Reported by The Block: Cetus Protocol, a decentralized exchange on the Sui and Aptos blockchains, relaunched on Sunday just 17 days after suffering a $223 million exploit.
The protocol recovered around $162 million worth of funds, and restarted with the help of a $30 million loan from the Sui foundation.
Affected liquidity pools were restored to at least 85% of their initial value, pledging remaining compensation coming in the form of CETUS tokens.
Cetus continues to legally pursue its attacker, who ignored the protocol’s attempts to negotiate and has begun attempting to launder the stolen assets.
Sui- and Aptos-based decentralized exchange Cetus Protocol relaunched on Sunday after recovering from a $223 million exploit on May 22, restoring the platform to full functionality and replenishing affected pools with 85% to 99% of their original liquidity, the Cetus team said.
The hack, which occurred after an unknown attacker exploited an integer overflow flaw in a shared math library used by Cetus' contracts to make one deposited token seem like millions of dollars in value, was the most devastating attack on any DeFi protocol in May. Yet shortly after the hack, $162 million was frozen on Sui by validators and eventually returned to the protocol.
Now, Cetus has relaunched, plugging the holes in affected liquidity pools with the recovered funds, its entire cash reserves worth $7 million, and a $30 million USDC loan from the Sui foundation, the protocol said in an announcement. The recovery rate for affected LPs ranges between 85% and 99%; the remainder will be returned as CETUS tokens over the course of 12 months following a linear unlock schedule, barring any further recoveries from the attacker.
Cetus said it identified and patched the vulnerability that led to the exploit, thoroughly audited the protocol, and rebalanced all affected liquidity pools to prepare for the relaunch. Yet assets worth tens of millions of dollars still remain under the control of the hacker, who transferred some assets to an EVM address and has begun to launder some of the funds with transfers to "mixer" service Tornado Cash.
"The attacker ignored our previous whitehat offer and has begun attempting to launder assets — a futile and traceable act," Cetus wrote. "We are highly confident that successful arrest and recovering the remaining assets is only a matter of time."
An analysis of the hack by blockchain security firm SlowMist found that the hacker prepared the attack two days prior by funding a wallet with enough funds for gas to carry out the attack, and even attempted an earlier version of the exploit which failed. The exploit affected only Sui-based pools, with the protocol's Aptos side unaffected.
"The attacker precisely selected parameters and exploited the flaw in the checked_shlw function to obtain liquidity worth billions at the cost of only 1 token," SlowMist wrote. "This was an extremely sophisticated mathematical attack."
In the future, Cetus Protocol said it plans to initiate an additional round of comprehensive audits, upgrade the protocol's real-time monitoring system, initiate a new white-hat bounty program, and revise their roadmap for upcoming product features.
"This restart signifies more than just a relaunch, but a renewal," Cetus wrote.
Sui
DEX
