The blockchain security company Dedaub published a post-mortem report in regards to the Cetus decentralized Exchange hack and identified the primary reason for the attack as using the liquidity parameters utilized by the Cetus Automated Market Maker (AMM), which was undetected by a code “overflow” control.
According to the report, the hackers used a mistake in a very powerful bits (MSB) test in order that they’ll manipulate the values ​​for the liquidity parameters through order of magnitude and set relatively large positions with a keyboard stop. The Dedaub security researcher wrote:
“This enabled them so as to add massive liquidity positions with only one unit with token input, then drain off pools that contain tons of of million dollars of tokens together.”
The incident and the post-mortem update reflect the unlucky trend of cybersecurity exploits and hacks, which affect crypto and the web3 industry.
Managers within the industry have constantly warned that industry corporations need to arrange protective measures and protect users before the regulatory authorities reserve the industry and impose protective measures.
The faulty MSB test. Source: Dedaub
The Cetus decentralized Exchange chopped and triggered 223 million US dollars of losses
On May 22, the Cetus exchange was chopped, which led $ 223 million of user losses inside a period of $ 24 hours.
Cetus and the Sui Foundation also announced that Sui Network Validators encourage a big a part of the stolen assets.
According to the Cetus team, 163 million US dollars of the 223 million US dollars from Validators and ecosystem partners were frozen on the identical day because the hack.
Answer attracts criticism and allegations of centralization
The decision to freeze the stolen funds led mixed reactions from the crypto community, with decentralization criticizing the validators to climb and control the chain.
“Sui validators actively censor transactions within the blockchain,” wrote a user to X and repeats many other posts.
“This fully undermines the principles of decentralization and transforms the network into nothing apart from a centralized, prepared database,” continued the article.
“It is interesting what number of web3 projects supported by VCS depend on centralization, regardless that they borrowed bitcoins ethos,” said Steve Bowyer in a post on May 23.
