SlowMist Uncovers How Cetus Lost $230M in Sophisticated Smart Contract Exploit

Blockchain security firm SlowMist has published a detailed technical breakdown of the $230 million exploit that targeted Cetus, a key liquidity provider on the SUI ecosystem.

The essence of the Cetus exploit lies in the misusage of the checked_shlw function during a liquidity addition operation. This function, designed for efficient multiplication in assembly code, has a limitation when dealing with large numbers, specifically in the context of a modular arithmetic system.

As explained by SlowMist, "In essence, the modular arithmetic system used in blockchain smart contracts operates within a limited range of numbers. When an operation, such as multiplication, results in a sum exceeding this range, a remainder is calculated by dividing the product by the modulus. This remainder, in turn, becomes the final result of the modular multiplication."

The researchers further noted that "the checked_shlw function is meant to perform a left shift and multiply operation, checking for overflow in the process. However, in a scenario where a very large multiplier is used with a small multiplicand, the multiplication itself might not overflow, but the addition of the original multiplicand to the final product might."

This anomaly, according to SlowMist, was exploited by the attacker to exchange just one token for an outsized share of liquidity, ultimately draining the pools.

"This was a precision-engineered mathematical exploit. The attacker exploited the edge cases of a vulnerable math function to extract liquidity worth billions from the protocol," the researchers concluded.

The incident led to a sharp decline in token pair values and liquidity depth across Cetus. In response, the Cetus team suspended the smart contract to prevent further loss and launched a full investigation.

SlowMist has advised developers to pay closer attention to boundary conditions in smart contract development. The firm highlighted that even low-level math operations require rigorous validation to prevent similar vulnerabilities.

"The exploitation of the checked_shlw function's behavior in specific boundary conditions to perform an addition operation and trigger an overflow in the final step of the liquidity addition operation is a sophisticated technique that underscores the importance of meticulous coding practices in blockchain security," the researchers said.

As of now, Cetus continues to work with third-party security experts to patch the exploit and assess recovery options. This attack adds to a growing list of high-profile DeFi breaches in 2025, highlighting the risks associated with complex on-chain protocols.