Cetus stolen funds recovered, "decentralization" compromises user interests

Jessy, Golden Finance

On May 22, Sui Ecological DEX Cetus was stolen $223 million. Of this, only $60 million was converted into ETH through the cross-chain bridge and entered the hacker's pocket, while the remaining $162 million was frozen by the Sui Foundation's coordination node.

On May 27, the community vote was launched to "determine whether to implement a protocol upgrade to recover the funds frozen in the hacker's controlled account." In the end, the protocol upgrade was implemented and 162 million funds were successfully recovered.

The Sui Foundation's rapid response to the theft and the solution it quickly introduced also caused great controversy in the community. On the one hand, it recovered most of the funds and protected the interests of the stolen users. On the other hand, the way to recover the funds was to force the modification of asset ownership through node consensus. This was the first time that "transferring assets without private keys" was realized at the public chain layer.

In the face of the interests of users, this "bold" operation that violated the "spirit of decentralization" was ignored.

How is the transfer of assets without private keys achieved?

On May 22, Sui Ecological DEX Cetus was hacked due to its own low-level code errors and lost $223 million. After the incident, $162 million of the stolen funds were frozen by the Sui Foundation's coordinated verification nodes.

On May 27, the Sui Foundation promoted a community vote, which aimed to decide whether to implement a protocol upgrade to recover funds frozen in hacker-controlled accounts. In the end, within 48 hours, 103 of 114 nodes participated in the vote, with 99 votes in favor, 2 votes against, and 2 abstentions, and 90.9% of the votes passed the proposal.

The adoption of the proposal also indicates that the Sui protocol will be upgraded, which will allow a specific address to perform two transactions on behalf of the hacker address to facilitate the recovery of funds. These transactions will be designed and announced after the recovery address is finalized. The recovered assets will be stored in a multi-signature wallet controlled by Cetus, Sui Foundation and OtterSec, a trusted auditor in the Sui community.

At the protocol upgrade level, the  address aliasing function is introduced. Specifically, the rules are defined in advance at the protocol layer: specific governance operations are disguised as "legitimate signatures of hacker accounts", and then the verification nodes recognize the forged signatures after the upgrade to legalize the transfer of frozen funds. The above makes it possible to force the modification of asset ownership through node consensus without touching the private key (this is similar to the central bank freezing bank accounts and transferring funds).

How was the earliest frozen assets achieved? Sui itself supports the Deny list and Regulated tokens functions. This time, the freezing interface is directly called to lock the hacker address.

Technical risks of powerful intervention

Although this move has recovered most of the frozen assets, it is also worrying, because the upgrade of the protocol has forced the modification of the ownership of the assets through the node consensus, which also indicates that Sui officials can replace any address for signing, thereby transferring the assets inside.

Whether Sui officials can do this is not the smart contract code, but the node voting rights, and who controls the results of the node voting? That is nothing more than the big nodes controlled by the foundation! In other words, the stakeholders of Sui officials have the greatest voice, and even voting is just a formality.

The user's private key is no longer the absolute control certificate of the asset. As long as the node consensus agrees, the protocol layer can directly cover the private key permissions.

But on the other hand, this has achieved a high efficiency of asset recovery and rapid freezing of assets. Thanks to Sui's built-in supervision function, it can quickly stop losses. The voting was completed within 48 hours and the upgrade of the protocol was implemented.

But in my opinion, the address aliasing function has set a dangerous precedent - the protocol layer can forge any "legal operation" of the address, which lays a technical foreshadowing for powerful intervention.

And this time Sui's series of operations to recover funds is nothing more than when the interests of users conflict with the principle of decentralization, the public chain party chose to make decisions from the perspective of user interests. As for whether it violates the principle of decentralization, it seems that it is not important for users and Sui. After all, when questioned, they can respond that it was decided by "voting".