Cetus Protocol $250 Million Exploit on Sui Chain: Hack Analysis
Piyush Shukla
🇮🇳 Lead Smart Contract Auditor | Building @EVMSleuth | Ex-CISO | Top 3 Global Rank on HackenProof | CEX Security Expert | Web3 Security Specialist | Award-Winning Threat Hunter| DA Researcher | #Sway #Solidity #Rust
Cetus suffered a major security breach, detected earlier in the day. The exploit resulted in over $260 million being drained from liquidity pools, triggering widespread market disruption. we observed that the attacker bridged approximately $61.5 million worth of USDC to Ethereum, converting it into around 23,000 ETH — valued at nearly $62 million.
In response, Cetus Protocol paused its smart contracts to prevent further losses and launched an investigation into the breach. The attack led to severe price declines across the SUI ecosystem, with some tokens dropping by as much as 80%. The SUI token itself fell by around 7%, trading near $3.80 at press time, while CETUS tokens plummeted by 40%.
This analysis aims to break down the incident for a clearer understanding focusing on what occurred and its broader implications for the ecosystem.
About Cetus Protocol
Cetus Protocol is a pioneering decentralized exchange (DEX) and concentrated liquidity protocol built on the Sui and Aptos blockchains, focusing on Move-based ecosystems. It aims to provide a robust liquidity network for trading,
Root Cause (Simplified)
Whenever someone adds liquidity within a valid range, the protocol calculates how much of “token A” needs to be deposited.
However, due to a bug in the math (specifically in how the numbers are shifted and checked), the calculation goes wrong. It ends up producing a very small number often just 1even when the input is huge.
The issue is that a key math operation silently cuts off important parts of the number, making the result much smaller than it should be. The protocol wrongly trusts this result.
As a result, an attacker can deposit just 1 unit of token A and receive the full amount of liquidity they requested. They then quickly withdraw it all using a flash loan.
In the end, the attacker swaps the liquidity into another token (SUI), repays the tiny flash loan in token A, and walks away with a large amount of SUI as pure profit.