Cetus promises that all tokens will be used for compensation, the protocol restart countdown, and the foundation loan details must be kept confidential

After Cetus Protocol suffered a major security incident, the team chose to take full responsibility and announced that 100% of the $CETUS tokens in their hands would be used to compensate the victims. Through an AMA that lasted several hours, Cetus co-founder Henry responded positively to concerns from all walks of life, including the restart schedule, compensation mechanism, governance plan and future development direction.

Review of hacker attack: more than $200 million in assets damaged

On the evening of May 22, the Cetus protocol was attacked by hackers who exploited a vulnerability in the open source function library that the contract relied on. Through Flashswap, adding and subtracting liquidity and other operations, they built false prices and fund pools, and successfully stole more than $220 million in assets. About $60 million of this amount flowed into Ethereum through multiple cross-chain bridges, and the remaining $160 million was successfully frozen on the chain after the team responded quickly and cooperated with Sui Validator.

After the incident broke out, the team quickly suspended the contract operation, notified all ecosystem partners, contacted multiple security vendors and called the police. Currently, the reporting procedures have been completed in many countries, including the United States and Singapore.

100% token investment, more than 85% of assets can be recovered

Regarding the compensation issue that users are most concerned about, the Cetus team clearly stated that the compensation will be sourced from protocol income, cash assets, and all $CETUS tokens held by the team. The compensation method adopts a multi-level mechanism, combined with the Sui Foundation's guaranteed loan, and deploys corresponding compensation contracts for different degrees of loss.

It is currently estimated that 85.7% to 96% of the assets can be directly compensated. If the frozen assets can be recovered through legal means, the overall recovery rate will be close to full. How to use the recovered assets in the future will also be decided by the DAO vote, including whether to repurchase, replenish the reserve pool or give back to the community.

Foundation loan support compensation plan: Not the rumored 60 million, details are still confidential

Regarding the details of the Sui Foundation loan, the Cetus team specifically clarified in an AMA: "The rumored figure of $60 million is not accurate." The actual amount and conditions are still within the scope of the confidentiality agreement (NDA) and cannot be disclosed to the public. However, the team emphasized that a clear consensus has been reached with the foundation that the loan will be part of the overall compensation mechanism to fill the gap of unrecovered assets and help the agreement pass the repair and restart phase smoothly.

As for whether it is an interest-free loan, whether it can be used as a repayment method, etc., the team is currently unable to disclose specific conditions. Henry said that the role of this fund is more like a "bridge loan", helping to provide liquidity support in the early stage of compensation. The protocol itself will still rely on cash assets, protocol income and future revenue as the main source of debt repayment, and will not issue new coins or dilute user rights.

The team does not retreat: Rapid rebound and restart after emotional breakdown

When asked if he had ever thought of giving up, Henry honestly said that the team did face emotional breakdown, anxiety and insomnia at the beginning of the incident, but they regrouped within 24 hours and all members entered a sleepless repair state. He emphasized: "This is not a project that can be withdrawn. This is a product we built from scratch. We must shoulder the responsibility to the end."

The team has invested 100% of the $CETUS tokens in the compensation plan, and no internal distribution will be reserved. In addition, if there is still a surplus in the protocol income, the tokens will be repurchased in the future and included in the community-managed Treasury, and the DAO will decide its use to ensure true decentralization.

Countdown to protocol restart: fully online within 24 hours

The Cetus protocol has entered the countdown phase for restart, and it is expected that all front-end and LP functions will be restored within 24 hours. Three key tasks will be completed before restarting: historical transaction data repair, liquidity injection, and security testing. Once all are completed, the official launch time will be announced as soon as possible.

In addition, the team has pledged to strengthen security, including full open source, establishing a white hat reward mechanism and building an internal risk control system to prevent similar vulnerabilities from happening again.

Compensation scope expanded: covering direct users and indirectly damaged agreements

Henry said that this incident affected not only Cetus users, but also many protocols integrated with its infrastructure. Therefore, the compensation plan will also include these indirect victims, and the scope and amount of subsidies will be confirmed one by one through the registration process.

Regarding the source of the vulnerability, Henry admitted that it was a logical flaw in the product design rather than a single contract vulnerability. In the future, the economic model verification and extreme attack simulation capabilities will be fundamentally strengthened.

DAO governance is not affected by token clearing and revenue will support the sustainability of the protocol

In response to questions about how to maintain operations and governance capabilities after "token clearing", the Cetus team provided data to illustrate: the average monthly revenue of the protocol in the past six months reached US$1.5 million, and the annualized revenue exceeded US$18 million, showing that even without relying on tokens, the protocol itself still has a stable cash flow.

DAO governance will continue to operate, and Cetus will gradually release governance rights to the community. Although the income of $xCETUS stakers may decline in the short term, it is still expected to return to a stable dividend mechanism in the medium and long term as revenue recovers.

Not just repair, but rebuild: market strategy, user confidence and ecological relationship are comprehensively upgraded

The team stated that this crisis is not only a safety issue, but also a comprehensive test of brand, trust and business model. Future strategies will include:

• Focus on new assets and new narratives, and introduce Blue Chip, Meme and GameFi;

• The technical layer continues to iterate to maintain Sui's leading position in products;

• Strengthen interaction with the community and external publicity to expand brand voice.

At the same time, Cetus also plans to introduce Launchpad to support new projects, design innovative incentive mechanisms, and continue to advance the Chinese and international markets.

Facing mistakes, choose to take responsibility: This is not crisis public relations, but a true self-salvation

Henry believes that the choice of full compensation is not out of pressure, but a moral responsibility to the protocol and the community. "Our motivation comes from our understanding and participation in the Sui ecosystem, not the tokens in our hands."

In the future, Cetus will no longer rely on token price support, but will use protocol revenue and product competitiveness as the cornerstone of long-term operations. It also plans to establish more preventive security mechanisms to promote a more stable development of the entire Sui ecosystem.

The official Google Chrome developer blog recently updated that Google Chrome has announced in a public forum on May 30, 2025 that it will remove the default trust in Chunghwa Telecom and Netlock. Officials from the Ministry of Digital Economy, the competent authority, also came forward to say that they had obtained the information at the beginning of the year, and since March, they have started the dual-certificate mechanism for government websites, using certificates issued by Taiwan's local certificate authority to ensure that government websites can continue to operate safely on all major browsers. What impact will this have? This article will help you analyze it.

Google: Chunghwa Telecom has made repeated mistakes and can no longer be trusted

Google Chrome said that according to the Chrome Root Program Policy, all certificate authorities (CAs) included in the Chrome Root Store must ensure that the overall value they bring to end users is greater than the risks of continued trust; at the same time, the actions of CA operators in disclosing or responding to security incidents are also one of Chrome's important evaluation indicators. If there are any omissions, Google expects CA operators to make specific and verifiable improvements and continue to improve their internal processes.

Google said that over the past year, it has observed "worrying patterns of behavior" from two CA companies, Chunghwa Telecom and Netlock, which not only affect their operational integrity, but also fail to meet the Chrome Root Project's requirements for credibility and transparency. Google pointed out that these situations have undermined the outside world's trust in the two companies as "default trusted certificate issuers."

Starting from August, a warning will appear when accessing websites using Chunghwa Telecom's TLS service

Google Chrome will default to distrusting new TLS certificates issued by Chunghwa Telecom starting August 1, 2025. This will happen in Chrome 139 and later on Windows, macOS, ChromeOS, Android, and Linux. Apple policy prohibits the use of Chrome Certificate Authenticator and the corresponding Chrome root store on Chrome for iOS.

If the website uses a certificate issued by Chunghwa Telecom after July 31, 2025, the following content will be displayed:

Google Chrome recommends that affected website operators migrate to other publicly trusted CA owners as soon as possible. If the existing certificate will expire after July 31, 2025, the action must be completed before the existing certificate expires.

The Ministry of Information and Communications: We have obtained information and started preparations at the beginning of the year to clarify that Chunghwa Telecom is not a cybersecurity issue

In response to this, officials from the Ministry of Digital Economy, the competent authority, stated that they had obtained this information at the beginning of the year. To prevent government websites from being affected, they launched a dual-certificate mechanism for government websites in March, using certificates issued by local certification agencies in Taiwan to ensure that government websites can continue to operate securely on all mainstream browsers, maintaining the stability and credibility of public digital services.

According to reports , the official added that Google's distrust of Chunghwa Telecom is not a matter of information security technology or standards, because the Transport Layer Security (TLS) certificates issued by Chunghwa Telecom are consistent with international standards and there are no security issues. The main reason is that Chunghwa Telecom's management and operations have not been handled properly. Chunghwa Telecom also stated that it will strive for Google to regain its trust in March next year.

Imagine that you have 100 ETH but cannot access it. A forgotten multi-chain vulnerability makes the funds vanish, but it is recovered a few hours later, becoming a rare "perfect reversal" in crypto security incidents. This incident occurred in the Safe multi-signature wallet, which not only highlights the risks of early contract design without considering multi-chain, but also proves once again the power of white hat teams to help users on the edge of darkness.

Lose your life savings with one button? Safe’s old version causes cross-chain confusion crisis

Yesterday, crypto user @khalo_0x posted that when he tried to transfer 100 ETH from the Ethereum mainnet to Base using the Safe official cross-chain bridge tool, he unexpectedly discovered that he could not control the funds on the target address. Although the address was the same, the corresponding Safe wallet on Base belonged to a completely different group of signers.

Lukas Schor from the Safe team explained that the root cause of this incident came from the Safe smart wallet version v1.1.1 that he had been using since 2020:

This version is not designed to be multi-chain compatible, so on other chains, anyone can deploy their own Safe contract at the same address. As long as certain conditions are met, they can " front-run the deployment" , causing funds to be mistakenly transferred to contracts controlled by others.

White hat deployment takes the lead: Protofire protects user funds in a low-key manner

When Khalo posted a message seeking assistance, Schor and engineer tschubotz.eth also quickly launched an investigation. They found that the address was deployed by the white hat hacker team Protofire , who had already discovered the potential cross-chain risks of the old version of Safe and proactively deployed hundreds of old Safe addresses on the Base chain in order to prevent black hat hackers from deploying them first and using them for fraud or theft.

After identity verification, Protofire immediately returned all 100 ETH to Khalo, bringing this incident that could have caused serious losses to a perfect end, and allowing the community to witness the significance of the white hat ecosystem at a critical moment.

A lesson learned from the Bybit incident: Safe security mechanism is put to the test again

Schor emphasized that this incident was an extreme case, which was caused by the lack of protection logic for multi-chain deployment in the previous version. The current version has ensured its consistency to avoid incorrect deployment. In addition, the official tool based on LIFI Protocol used for this cross-chain has been updated and an additional prompt mechanism will be added:

If the target chain already has code but the signer settings are different from those of this chain, a clear warning will be issued to prevent users from mistaking their accounts for those that fall into the trap.

However, we still remember a major security incident related to Safe earlier this year: the Bybit hack. Hackers stole $1.5 billion in assets by hacking into Safe developer devices and tampering with its front end. Although these two incidents are different in nature, they both reveal the core security challenges of Safe as a smart wallet.

(The truth behind the Bybit hacking incident is revealed: the front-end of the multi-signature wallet Safe was hacked and tampered with, and supply chain attacks are a concern again )

What can we learn from this incident? New issues of self-custody in the multi-chain future

Dragonfly partner @hosseeb described this incident as "one of the most exciting crypto stories in recent years", and emphasized that the hope of the crypto world does not lie in completely eliminating risks, but in someone choosing to do the right thing when risks come:

Hats off to Protofire and the Safe team, and all the white hat hackers who work hard to make the crypto world safer. Sometimes, crypto is not bad.

This loss and recovery incident reminds us: " Although crypto wallets bring sovereign control to users, they also come with higher self-custody risks. " As Khalo said: "After avoiding all scams for eight years, we lost to a UX error." This is not an isolated case, but the pain of the entire multi-chain ecosystem in its growth process.

Only with more complete protocol design, smarter early warning systems, and more people like Protofire can we truly move towards a crypto world that is safer and more user-friendly.