More
- Topic1/3
18k Popularity
10k Popularity
18k Popularity
7k Popularity
3k Popularity
- Pin
- 🎊 ETH Deposit & Trading Carnival Kicks Off!
Join the Trading Volume & Net Deposit Leaderboards to win from a 20 ETH prize pool
🚀 Climb the ranks and claim your ETH reward: https://www.gate.com/campaigns/site/200
💥 Tiered Prize Pool – Higher total volume unlocks bigger rewards
Learn more: https://www.gate.com/announcements/article/46166
- 📢 ETH Heading for $4800? Have Your Say! Show Off on Gate Square & Win 0.1 ETH!
The next bull market prophet could be you! Want your insights to hit the Square trending list and earn ETH rewards? Now’s your chance!
💰 0.1 ETH to be shared between 5 top Square posts + 5 top X (Twitter) posts by views!
🎮 How to Join – Zero Barriers, ETH Up for Grabs!
1.Join the Hot Topic Debate!
Post in Gate Square or under ETH chart with #ETH Hits 4800# and #ETH# . Share your thoughts on:
Can ETH break $4800?
Why are you bullish on ETH?
What's your ETH holding strategy?
Will ETH lead the next bull run?
Or any o
- 🧠 #GateGiveaway# - Crypto Math Challenge!
💰 $10 Futures Voucher * 4 winners
To join:
1️⃣ Follow Gate_Square
2️⃣ Like this post
3️⃣ Drop your answer in the comments
📅 Ends at 4:00 AM July 22 (UTC)
- 🎉 [Gate 30 Million Milestone] Share Your Gate Moment & Win Exclusive Gifts!
Gate has surpassed 30M users worldwide — not just a number, but a journey we've built together.
Remember the thrill of opening your first account, or the Gate merch that’s been part of your daily life?
📸 Join the #MyGateMoment# campaign!
Share your story on Gate Square, and embrace the next 30 million together!
✅ How to Participate:
1️⃣ Post a photo or video with Gate elements
2️⃣ Add #MyGateMoment# and share your story, wishes, or thoughts
3️⃣ Share your post on Twitter (X) — top 10 views will get extra rewards!
👉
Cetus suffers a $230 million attack, SUI ecosystem faces severe damage.
Analysis of the $230 Million Attack Incident on Cetus
On May 22, SUI ecosystem liquidity provider Cetus was suspected of being attacked, with multiple trading pairs experiencing significant drops, estimated losses exceeding $230 million. Cetus subsequently announced that it has suspended its smart contracts and is investigating the incident.
The security team quickly intervened to analyze and issued a security alert. Below is a detailed analysis of the attack methods and the situation regarding fund transfers.
Attack Analysis
The attacker exploited the system vulnerabilities by carefully constructing parameters to execute an attack that exchanged a minimal amount of tokens for a substantial amount of liquidity assets. The main steps are as follows:
Borrowing a large amount of haSUI through flash loans caused the pool price to plummet by 99.90%.
Open a liquidity position in a very narrow price range, with a range width of only 1.00496621%.
Exploit the overflow detection bypass vulnerability in the checked_shlw of the get_delta_a function to declare adding a huge amount of liquidity but actually only pay 1 token.
The system has a significant deviation in calculating the required haSUI amount, allowing attackers to acquire a large amount of liquidity assets at a very low cost.
Remove liquidity to obtain huge token profits, with a net profit of about 10 million haSUI and 5.76 million SUI after repaying the flash loan.
Project Party Repair Status
Cetus has released a patch that mainly fixes the error mask and judgment conditions in the checked_shlw function, ensuring it can correctly detect overflow situations.
Capital Flow Analysis
Attackers profited approximately $230 million, including various assets such as SUI, vSUI, and USDC. Some funds were transferred to EVM addresses via cross-chain bridges, with about $10 million deposited into Suilend, and 24 million SUI transferred to a new address that has not yet been withdrawn.
Fortunately, the SUI Foundation and ecosystem members collaborated to freeze approximately $162 million in stolen funds.
On the EVM receiving address, part of the funds were exchanged for ETH through a DEX, 20,000 ETH was transferred to a new address, and the current balance of that address is 3,244 ETH.
Summary
This attack highlights the dangers of mathematical overflow vulnerabilities. Developers should rigorously validate the boundary conditions of all mathematical functions in smart contract development to guard against similar precision math attacks.