- Topic1/3
18k Popularity
27k Popularity
20k Popularity
53k Popularity
20k Popularity
- Pin
- 📢 Gate Square #Creator Campaign Phase 2# is officially live!
Join the ZKWASM event series, share your insights, and win a share of 4,000 $ZKWASM!
As a pioneer in zk-based public chains, ZKWASM is now being prominently promoted on the Gate platform!
Three major campaigns are launching simultaneously: Launchpool subscription, CandyDrop airdrop, and Alpha exclusive trading — don’t miss out!
🎨 Campaign 1: Post on Gate Square and win content rewards
📅 Time: July 25, 22:00 – July 29, 22:00 (UTC+8)
📌 How to participate:
Post original content (at least 100 words) on Gate Square related to
- 📢 Gate Square #MBG Posting Challenge# is Live— Post for MBG Rewards!
Want a share of 1,000 MBG? Get involved now—show your insights and real participation to become an MBG promoter!
💰 20 top posts will each win 50 MBG!
How to Participate:
1️⃣ Research the MBG project
Share your in-depth views on MBG’s fundamentals, community governance, development goals, and tokenomics, etc.
2️⃣ Join and share your real experience
Take part in MBG activities (CandyDrop, Launchpool, or spot trading), and post your screenshots, earnings, or step-by-step tutorials. Content can include profits, beginner-friendl
- 🎉 Gate Square’s "Spark Program" Surpasses 1,000 KOLs!
💥 The creator ecosystem is in full bloom!
📈 Get featured, earn rewards, and grow your influence—what are you waiting for?
💰 Cash incentives ✔️
🚀 Traffic support ✔️
👑 Exclusive verification ✔️
From 0 to 1,000 in just weeks—Gate Square is becoming the epicenter of Web3 content! ⚡
You’re not just posting content, but the next "viral opportunity"!
🌟 Join the Spark Program and kickstart your breakthrough!
👉 https://www.gate.com/announcements/article/45695
Cetus suffered a mathematical overflow attack, resulting in a loss of $230 million, with $162 million already frozen.
Cetus suffers from a mathematical overflow vulnerability attack, resulting in losses exceeding $230 million.
On May 22, the liquidity provider Cetus on the SUI ecosystem was suspected of being attacked, leading to a significant drop in liquidity pool depth, with several token trading pairs experiencing declines, estimated losses exceeding $230 million. Cetus subsequently announced that it has temporarily suspended its smart contracts and is investigating the incident.
The core of this attack is that the attacker carefully constructs parameters to exploit a mathematical overflow vulnerability in the system, exchanging a very small amount of tokens for a large amount of liquidity assets. The attack process mainly includes the following steps:
The attacker borrowed a large amount of haSUI through a flash loan, causing the pool price to plummet by 99.90%.
Open liquidity positions in a very narrow price range, with a range width of only 1.00496621%.
Use the overflow detection bypass vulnerability in checked_shlw of the get_delta_a function to declare a massive liquidity addition, but only actually pay 1 token.
Remove liquidity to obtain a large amount of haSUI and SUI tokens.
Repay the flash loan and complete the attack.
The attacker successfully profited approximately 230 million dollars, including various assets such as SUI, vSUI, and USDC. After the attack, part of the funds were transferred to an EVM address via a cross-chain bridge, including about 10 million dollars deposited into Suilend and 24,022,896 SUI transferred to a new address.
Fortunately, with the cooperation of the SUI Foundation and other ecosystem members, a total of 162 million dollars of stolen funds on SUI have now been successfully frozen.
Cetus has released a fix patch that mainly corrects the error mask and judgment conditions in the checked_shlw function, ensuring it can correctly detect overflow situations.
This attack highlights the dangers of mathematical overflow vulnerabilities. Developers should rigorously validate the boundary conditions of all mathematical functions in smart contract development to prevent similar attacks from occurring again.