- Topic
18k Popularity
2k Popularity
2k Popularity
73k Popularity
21k Popularity
- Pin
- 🎉 The #CandyDrop Futures Challenge# is live — join now to share a 6 BTC prize pool!
📢 Post your futures trading experience on Gate Square with the event hashtag — $25 × 20 rewards are waiting!
🎁 $500 in futures trial vouchers up for grabs — 20 standout posts will win!
📅 Event Period: August 1, 2025, 15:00 – August 15, 2025, 19:00 (UTC+8)
👉 Event Link: https://www.gate.com/candy-drop/detail/BTC-98
Dare to trade. Dare to win. - 📢 Gate Square Exclusive: #WXTM Creative Contest# Is Now Live!
Celebrate CandyDrop Round 59 featuring MinoTari (WXTM) — compete for a 70,000 WXTM prize pool!
🎯 About MinoTari (WXTM)
Tari is a Rust-based blockchain protocol centered around digital assets.
It empowers creators to build new types of digital experiences and narratives.
With Tari, digitally scarce assets—like collectibles or in-game items—unlock new business opportunities for creators.
🎨 Event Period:
Aug 7, 2025, 09:00 – Aug 12, 2025, 16:00 (UTC)
📌 How to Participate:
Post original content on Gate Square related to WXTM or its - 🎉 Attention Alpha fans! Alpha’s latest TAG airdrop goes live today at 10 AM—first come, first served!
💰 Don’t forget to share your airdrop or points screenshot on Gate Square with the hashtag #ShowMyAlphaPoints# for a chance to win a share of the $200 token mystery box!
🥇 Top points winner: $100
✨ 5 outstanding posts: $20 each
📸 Pro tips:
Add a caption like “I earned ____ with Alpha. So worth it”
Share your points-earning tips or redemption experience for a better chance to win!
📅 Activity deadline: August 10, 18:00 UTC
Let’s go! See you tonight: https://www.gate.com/announcements/article - Hey fam—did you join yesterday’s [Show Your Alpha Points] event? Still not sure how to post your screenshot? No worries, here’s a super easy guide to help you win your share of the $200 mystery box prize!
📸 posting guide:
1️⃣ Open app and tap your [Avatar] on the homepage
2️⃣ Go to [Alpha Points] in the sidebar
3️⃣ You’ll see your latest points and airdrop status on this page!
👇 Step-by-step images attached—save it for later so you can post anytime!
🎁 Post your screenshot now with #ShowMyAlphaPoints# for a chance to win a share of $200 in prizes!
⚡ Airdrop reminder: Gate Alpha ES airdrop is - Gate Futures Trading Incentive Program is Live! Zero Barries to Share 50,000 ERA
Start trading and earn rewards — the more you trade, the more you earn!
New users enjoy a 20% bonus!
Join now:https://www.gate.com/campaigns/1692?pid=X&ch=NGhnNGTf
Event details: https://www.gate.com/announcements/article/46429
Cetus suffered an attack resulting in a loss of $230 million, raising alarm bells for the security of the SUI ecosystem.
Cetus Attacked, Loss Exceeds $230 Million
On May 22, the SUI ecosystem liquidity provider Cetus allegedly suffered an attack, with multiple trading pairs experiencing significant declines and the liquidity pool depth sharply decreasing, with estimated losses exceeding $230 million. Cetus subsequently issued a statement saying that it has suspended the smart contract and is investigating the incident.
The security team conducted an in-depth analysis of the attack, revealing the specific methods used by the attackers.
Attack Analysis
Attackers exploited system vulnerabilities by carefully constructing parameters to achieve operations that exchanged a very small amount of tokens for a huge amount of liquidity. The specific steps are as follows:
Borrowing a large amount of haSUI through flash loans caused the pool price to plummet by 99.90%.
Open liquidity positions in a very narrow price range, with a range width of only 1.00496621%.
Declares to add a huge amount of liquidity, but actually pays only 1 token A. This is the core of the attack, exploiting the overflow detection bypass vulnerability in the checked_shlw function of get_delta_a.
The system has a serious deviation when calculating the required haSUI amount, leading to a misjudgment that allows attackers to exchange a minimal amount of Tokens for a large quantity of liquidity assets.
Finally, remove liquidity to obtain huge token profits and complete the attack.
Project Party Fix
After the attack, Cetus quickly released a patch. The main fix addressed the error mask and judgment conditions in the checked_shlw function, ensuring that it can correctly detect situations that may lead to overflow.
Capital Flow Analysis
Attackers profited approximately $230 million, including various assets such as SUI, vSUI, and USDC. Some funds were transferred to EVM addresses via cross-chain bridges. Approximately $10 million in assets were deposited into Suilend, and 24 million SUI were transferred to a new address and have not yet been withdrawn.
Fortunately, the SUI Foundation and other relevant parties have successfully frozen approximately $162 million of the stolen funds on the SUI chain.
On the EVM chain, the attacker exchanged part of the funds for ETH and transferred 20,000 ETH to a new address. Currently, the balance of that address on Ethereum is 3,244 ETH.
Summary
This attack fully demonstrates the power of mathematical overflow vulnerabilities. The attacker achieved substantial profits by precisely calculating and selecting parameters, exploiting function defects in the smart contract. This serves as a reminder to developers that they must rigorously validate all boundary conditions of mathematical functions during contract development to prevent similar attacks.