Cetus Protocol Overflow

On May 22, 2025, Cetus Protocol — the largest DEX on Sui — was drained for roughly $223 million in a single, surgically precise transaction. Sui validators froze most of the funds on-chain within hours; the foundation and team ultimately made depositors whole.

What happened

The bug lived inside Cetus' fixed-point math library, in a helper called checked_shlw. Its purpose was to guard a left-shift operation against overflow. The implementation compared the input to 0xFFFFFFFFFFFFFFFF << 192 rather than to 0x1 << 192 — the threshold above which an overflow could occur.

The attacker chose a liquidity value that passed the (broken) check but caused a silent overflow during the actual add-liquidity calculation. The result: a deposit of essentially one wei was credited to the attacker as if it were a massive concentrated-liquidity position. They then redeemed that position for real assets, draining the pool.

Around $60M was bridged out to Ethereum before defenders could react. The remaining ~$162M stayed on Sui and was frozen by validators after the network was alerted.

Aftermath

• Sui validators voted to freeze the attacker addresses on-chain — a contested move, since it required a coordinated transaction-blacklisting decision among a small validator set.
• The Sui Foundation extended a $30M USDC loan to Cetus. Combined with Cetus' own $7M cash reserves and the on-chain frozen funds, depositor pools were replenished at 85–99% of pre-incident balances.
• Cetus relaunched on June 8, 2025 with a patched library.

Why it matters

Cetus reinforced two uncomfortable facts: shared math libraries are a systemic risk (the bug was inherited from a community Move template), and validator-level intervention is a legitimate but contested defence. Solana, Ethereum and most major chains explicitly disclaim the ability to freeze; Sui's faster, smaller validator set can — and did. Whether that is a feature or a centralisation flag depends on whose money you are.