Sui Pledges $10M for Smart Contract Audits, Bug Bounties Post-Hack

• After a $223 million hack that hit Cetus Protocol, Sui just announced a $10 million investment aimed at strengthening the security of the entire ecosystem.
• While the exploit came from a bug in the protocol, not the Sui blockchain itself, they’re taking no chances.

Security breaches are becoming increasingly common in the cryptocurrency space. On May 22, Cetus Protocol, the largest decentralized exchange on the Sui blockchain, was hacked, resulting in a staggering $223 million in stolen digital assets.

CNF highlighted that the exploit didn’t stem from a flaw in the Sui network or its Move programming language. The hackers took advantage of vulnerabilities in Cetus’ smart contracts. The attacker was able to slip spoof tokens into the protocol’s liquidity pools, draining real assets in the process.

To recover what was lost, Cetus put a $6 million “white hat” bounty on the table, hoping to encourage the return of the stolen assets, including $56 million in ETH and funds frozen on Sui. Thanks to quick action by the community and Sui validators, around $162 million of the compromised assets were frozen before they could be moved off the network.

To prevent this from happening again, the Sui team is stepping up with a $10 million commitment to strengthen the security of its ecosystem in the wake of these events. For SUI, this reminded them of how important solid security practices are in DeFi. The $10 million funding will be used to build a safer, more resilient blockchain environment.

Strategic Security Enhancements

In the announcement, they emphasized the need to “take a holistic perspective and step up our game on supporting ecosystem security,” especially in the wake of recent incidents that have raised eyebrows across the DeFi space. The funds will be used for several important areas: First, smart contract audits. These are thorough reviews of both current and upcoming contracts to catch any bugs or weaknesses before bad actors do.

Then there are the bug bounty programs, which will reward ethical hackers who help spot and report vulnerabilities that can be taken advantage of. Another focus is formal verification tools, which use advanced math to prove that a smart contract will behave exactly as intended. On top of that, the foundation plans to work closely with developers by offering resources and collaborating on best practices for secure dApp development.

“We also recognize that this is a coming-of-age moment that nearly every major blockchain has unfortunately experienced; no system design or programming language can stop humans from writing bugs,” the SUI team said.

Also, Sui’s development team is also advancing its tech stack. A recent update from CNF highlighted the launch of zkAt, or Zero-Knowledge Authenticator. This is a new authentication method built on zero-knowledge principles. The team believes zkAt could be even more transformative than previous breakthroughs like zkLogin, Plasma, or the Lightning Network.

Despite these moves, the market hasn’t fully shaken off recent events. At the time of writing, SUI is trading around $3.55, down 1.25% in the past 24 hours and 7% over the past week, bringing its market cap to $11.8 billion.