Cetus Protocol, a decentralized exchange (DEX) native to the Sui blockchain, has recently relaunched its platform following a massive $223 million exploit that occurred on May 22, 2025. The platform, which also operates on the Aptos blockchain, suffered a significant blow when an attacker exploited a vulnerability in its smart contracts, leading to substantial financial losses. In the wake of the incident, Cetus is now considering a move towards becoming open-source, aiming to enhance transparency and community-driven security.

The exploit targeted a flaw in an open-source library used by Cetus' Concentrated Liquidity Market Maker (CLMM) smart contract. The attacker manipulated pool prices using a flash swap, exploiting an overflow check error. This allowed them to inject artificially large liquidity value with a minimal amount of tokens and repeatedly remove liquidity to siphon assets. The attack resulted in approximately $260 million in digital assets being stolen, causing the Sui token price to drop by about 15%.

In response to the breach, the Cetus team acted swiftly to suspend smart contract operations, preventing further losses. They collaborated with the Sui Foundation and validators to identify and freeze the attacker's wallet addresses, managing to secure around $162 million of the compromised assets. However, a significant portion of the stolen funds, roughly $60 million, had already been bridged to Ethereum and laundered through various wallets.

Cetus has since been working on a recovery and compensation strategy, with Sui validators approving a governance vote to transfer the frozen assets to a Cetus-managed multisig wallet. This multisig wallet is jointly controlled by Cetus, the Sui Foundation, and OtterSec. The protocol has relaunched, restoring the platform to full functionality and replenishing affected pools with 85% to 99% of their original liquidity. The recovery rate for affected liquidity providers (LPs) ranges between 85% and 99%, with the remainder to be returned as CETUS tokens over 12 months. The relaunch was supported by a $30 million USDC loan from the Sui foundation and Cetus' cash reserves worth $7 million.

Looking ahead, Cetus Protocol is planning to bolster its security measures. These plans include initiating additional comprehensive audits, upgrading the protocol's real-time monitoring system, and launching a new white-hat bounty program. The protocol also intends to revise its roadmap for upcoming product features.

The incident has highlighted the risks associated with relying on open-source libraries, as the exploited math library contained a hidden flaw that multiple audits failed to detect. This has prompted Cetus to consider becoming open-source itself. The move is aimed at increasing transparency and enabling the community to contribute to the protocol's security. By opening up its code, Cetus hopes to leverage the collective intelligence of the developer community to identify and address potential vulnerabilities more effectively.

Cetus is also pursuing legal action against the attacker, who ignored the protocol's attempts to negotiate and has begun laundering the stolen assets. The protocol has expressed confidence that the attacker will be apprehended and the remaining assets recovered.

The exploit and subsequent recovery have had a significant impact on Cetus' native token, CETUS, which has fallen by around 44% since the day before the attack. Despite this, the relaunch of the platform and the ongoing efforts to enhance security demonstrate Cetus' commitment to restoring confidence in its platform and the broader Sui ecosystem.