• Advertise with us
  • Pricing
  • Submit News
Instagram Twitter Facebook Telegram Youtube Linkedin
EdaFace Newsfeed
EdaFace Newsfeed EdaFace
  • News
    • Price Analysis

    Main News

    • Crypto News
    • Bitcoin and BTC
    • Altcoin News
    • Security & Hacks
    • ICO & Token Sales
    • Interviews & Profiles

    Information

    • Press Release
    • Research Report
    • Regulations, Law & Policy
    • Community/Guest Post
    • Events & Conferences
    • Tutorials & Guides

    Market

    • Technical Analysis
    • Price Analysis
    • Cryptocurrency Price Prediction
    • DeFi (Decentralized Finance)
    • Mining & Staking

    Other Categories

    • NFTs & Digital Art
    • Opinion & Editorials
    • Tech Innovations
  • Cryptocurrencies
    • Coin Ranking
    • Trending
    • EDA Token
  • Exchanges
    • Spot
    • Derivatives
    • DEX
    • EDA Plantation
  • Verification Centre
    • Rug Pull Check
    • Blockchain Ecosystem
    • EDA Token
  • MarketPlaces
    • NFT Marketplace
    • Digital Literature
    • Digital Mall
    • P2P Market
    • Metaverse
  • EDA Academy
More
  • News
    • Price Analysis
  • Cryptocurrencies
    • Coin Ranking
    • Trending
    • EDA Token
  • Exchanges
    • Spot
    • Derivatives
    • DEX
    • EDA Plantation
  • Verification Centre
    • Rug Pull Check
    • Blockchain Ecosystem
    • EDA Token
  • MarketPlaces
    • NFT Marketplace
    • Digital Literature
    • Digital Mall
    • P2P Market
    • Metaverse
  • EDA Academy
Reading: SlowMist Breaks Down How a Tiny Code Flaw Led to Cetus’ $230M Collapse
Share
Sign In
EdaFace Newsfeed
EdaFace Newsfeed EdaFace
EdaFace Newsfeed > Latest News > Crypto News > SlowMist Breaks Down How a Tiny Code Flaw Led to Cetus’ $230M Collapse
Crypto News

SlowMist Breaks Down How a Tiny Code Flaw Led to Cetus’ $230M Collapse

vitalclick
Last updated: May 26, 2025 8:48 am
2 days ago
Share
SHARE

Contents
What’s the Real Problem?How the Attacker Took AdvantageSlowMist Warning To Defi Developers 

On May 22, something alarming happened in the SUI blockchain world. Prices on the Cetus decentralized exchange (DEX) suddenly dropped, and its liquidity pools were drained. The total estimated loss was over $230 million.

That’s when SlowMist, a well-known blockchain security team, stepped in and launched an analysis of what they uncovered was both shocking and technical.

What’s the Real Problem?

According to SlowMist’s deep dive analysis, the core of the issue was a vulnerability in Cetus’ smart contract code, specifically, a function called checked_shlw that failed to properly detect an overflow in another function named get_delta_a.

Now, what actually mean in simple terms?

This bug caused the system to calculate token amounts incorrectly. It didn’t realize when the numbers got too big, so it assumed the attacker was adding a huge amount of liquidity, when in reality, they only added 1 token.

That tiny flaw gave the attacker a massive opportunity.

How the Attacker Took Advantage

Here’s how the attacker carried out the exploit, step by step:

Flash Loan Trigger: The attacker borrowed over 10 million haSUI tokens using a flash loan. This move caused the token price in the pool to drop by 99.9%.

Trick Setup: They then created a very narrow liquidity position — a tiny window in the price range — which made the system believe a huge amount of liquidity was being added.

The Exploit: Using the overflow flaw, they claimed to add trillions worth of liquidity, but only submitted 1 token. The contract didn’t catch the mismatch.

Cashing Out: The attacker removed the fake liquidity in three stages and repaid the flash loan.

Huge Profit: They walked away with 10 million haSUI and 5.7 million SUI, with almost no real investment.

SlowMist Warning To Defi Developers 

This incident shows how a small coding mistake can lead to huge financial losses, especially in DeFi platforms where smart contracts run everything. 

According to SlowMist, if a critical function like checked_shlw doesn’t correctly detect errors like overflows, attackers can break the system logic entirely.

SlowMist warns all DeFi developers to double-check their math functions, especially in areas involving token calculations and liquidity formulas. One unchecked line of code was all it took to let someone walk away with millions.

You Might Also Like

Tick ​​tock! The secret calendar works in Bitcoin and Altcoins, the expectation of crypto writing rise is strengthened

$120K Rally or $78K Drop – What’s Next?

Can the SEC Bounce Back After New Appeal Deadline?

Gloomy Picture for Spot Bitcoin and Ethereum ETFs! Inflows Give Way to Outflows!

Can BNB Hit $2,800? Standard Chartered’s Crypto Prediction Will Get You Thinking

TAGGED:CryptoNews
Share This Article
Facebook Twitter Email Print
Previous Article SpacePay’s APK Integration Could Be the Game-Changer for Traditional POS Systems: Presale Offer Early Opportunity
Next Article Ethereum Price Eyes Breakout to $3k, Amid Dollar Weakness?
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Crypto Live Widget

Follow for Live Updates
Subscribe to our newslettern

Get Newest Articles Instantly!

- Advertisement -
Ad imageAd image
Popular News
Cryptocurrency Regulation in Russia : Blockchain Development
Current Cryptocurrency Regulations in India
Explore Cryptocurrency Regulation in South Korea
2 Altcoins Win Trial
Claimed Bitcoin Inventor Craig Wright Gets Shocked in Court! His Assets Are Frozen

Company

  • Vision
  • Mission
  • LitePaper
  • Whitepaper
  • Core Values
  • Branding
  • Teams
  • Career Listing
  • FAQ
  • Welfare Donations

Products

  • EDA Token
  • Blockchain Literature
  • EdaFace Dex
  • EdaFace Mall
  • Listing Platforms
  • Newsfeed
  • NFT Marketplace
  • P2P Market
  • Scam Verification Centre
  • School of Crypto

Legal

  • Term of Use
  • Privacy Policy
  • Disclaimer
  • Listing T&C
  • Listing Platforms
  • Eda Token Policy

Always Stay Up to Date

Subscribe to our newsletter to get our newest articles instantly!

EdaFace

About US

EdaFace is a user interface aggregator that brings all the various functionalities of the crypto industry onto a single platform! You can advertise, launch and crowdfund your crypto project via EdaFace Launchpad and Newsfeed.

Contact us: support@edaface.com

Follow us

Instagram Twitter Facebook Telegram Youtube Linkedin

Copyright © 2022 – 2024. EdaFace is a product of Emerging Digital Age (EDA) Pty Ltd. All Rights Reserved.

Join Us!
Subscribe to our newsletter and never miss our latest news, podcasts etc..

Zero spam, Unsubscribe at any time.
EdaFace
Welcome Back!

Sign in to your account

Lost your password?