Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Cetus, an AMM on Sui, was exploited for over $223M in losses. Token prices on Sui dropped by 80%.

The technical parts of the bug are pretty interesting. The AMM has tick concentration math, which is notoriously complicated to do correctly. In the function get_delta_a, there was a chance for an integer overflow when performing a trade. This overflow occurred due to the number of tokens that needed to be sent to execute the trade the user requested.

This integer overflow (really a truncation) was identified and protected against, though. There was multiplication to ensure that the shift could NOT exceed 192 bits. This should have been sufficient for preventing the exploit, but the check was flawed. A sane check would have been n >= (1 << 192). However, it was 0xffffffffffffffff << 192 instead. This is more similar to 2 ** 256 in reality. Crazy!

Due to the failed detection, the numerator of a division operation is truncated later when the math assumes the value is less than 192 bits. Since this is how the AMM determines the number of tokens required to trade in for the requested tokens, this is catastrophic. By skewing the pool via a flash loan and performing this trick, they were able to transfer in a SINGLE token as collateral.

Sui can block accounts and freeze funds at the validator level. This was done to prevent funds from leaving the ecosystem, which had already occurred through other bridges. The hacker has not responded to any of Cetus' asks so far.

The auditing side of this is very interesting. According to Rekt.news, the exploit was actually in a third-party math library. On top of this, this vulnerability was already found on the Aptos implementation by OtterSec. However, when it was ported to Sui Move, the vulnerability appeared again. Several audits were done on the Aptos version, but no bugs were found.