking and enjoy your earnings: https://ww - 🏁 Gate Red Bull Racing Tour 2025 In Full Swing!
Up to now, the total trading volume exceeded $2 billion, with top trader trading volume nearing $200 million
Join the race now & fuel your trades for real-world rewards:
✅ 5,000 GT Prize Pool
✅ VIP Seat at an F1 Grand Prix
✅ Futures Vouchers for New Signups
Start your engines & trade fast
Top the leaderboards. The Race is ON!
👉 Go Now: www.gate.com/competition/f1rb/s1
#GateRedBullRacingTour# - 📢 Gate releases its latest Reserve Audit Report!
💰 Total reserves: $10.453B
🟢 Excess reserves: $1.96B — ensuring full coverage and extra security for user assets.
Gate continues to uphold 100% proof-of-reserves and full transparency.
🔗 Read the full report: https://www.gate.com/zh/announcements/article/45617
Point of view: Did the hacker steal the money, so Sui can take it?
Written by: Shisi Jun
This event is a victory for capital, not for users, and it is a regression for the development of the industry.
Bitcoin to the left, Sui to the right, every action that shakes the decentralized industry brings a stronger belief in Bitcoin.
The world needs more than just a better global financial infrastructure; there will always be a group of people who need a space for freedom.
Once upon a time, alliance chains were more popular than public chains because they met the regulatory demands of that era. Now, the decline of alliances actually means that simply adhering to this demand does not reflect the true needs of users. With the loss of regulated users, what is the need for regulatory tools?
1. Background of the Event
On May 22, 2025, the largest decentralized exchange in the Sui public chain ecosystem, (DEX) Cetus, was attacked by hackers, resulting in an instant reduction in liquidity, a collapse in the prices of various trading pairs, and losses exceeding 220 million dollars.
Before the release, the timeline is as follows:
2. Attack Principles
Regarding the principles of the event, there have been multiple statements in the industry, here is only a core overview of the principles:
From the perspective of the attack process:
The attacker first used a flash loan to borrow approximately 10,024,321.28 haSUI, instantly causing the price in the transaction pool to drop.
99.90%. This massive sell order caused the target pool price to drop from approximately 1.8956×10^19 to 1.8425×10^19, nearly clearing the bottom.
Subsequently, the attacker created a liquidity position on Cetus within a very narrow range (Tick lower limit 300000, upper limit 300200, with a range width of only 1.00496621%). Such a narrow range amplified the impact of subsequent calculation errors on the required amount of tokens.
The core principle of the attack:
There is an integer overflow vulnerability in the get_delta_a function used by Cetus to calculate the required number of tokens. An attacker intentionally claims to add a huge liquidity (about 10^37 units), but actually only deposits 1 token into the contract.
Due to an error in the overflow detection condition of checked_shlw, the contract experienced a high-bit truncation during the left shift calculation, causing the system to severely underestimate the required amount of haSUI, thus exchanging a massive amount of liquidity at a minimal cost.
Technically, the above vulnerability stems from Cetus using incorrect masks and conditions in the Move smart contract, allowing any value less than 0xffffffffffffffff << 192 to bypass detection; and after shifting left by 64 bits, the high-order data is truncated, causing the system to consider it has gained enormous liquidity by collecting only a minimal amount of tokens.
After the incident, two official actions emerged: "Freeze" vs "Recover", which are two stages:
3. The Freezing Mechanism of Sui
The Sui chain itself has a special Deny List ( mechanism, which has implemented the freezing of the hacker's funds this time. Not only that, but Sui's token standard also has a "regulated token" model, which comes with a built-in freezing function.
This emergency freeze utilizes this characteristic: validator nodes quickly added addresses related to the stolen funds in their local configuration files. Theoretically, each node operator can modify TransactionDenyConfig themselves to update the blacklist, but to ensure network consistency, the Sui Foundation, as the original configuration publisher, coordinated centrally.
The foundation first officially released a configuration update containing the hacker's address, allowing validators to synchronize by default configuration, thereby temporarily "sealing" the hacker's funds on the chain, which actually involves a high degree of centralization factors.
In order to rescue victims from frozen funds, the Sui team immediately launched a whitelist )Whitelist( mechanism patch.
This is for the operation of transferring funds back in the future. You can construct legal transactions in advance and register them on the whitelist, and even if the fund address is still on the blacklist, it can be enforced.
The new feature transaction_allow_list_skip_all_checks allows specific transactions to be pre-added to the "exemption list", enabling these transactions to skip all security checks, including signatures, permissions, blacklists, etc.
It is important to note that the whitelist patch does not directly seize hacker assets; it only grants certain transactions the ability to bypass freezing, while the actual transfer of assets still requires legal signatures or additional system permission modules to complete.
In fact, the mainstream freezing solutions in the industry often occur at the token contract level and are controlled by multi-signatures from the issuer.
Taking Tether's USDT as an example, its contract has a built-in blacklist function, allowing the issuing company to freeze non-compliant addresses, preventing them from transferring USDT. This scheme requires a multi-signature to initiate a freeze request on the chain, and it only takes effect after the multi-signatures reach a consensus, resulting in execution delays.
Although the Tether freezing mechanism is effective, statistics indicate that the multi-signature process often has "windows of opportunity," leaving room for illicit actors.
In contrast, Sui's freezing occurs at the underlying protocol level, collectively operated by validator nodes, and executes much faster than regular contract calls.
In this model, to execute quickly means that the management of these validator nodes themselves must be highly unified.
3. The Implementation Principle of Sui's "Transfer-based Recycling"
Even more astonishing is that Sui not only froze the hacker's assets but also plans to recover the stolen funds through an on-chain upgrade called "Transfer Recovery".
On May 27, Cetus proposed a community voting plan to upgrade the protocol and send the frozen funds to a multi-signature escrow wallet. The Sui Foundation immediately initiated an on-chain governance vote.
On May 29, the voting results were announced, with approximately 90.9% of the weighted validators supporting the proposal. The Sui team announced that once the proposal is approved, "all funds frozen in the two hacker accounts will be retrieved to a multi-signature wallet without the need for hacker signatures."
No need for hacker signatures, what a distinctive feature this is, the blockchain industry has never had such a repair method.
According to the Sui official GitHub PR, the protocol introduces the address aliasing mechanism. The upgrade includes: pre-specifying alias rules in ProtocolConfig, allowing certain permitted transactions to consider valid signatures as sent from hacker accounts.
Specifically, the list of rescue transaction hashes to be executed is bound to the target address (i.e., the hacker address). Any executor who signs and publishes these fixed transaction summaries is regarded as a valid hacker address owner initiating the transaction. For these specific transactions, the validator node system will bypass the Deny List check.
From the code level, Sui has added the following judgment in the transaction validation logic: when a transaction is intercepted by the blacklist, the system traverses its signers and checks whether protocol_config.is_tx_allowed_via_aliasing)sender, signer, tx_digest( are true.
As long as there is a signer that meets the alias rules, this transaction marked as allowed to pass will ignore previous interception errors and continue to be packaged and executed normally.
4. Opinion
160 million, tearing apart the deepest underlying beliefs of the industry
The Cetus incident, from my personal perspective, may soon pass, but this model will not be forgotten, as it has disrupted the industry's foundation and broken the traditional consensus of immutability in blockchain under the same ledger.
In blockchain design, contracts are the law, and code is the judge.
However, in this incident, the code became ineffective, governance intervened, and power superseded, resulting in a model where voting behavior determined the outcome of the code.
The reason is that Sui's direct appropriation of transactions is vastly different from how mainstream blockchains handle hacker issues.
This is not the first time of "consensus tampering", but it is the quietest one yet
Historically:
This is the same hard fork model, rolling back the ledger to before the problem, and then users can still decide for themselves which ledger system to continue using.
Compared to DAO hard forks, Sui did not choose to split the chain, but instead precisely addressed this event through a protocol upgrade and configuration of aliases. By doing so, Sui maintained the continuity of the chain and most consensus rules unchanged, while also indicating that the underlying protocol can be used to implement targeted "rescue operations".
The problem is that historically, "fork rollback" is a user choice of belief; Sui's "protocol correction" is the chain making the decision for you.
Not Your Key, Not Your Coin? I'm afraid Not Anymore.
In the long run, this means that the concept of "Not your keys, not your coins" is being undermined on the Sui blockchain: even if the user’s private keys are intact, the network can still prevent asset movement and redirect assets through collective protocol changes.
If this becomes a precedent for the future Blockchain to respond to major security incidents, it may even be regarded as a custom that can be adhered to again.
"When a chain can break the rules for justice, it has also established a precedent for breaking any rules."
Once there is a successful "public welfare money grabbing", the next time it may be an operation in the "moral gray area".
What will happen?
If hackers really stole users' money, can collective voting take away his money?
Is the voting based on who has more money (pos) or more people? If it's the one with more money that wins, then the ultimate producers described by Liu Cixin will soon arrive. If it's the one with more people that wins, then the chaotic crowd will also raise their voices.
In traditional systems, it is very normal for illegal gains not to be protected, and freezing and transferring are routine operations of traditional banks.
But from a technical theory perspective, it is impossible to achieve this, isn't it the root cause of the development of the Blockchain industry?
The big stick of industry compliance is continuously fermenting. Today it can freeze and modify account balances for hackers, and tomorrow it can make arbitrary modifications for geopolitical factors and conflicting factors. If the blockchain becomes a regional tool.
The value of that industry has been greatly compressed, at best it's just another set of a less usable financial system.
This is also the reason why the author firmly believes in the industry: "Blockchain is valuable not because it cannot be frozen, but because even if you hate it, it does not change for you."
As regulation becomes the trend, can the blockchain maintain its own soul?
Once upon a time, consortium blockchains were more popular than public blockchains because they met the regulatory needs of that era. Today, the decline of consortiums actually means that merely adhering to this demand is not the true demand of real users. The users lost to regulation raise the question of what regulatory tools are needed.
) From the perspective of industry development
Is efficient centralization a necessary stage in the development of Blockchain? If the ultimate goal of decentralization is to protect user interests, can we tolerate centralization as a transitional means?
The term "democracy" in the context of on-chain governance is actually token weighted. So if a hacker holds a large amount of SUI (or if one day a DAO is hacked and the hacker controls the voting rights), can they also "legally vote to absolve themselves"?
Ultimately, the value of the blockchain does not lie in whether it can be frozen, but rather in the fact that even if the group has the ability to freeze it, they choose not to.
The future of a chain is not determined by the technical architecture, but by the set of beliefs it chooses to uphold.