Days after losing $223 million worth of crypto assets in a hack, decentralized finance (DeFi) platform Cetus has come up with a plan on how to compensate its affected users in full.
The team behind the platform, which operates on the Sui (SUI) blockchain, said that, using their cash and token treasuries, they're in a position to fully cover the stolen assets currently off-chain if the locked funds are recovered through an upcoming community vote.
"This includes a critical loan from the Sui Foundation, making a 100% recovery for all affected users possible," they added, "humbly" asking the Sui community for full support in a vote.
However, the team said that the recovery process will begin immediately after the vote, regardless of its outcome, while a more detailed plan is yet to be announced.
As reported by Cybernews.com, the Cetus hack raised concerns about the centralization of the project and the Sui blockchain, as $162 million of the stolen funds were "successfully paused."
Now, as the vote has already started and will run for another six days at most, the community needs to decide whether to perform a Sui protocol upgrade that reclaims all funds currently frozen in the two hacker accounts without a signature from the hackers.
"If the proposition is approved, the funds will be transferred and held in trust until they can be returned to accounts that had positions in Cetus," the Sui Foundation explained.
Meanwhile, in its incident report, Cetus said that on May 22nd, it experienced a sophisticated smart contract exploit targeting its liquidity pools, as the attacker exploited a vulnerability in one of its smart contracts stemming from a flaw in its open-source library.
"The flaw originated from a misunderstanding of the semantics of left-shift in the integer-mate open-source library, which the CLMM contract is dependent on," the team said, concluding that by leveraging this flaw and manipulating the pool’s mechanisms, the attacker "successfully drained a significant portion of assets across multiple iterations of the exploit."
Your email address will not be published. Required fields are markedmarked