In June 2025, Cetus Protocol, a decentralized exchange native to the Sui blockchain, successfully resumed operations following a significant security breach that occurred the previous month. The platform is now advancing plans to transition to a fully open-source model, reinforcing its commitment to security and community collaboration.
Overview of the Security Incident
On May 22, 2025, an attacker exploited a vulnerability in Cetus Protocol’s pricing mechanism, leading to the unauthorized withdrawal of tokens from its primary liquidity pools. The incident resulted in a total loss estimated at approximately $220 million.
Swift action by the development team helped isolate and freeze around $162 million of the affected funds shortly after the breach was detected. This proactive response played a critical role in mitigating the overall impact on users and the protocol.
Recovery and Relaunch Process
Following the security event, Cetus temporarily suspended its services to address the vulnerability and implement necessary upgrades. The team worked extensively to resolve the software flaw, restore accurate pricing data to affected pools, and conduct comprehensive security audits on all code improvements and contract updates.
On June 8, 2025, Cetus officially announced its relaunch, restoring full platform functionality. Users regained access to trading, liquidity management, and reward distribution features. The protocol reported liquidity recovery rates between 85% and 99% across previously impacted pools.
Compensation and Financial Support
To support affected users, Cetus allocated 15% of its token supply to a compensation fund. Of this, 5% was made immediately available at relaunch, with the remaining 10% scheduled for linear release over a 12-month period starting June 10, 2025.
The recovery effort was further reinforced by a $30 million USDC loan from the Sui Foundation, in addition to approximately $7 million from Cetus’s own cash reserves. These resources were deployed to ensure full coverage of user losses and stabilize the platform’s financial position.
Transition to Open Source and Community Efforts
As part of its renewed roadmap, Cetus is moving toward complete open-source development. The team introduced a bug bounty program and a revamped whitepaper to encourage community involvement in enhancing the protocol’s technical robustness and security.
This shift aims to leverage collective expertise in identifying potential issues and contributing to the platform’s long-term reliability. 👉 Explore more strategies for secure DeFi participation
Legal Actions and Fund Recovery
Cetus has initiated legal proceedings across multiple jurisdictions in pursuit of the remaining stolen funds. The frozen assets, initially held on the Sui blockchain, were securely transferred to a multi-signature trust wallet jointly managed by Cetus, the Sui Foundation, and cybersecurity firm OtterSec.
This measure ensures that the recovered funds are held in custody until they can be systematically returned to users, in accordance with the approved recovery plan.
Frequently Asked Questions
What is Cetus Protocol?
Cetus is a decentralized exchange and liquidity protocol operating on the Sui blockchain. It enables users to trade tokens, provide liquidity, and earn rewards through a decentralized automated market maker (AMM) model.
How were user funds protected after the breach?
The team quickly froze a significant portion of the affected assets and collaborated with the Sui Foundation and security auditors to secure the remaining funds. A compensation plan using token allocation and external loans was also implemented to make users whole.
When did Cetus resume full operations?
The platform officially restarted on June 8, 2025, after completing security upgrades and undergoing extensive testing. All core functions, including trading and liquidity provision, were restored at that time.
What does open-sourcing mean for Cetus?
Moving to an open-source model means that Cetus’s codebase will be publicly accessible, allowing developers and security experts to review, contribute, and help improve the protocol’s security and features.
Are the stolen funds fully recovered?
While a large proportion of funds were frozen and recovered, some remain unrecovered. Legal efforts are ongoing to retrieve the outstanding amount, and affected users have been compensated through the protocol’s recovery fund.
How can users participate in the bug bounty program?
Interested contributors can review the new whitepublished bounty program details on Cetus’s official communication channels. The program rewards those who identify vulnerabilities or suggest meaningful improvements.
Conclusion
The relaunch of Cetus Protocol marks a significant milestone in its recovery journey, highlighting the importance of rapid response, community support, and transparent communication in the decentralized finance space. With its move toward open-source development and strengthened security measures, Cetus aims to rebuild trust and continue providing a robust trading environment for its users.