How did Sui "freeze" the Hacker Address? Is Decentralization a lie?

Original author: Haotian

Reprint: Oliver, Mars Finance

Many people are puzzled. After Sui officially stated that @CetusProtocol was attacked by hackers, the validator network coordinated to "freeze" the hacker's address, recovering 160 million dollars. How was this achieved? Is decentralization really a "lie"? Below, let's try to analyze this from a technical perspective:

· Cross-chain bridge transfer part: After the hacker attack was successful, part of the assets such as USDC was immediately transferred to other chains like Ethereum through the cross-chain bridge. This portion of the funds is irretrievable because once it leaves the Sui ecosystem, the validators are powerless.

· Part still on the Sui chain: A considerable amount of stolen funds remain stored in Sui addresses controlled by hackers. This portion of funds has become the target of "freezing."

According to the official announcement, "a large number of validators have identified the addresses of the stolen funds and are ignoring the transactions on these addresses."

How exactly can it be implemented?

1. Transaction filtering at the validator level - simply put, it's the collective "turning a blind eye" of the validators:

• Validators directly ignore transactions from hacker addresses at the transaction pool (mempool) stage;

• These trading techniques are technically completely valid, but they just won't get packaged onto the chain;

• The hacker's funds are thus "house-arrested" at the address;

2. The key mechanism of the Move object model - The object model of the Move language makes this "freezing" feasible:

• Transfers must be on-chain: Although hackers control a large amount of assets in the Sui address, to transfer these USDC, SUI, and other objects, a transaction must be initiated and confirmed by validators.

• Validators hold the power of life and death: if a validator refuses to package, the object will remain immovable forever;

• Result: The hacker nominally "owns" these assets, but in reality has no way to do anything with them.

It's like you have a bank card, but all ATMs refuse to serve you. The money is in the card, but you can't take it out. With the continuous monitoring and interference of SUI validation nodes (ATMs), SUI and other tokens in hacker addresses will be unable to circulate, making these stolen funds objectively seem like they have been "destroyed," effectively acting as a "deflationary" measure?

Of course, in addition to temporary coordination of validators, Sui may have a built-in deny list feature at the system level. If so, the process might be as follows: relevant authorities (such as the Sui Foundation or through governance) add the hacker's address to the system deny_list, and the validators execute according to this system rule, refusing to process transactions from blacklisted addresses.

Regardless of whether it is temporary coordination or execution according to system rules, it requires the majority of validators to act in unison. Clearly, the power distribution of Sui's validator network is still too centralized, with a few nodes able to control key decisions for the entire network. The issue of validator centralization in Sui is not unique to PoS chains—most PoS networks, from Ethereum to BSC, face similar risks of validator concentration, but Sui has made this problem more apparent this time.

How can a so-called decentralized network have such a strong centralization "freezing" capability?

What's worse is that Sui officials have stated that they will return the frozen funds to the pool, but if the validators truly "refuse to package the transactions," these funds should theoretically remain immobile forever. How does Sui manage to return them? This further challenges the decentralization characteristic of the Sui chain!

Is it true that, apart from a few centralized validators rejecting transactions, the authorities even have super permissions at the system level to directly modify asset ownership? (Sui needs to provide further details on "freezing") Before the specific details are disclosed, it is necessary to discuss the trade-offs regarding decentralization:

Is it necessarily a bad thing to sacrifice a bit of decentralization for emergency response intervention? If faced with a hacker attack, is it really what users want for the entire chain to be powerless?

What I want to say is that people naturally don't want money to fall into the hands of hackers, but what makes the market even more worried is that the freezing criteria are completely "subjective": what counts as "stolen funds"? Who defines it? Where are the boundaries? Freeze hackers today, freeze who tomorrow? As soon as this precedent is opened, the core anti-censorship value of the public chain will be completely bankrupt, which will inevitably cause damage to user trust. Decentralization is not black and white, and Sui has chosen a specific balance between user protection and decentralization. The key sticking point is the lack of transparent governance mechanisms and clear boundary standards. Most blockchain projects are making this trade-off at this stage, but users have the right to know the truth and not be misled by the label of "fully decentralized".