News View Non-AMP

SlowMist Breaks Down How a Tiny Code Flaw Led to Cetus’ $230M Collapse

Published by
Mustafa Mulla

On May 22, something alarming happened in the SUI blockchain world. Prices on the Cetus decentralized exchange (DEX) suddenly dropped, and its liquidity pools were drained. The total estimated loss was over $230 million.

That’s when SlowMist, a well-known blockchain security team, stepped in and launched an analysis of what they uncovered was both shocking and technical.

What’s the Real Problem?

According to SlowMist’s deep dive analysis, the core of the issue was a vulnerability in Cetus’ smart contract code, specifically, a function called checked_shlw that failed to properly detect an overflow in another function named get_delta_a.

Now, what actually mean in simple terms?

This bug caused the system to calculate token amounts incorrectly. It didn’t realize when the numbers got too big, so it assumed the attacker was adding a huge amount of liquidity, when in reality, they only added 1 token.

That tiny flaw gave the attacker a massive opportunity.

How the Attacker Took Advantage

Here’s how the attacker carried out the exploit, step by step:

Flash Loan Trigger: The attacker borrowed over 10 million haSUI tokens using a flash loan. This move caused the token price in the pool to drop by 99.9%.

Trick Setup: They then created a very narrow liquidity position — a tiny window in the price range — which made the system believe a huge amount of liquidity was being added.

The Exploit: Using the overflow flaw, they claimed to add trillions worth of liquidity, but only submitted 1 token. The contract didn’t catch the mismatch.

Cashing Out: The attacker removed the fake liquidity in three stages and repaid the flash loan.

Huge Profit: They walked away with 10 million haSUI and 5.7 million SUI, with almost no real investment.

SlowMist Warning To Defi Developers

This incident shows how a small coding mistake can lead to huge financial losses, especially in DeFi platforms where smart contracts run everything. 

According to SlowMist, if a critical function like checked_shlw doesn’t correctly detect errors like overflows, attackers can break the system logic entirely.

SlowMist warns all DeFi developers to double-check their math functions, especially in areas involving token calculations and liquidity formulas. One unchecked line of code was all it took to let someone walk away with millions.

FAQs

What caused the Cetus DEX exploit?

A bug in Cetus’ smart contract, specifically an overflow in the get_delta_a function undetected by checked_shlw, caused incorrect token calculations.

How did the attacker exploit Cetus DEX?

The attacker used a flash loan to drop prices, then exploited the overflow flaw to claim massive liquidity with minimal tokens, draining funds.

Mustafa Mulla

Mustafa has been writing about Blockchain and crypto since many years. He has previous trading experience and has been working in the Fintech industry since 2017.

Recent Posts

Pump.fun Confirms $1.3B ICO for $PUMP Token on July 12: Details

Pump.fun, a top-tier memecoin launchpad on the Solana (SOL) network, has confirmed the schedule of…

July 10, 2025

XRP Price Surges Amid Ripple’s Regulatory Push & Institutional Backing

XRP price has witnessed a sharp upward movement in recent sessions, driven primarily by a…

July 10, 2025

Tokenized Securities are Still Securities: SEC Commissioner Hester Pierce Says

Hester M. Peirce, a commissioner of the United States Securities and Exchange Commission (SEC), has…

July 9, 2025

Ruvi AI (RUVI) Gains Traction Among Smart Investors, Audit Success and Early Bonuses Fuel Bullish Outlook

The tech-savvy crypto community is abuzz with talk of Ruvi AI (RUVI), a token that…

July 9, 2025

These 4 Tokens Under $0.50 Will Flip $350 into $35000, Forget Dogecoin (DOGE)

Dogecoin (DOGE) might’ve kicked off the meme coin movement, but let’s face it—its best days…

July 9, 2025

Bitwise Names ETH, SOL, XRP, LINK as Top Tokenization Picks

Bitwise, a leading crypto asset manager, has identified Ethereum, Solana, XRP, and Chainlink as the…

July 9, 2025