Cetus to Fully Compensate Users After $223M Hack, Backed by Sui Foundation

Decentralized exchange Cetus Protocol, built on the Sui network, has vowed to fully compensate users impacted by a $223 million exploit that struck its Concentrated Liquidity Market Maker (CLMM) pools on May 22.

The commitment hinges on an upcoming community vote to recover $162 million in frozen assets and a critical loan from the Sui Foundation.

The Road to Recovery

In a May 27 post on X, the Cetus team announced that it had mobilized sufficient assets from its treasury, alongside a strategic loan from the Sui Foundation, to ensure that affected users could be made whole, contingent on the outcome of an ongoing community vote to unlock frozen funds.

“Because full recovery is dependent upon the results of the community vote, we humbly ask for the Sui community’s full support to recover the funds via the upcoming vote,” the team wrote.

The recovery plan has gotten widespread support, but the ultimate decision now rests with the Sui community. The on-chain vote will determine whether to unlock the frozen wallets and kickstart restitution. It represents a landmark test for decentralized crisis response.

Unlike traditional finance, where institutions dictate recovery, Sui validators and stakers now hold the keys to resolving a nine-figure breach.

While Binance founder Changpeng Zhao, who pledged his support, lauded the process, the Cetus team acknowledged the extraordinary nature of the ask but insisted it was “the right decision” for the victims of the attack. They also emphasized that even if the vote fails, partial compensation will begin immediately after.

A Flaw in the Code

According to an incident report, the breach happened at 10:30 UTC on May 22 when an attacker exploited a vulnerability in the protocol’s CLMM pools. The flaw mishandled overflow checks during liquidity operations, allowing the hacker to manipulate pool prices and inject artificial liquidity, ultimately draining funds across multiple transactions.

However, within an hour of the attack, Cetus managed to disable vulnerable contracts and collaborated with Sui validators to freeze two wallets holding $162 million. Still, the thief was able to bridge some $60 million worth of tokens to Ethereum and converted them into ETH, leaving a trail at addresses 0x0251536bfc and 0x89012a55cd.

The protocol later revealed that in addition to partnering with law enforcement agencies, the Sui Foundation, and security firm Inca Digital, it had also initiated white-hat negotiations with the attacker to recover the lost funds. Days later, it announced that the hacker had not responded, forcing it to issue a $5 million bounty for information that would lead to the culprit’s identification and arrest.

As reported by CryptoPotato, the hack triggered panic across Sui-based tokens, with assets like LBTC and AXOL dumping to near zero. Others, like LOFI and HIPPO, lost more than 80% of their value, per DEX Screener data.