Chainflow’s Official Response to the Cetus Exploit and SUI Governance Vote

The Hack

On May 22, 2025, Cetus Protocol—the largest decentralized exchange on the Sui Network—was exploited due to a critical arithmetic overflow vulnerability, resulting in the loss of approximately $223 million.

In the immediate aftermath, the Sui Foundation, alongside Cetus and security firm OtterSec, coordinated efforts to freeze the attacker’s assets. Validators representing over 90% of the network's stake voted in favor of a recovery plan to move the frozen funds into a multisig wallet for eventual restitution to affected users.

On Wednesday, the Sui validator community acted quickly to freeze $162M of the stolen funds. Here’s how that happened:

- Each validator has a configuration file that allows it to ignore transactions from a specific address.

- Adding addresses to this file is at the discretion… https://t.co/pVLTItN0MH
— Sui (@SuiNetwork) May 23, 2025

Chainflow’s Position

Chainflow has been closely following the Cetus hack since it happened. While we haven't been the most vocal about it and the actions taken to-date, we have been internally discussing the incident, intial response and proposed next step in a measured and conscious way.

While the urgency of the situation isn't lost on us, our experience is that the need for speed often overrides all other priorities at times like this. In these situations we typically take a step back, to assess the available information, rather than race forward into the unknown.

Now that we've had a chance to do this, we will share our current perspective of the events, as well as how we are leaning in our vote. We've also been involved in on-chain governance for many years now and are using this experience as the lens through which we focus our decision making process.

Our Immediate Response

Chainflow responded promptly to the initial call to block the attacker's addresses to prevent further loss and preserve options for recovery.

We saw this as a fast attempt to triage the injury. When an injury is experienced, expediency is critical, which we recognize in the early stages of hacks like these. It's important to stop the bleeding to preserve optionality. We believe the actions taken by validators to block the transactions served this purpose.

We are now moving on to the treatment phase. Proper triage provides a longer window of time to assess approaches to repair and heal the initial injury. This is where we are today with the Cetus proposal to restore funds that were able to be saved to their original owners.

Our Assessment

We reiterate our previous proposal to the Sui Foundation to begin developing a governance process, and we remain committed to help and lead this effort along others who wish to join.

So while we would have liked to see the governance process built out prior to needing it, our initial assessment is that the Sui Foundation, Cetus team and Ottersec have combined to propose a thoughtful approach to recovering from the hack in a healthy way.

That said, we think the vote is being rushed. Particularly, the clause which allows the vote to end within two days under certain conditions. As mentioned in the introduction, we take a measured and conscious approach to these decisions. It is unreasonable to expect that:

Validators make a decision.
Inform their delegators and allow delegators time to think and to interact with validators on their decision.
Delegators to either accept or change their stake all within 48 hours.

So while we appreciate the call for validators to be public and share our positions, we feel that the voting mechanics do not reasonably allow for its stated purpose.

Our Decision

While we think improvements should be made to the voting mechanics, we will vote Yes on this proposal for the following reasons:

There is broad consensus that clear and objective guidelines are needed so as to not establish a bad precedent and the Sui foundation is proactive in gathering feedback and committed to developing a framework.
Cetus repayment plan is sound and reasonable.

Into the Future

While we think that having frozen the attacker's fund was the right move, there is more to be discussed regarding this ability. The configuration file allows validators to ignore transactions from a specific address, and this is something that is not unique to Sui. Validators in any network are able to ignore transactions from a specific address.

The important thing to remember here from a decentralization standpoint is not the mechanism behind it but the amount of stake-entity required to do so.

More than 1/3rd of validators by stake must do so in order to "freeze" the funds. In the case of Sui this Nakamoto Coefficient lies at 19, meaning 19 entities control more than one third of stake.

While it is true that adding addresses to this configuration file is and was at the discretion of individual validators, many validators have significant foundation stake, which inherently can lead to conflicts of interest.

Expanding the validator set here is key by requiring a lower stake amount to participate on mainnet.

As mentioned before, we will be glad to join and help lead any effort to develop a governance framework within Sui. We have years of experience dealing with governance across networks and are always looking for ways to better align stakeholder interests.

We would also like to open the discussion regarding voting mechanics, time windows and transparency. We also think that discussions should be had around private voting, which Sui is in a unique position to carry out given all the zk primitives in its tech stack.

Full privacy guarantees a true reflection of network state, leads to better decision making in the future and mitigates social and economic coercion.

Final Recommendation (Governance-Centric)

Rather than treat this as a one-off Yes/No vote, we urge the Sui community to treat this moment as a catalyst for long-term improvements. Our support is conditional—not only on the return of funds, but on a roadmap toward stronger governance.

We recommend:

Integrate proposal metadata standards (PLM)
– Clearly identify authorship, timeline rationale, and prior precedent.
Establish Outcome Review Anchors (ORA)
– Conduct post-vote reviews at 30/60/90-day intervals.
Publish an Informal Power Map (IPM)
– Document who proposed, who benefited, and who enforced.
Run a Governance Health Index assessment (GHI)
– Measure inclusiveness, transparency, and accountability.
Track Recurring Governance Frictions (RTF)
– Build a memory layer to learn from crises, not repeat them.

Chainflow is committed to helping implement these systems. We’ve worked across ecosystems on governance challenges and are ready to contribute that experience here.

💡

To get a weekly digest of all things Sui delivered to you inbox once a week, sign up for our Sui TLDR newsletter:

SUBSCRIBE

If you want to stake $SUI, please consider using Aftermath and choosing Chainflow as your staking partner here.

Have thoughts or feedback? Connect with us on Twitter/X!