Sui Validators Vote to Restore $162 Million to Hacked Cetus Users

Sui validators voted overwhelmingly to restore $162 million in stolen funds to the Cetus Protocol.

The Sui blockchain’s decentralized exchange (DEX) was exploited for $223 million on May 22, but the attacker didn’t move fast enough to exchange their ill-gotten gains, and fast-acting Sui validators were able to freeze the lion’s share of it.

In a governance vote that concluded on May 29, validators representing more than 90% of the staked funds voted to implement a hard fork of the Sui blockchain, returning the frozen $162 million to its rightful owners.

The vote, which was scheduled for a week, was cut short after just two days due to the overwhelming support for the restoration plan. Less than one percent of the validators voted against the proposal, likely due to concerns over decentralization.

Between its treasury and a loan from the Sui Foundation, Cetus Protocol was able to promise a total restoration of funds drained from its CLMM liquidity pool.

“Cetus is aiming to complete its full recovery and restart in approximately one week, which will include data restoration, restarting the upgraded CLMM contract, and fully resuming all paused product functions,” the protocol said on X.

The recovered funds will be transferred to a multi-signature wallet before being returned to the affected users.

Remember the DAO

With the vote over, it’s important to look at its implications.

The Sui vote brings up memories of the DAO hack and its divisive vote to reboot Ethereum. In that case, the goal was to recover $150 million that had been raised for a venture capital fund, which would be governed by the votes of the decentralized autonomous organization (DAO).

That vote was so contentious that it led to a schism, causing the creation of the Ethereum Classic blockchain by individuals who objected to the idea of altering the blockchain’s outcome for any reason.

“The concern is the precedent it sets,” said Aryan Sheikhalian, head of research at venture capital firm CMT Digital. “‘Freeze first, govern later’ introduces blurred lines around immutability and opens the door for future interventions that may not be as justifiable. Without clear, pre-established protocols for handling emergencies, networks are forced into reactive governance that can erode long-term trust. It also puts pressure on validators to act as arbiters of last resort, which is risky in the absence of formalized community processes.”

Calling it “Sui’s DAO hack moment,” Sheikhalian said that like Ethereum in 2016, Sui’s validators “chose pragmatism over ideological purity.”

The real risk, he said, is what happens next time, and the time after that.

“Doing so repeatedly without building guardrails risks undermining the very properties that make blockchains resilient,” Sheikhalian said.

What it wasn’t, he added, was a threat to decentralization, as it was simply validators reaching social consensus.

“These kinds of decisions are exactly why social consensus exists. If validators had acted for less consensus-driven reasons, like responding to a government request, that would have been a different story,” Sheikhalian concluded.