jakiro
Jessy, bitchain vision
On May 22, Sui Eco DEX Cetus was stolen from US$223 million.Of this, only $60 million was exchanged for ETH through the cross-chain bridge and entered the hacker’s pocket, while the remaining $162 million was frozen by the Sui Foundation’s coordination point.
On May 27, a community vote was launched to “to decide whether to implement a protocol upgrade to recover funds frozen in hacker-controlled accounts.”The final agreement was upgraded and 162 million yuan of funds were successfully recovered.
The Sui Foundation’s rapid response to the stolen incident and its rapid launch solution have also caused great controversy in the community. On the one hand, it recovered most of the funds to protect the interests of the stolen users. On the other hand, the way to recover is to force the asset ownership through node consensus. This is the first time that “private key transfer assets” has been realized at the public chain layer.
In the face of the interests of users, this operation that is so “bold” against the “decentralized spirit” has been ignored.
How is the transfer of assets without a private key?
On May 22, Sui Eco DEX Cetus was hacked for a low-level error in its code and lost $223 million.After the incident, US$162 million of the stolen funds were frozen by the Sui Foundation’s coordination verification node.
On May 27, the Sui Foundation promoted a community vote, which aims to decide whether to implement a protocol upgrade to recover funds frozen in hacker-controlled accounts.Finally, within 48 hours, 103 of 114 nodes participated in the voting, 99 votes were in favor, 2 votes against, and 2 abstentions, and 90.9% passed the proposal with a high vote.
The proposal also indicates that the Sui protocol upgrade will allow a specific address to conduct two transactions on behalf of the hacker address to facilitate the recovery of funds.These transactions will be designed and announced after the recovery address is finalized.The recovered assets will be kept in a multi-signature wallet controlled by OtterSec, the Sui Foundation and the Sui community.
At the level of protocol upgrade,address aliasing(Address alias) Function, specifically, the rules are defined in advance at the protocol layer: disguise a specific governance operation as a “legal signature of a hacker account”, and then the verification node recognizes the forged signature after upgrading, legalizing the transfer of frozen funds.The above makes it possible to force the asset ownership through node consensus without touching the private key (this is similar to the transfer of funds after the central bank freezes the bank account).
And how did the earliest frozen assets be achieved?Sui supports itDeny list(Freeze list) andRegulated tokens(Regulated token) function, this time it is to directly call the freeze interface to lock the hacker address.
Technical hidden dangers of powerful intervention left behind
Although this move recovered most of the frozen assets, it is also worrying, because the protocol upgrade, forcibly modifying the ownership of assets through node consensus, which also indicates that Sui official can replace any address for signature, thereby transferring the assets inside.
What is the constraint on whether Sui official can do this is not the smart contract code, but the node voting rights, and who can control the results of the node voting?That is nothing more than a big node where the foundation has capital control!In other words, Sui’s official stakeholders have the greatest voice, and even if they are voting, it is just a formality.
The user’s private key is no longer the absolute control credential of the asset. As long as the node agrees, the protocol layer can directly overwrite the private key permissions.
But on the other hand, this achieves an efficient asset recovery and rapid freezing of assets. Thanks to Sui’s built-in regulatory function, it can quickly stop losses. The voting was completed within 48 hours and the agreement was upgraded.
But in my opinionaddress aliasing functionA dangerous precedent was set – the “legal operation” of the protocol layer that can forge any address, which laid the technical foreshadowing for powerful intervention.
This series of operations of Sui’s recovery of funds are just when user interests conflict with the decentralization principle, the public chain party chooses to make decisions from the perspective of user interests.Whether it violates the principle of decentralization seems to be non-important to users and Sui. After all, when questioned, you can also respond that it is a “voting” decision.
