DAO Maker price

Author: Fourteen Jun   This event is a victory for capital, not users, and it is a regression for the development of the industry. Bitcoin to the left, Sui to the right, and every industry move that shakes up decentralization brings a stronger belief in Bitcoin. The world needs not just a better global financial infrastructure, but a group of people who will always need freedom. Once upon a time, the alliance chain was more prosperous than the public chain, because it met the regulatory needs of that era, and now the decline of the alliance actually means that it simply complies with this demand, not the needs of real users. 1. Background of the event On May 22, 2025, Cetus, the largest decentralized exchange (DEX) in the Sui public chain ecosystem, was attacked by hackers, causing a sharp drop in liquidity and the collapse of multiple trading pairs, resulting in a loss of more than $220 million. As of press time, the timeline is as follows: On the morning of May 22, hackers attacked Cetus to extract $230 million, and Cetus urgently suspended the contract and issued an announcement On the afternoon of May 22, the hacker transferred about $60 million across the chain, and the remaining $162 million was still in the Sui on-chain address, and the Sui validator node quickly took action to add the hacker's address to the "Deny List" and freeze the funds On the evening of May 22, Sui CPO @emanabio tweeted that the funds have been frozen, and the return will start soon On May 23, Cetus began fixing vulnerabilities and updating contracts On May 24th, Sui open-sourced the PR, explaining that it was about to recycle funds through aliasing and whitelist On May 26, Sui initiated an on-chain governance vote proposing whether to perform a protocol upgrade and transfer the hacked assets to an escrow address On May 29, the voting results were announced, and more than 2/3 of the validator nodes were weighted to support; The protocol upgrade is ready to be executed From May 30th to early June, the protocol upgrade took effect, the specified transaction hash was executed, and the hacked assets were "legally transferred" 2. Attack principle The principle of events is related, and there have been many statements in the industry, so here is only an overview of the core principles: From the perspective of attack flow: The attacker first used a flash loan to lend about 10,024,321.28 haSUI, which instantly lowered the price of the trading pool 99.90%。 This huge sell order brought the target pool price down from about 1.8956×10^19 to 1.8425×10^19, almost bottoming out. Subsequently, the attacker creates a liquidity position on Cetus with an extremely narrow range (Tick lower limit of 300000, upper limit of 300200, and interval width of only 1.00496621%). Such a narrow interval amplifies the impact of subsequent calculation errors on the number of tokens required. The core principle of the attack: There is an integer overflow vulnerability in the get_delta_a function that Cetus uses to calculate the required number of tokens. The attacker deliberately stated that he wanted to add a huge amount of liquidity (about 10^37 units), but in fact only put 1 token into the contract. Due to the wrong overflow detection condition of checked_shlw, the contract was truncated at a high level during the left-shift calculation, causing the system to seriously underestimate the amount of haSUI required, thus exchanging a huge amount of liquidity at a very small cost. Technically, the above vulnerability stems from Cetus using incorrect masks and judgment conditions in the Move smart contract, resulting in any value less than 0xffffffffffffffff << 192 being able to bypass detection; After moving 64 bits to the left, the high-level data is truncated, and the system only charges a very small number of tokens to consider that it has gained a lot of liquidity. After the incident, 2 official operations were derived: "Freezing" vs "Recovery", which is two phases: The freezing phase is completed by Deny List + node consensus; In the clawback stage, on-chain protocol upgrade + community voting + designated transaction execution is required to bypass the blacklist. 3. Sui's freezing mechanism There is a special Deny List mechanism in the Sui chain itself, which realizes the freezing of hacking funds. Not only that, but Sui's token standard also has a "regulated token" model with a built-in freezing function. This emergency freeze takes advantage of this feature: validator nodes quickly add addresses related to stolen funds in their local configuration files. Theoretically, each node operator can modify the TransactionDenyConfig to update the blacklist on their own, but in order to ensure network consistency, the Sui Foundation has centralized coordination as the original configuration publisher. The Foundation first officially released a configuration update containing the hacker's address, and the validator took effect synchronously according to the default configuration, so that the hacker's funds were temporarily "sealed" on the chain, which actually has a high degree of centralization behind it In order to rescue the victims from the frozen funds, the Sui team immediately launched a patch for the Whitelist mechanism. This is for subsequent transfers back of funds. Legitimate transactions can be constructed in advance and registered on the whitelist, even if the fund address is still on the blacklist, it can be enforced. This new feature transaction_allow_list_skip_all_checks allows specific transactions to be pre-added to the "checklist", allowing them to skip all security checks, including signatures, permissions, blacklists, etc. It is important to note that whitelisting patches do not directly steal hacker assets; It only gives certain transactions the ability to bypass the freeze, and the real asset transfer still needs to be done with a legal signature or additional system permission module. In fact, the mainstream freezing scheme in the industry often occurs at the token contract level, and is controlled by the issuer for multi-signature. Taking the USDT issued by Tether as an example, its contract has a built-in blacklist function, and the issuing company can freeze the offending address so that it cannot transfer USDT. This scheme requires multisig to initiate a freezing request on the chain, and the multisig is agreed before it is actually executed, so there is an execution delay. Although the Tether freezing mechanism is effective, statistics show that there is often a "window period" in the multi-signature process, leaving opportunities for criminals to take advantage of. In contrast, Sui's freeze occurs at the underlying protocol level, is collectively operated by validator nodes, and is executed much faster than normal contract calls. In this model, to be fast enough, it means that the management of these validator nodes themselves is highly uniform. 3. Sui's "transfer recycling" implementation principle What's even more amazing is that Sui not only froze the hacker's assets, but also planned to "transfer and recover" the stolen funds through on-chain upgrades. On May 27, Cetus proposed a community vote to upgrade the protocol to send frozen funds to a multisig custodial wallet. The Sui Foundation then initiated an on-chain governance vote. On May 29, the results of the vote were announced, and about 90.9% of the validators supported the scheme. Sui officially announced that once the proposal is approved, "all funds frozen in the two hacker accounts will be recovered to a multisig wallet without the hacker's signature". There is no need for a hacker to sign, which is such a difference that there has never been such a fix in the blockchain industry. As can be seen from Sui's official GitHub PR, the protocol introduces an address aliasing mechanism. The upgrade includes pre-specifying alias rules in ProtocolConfig so that certain permitted transactions can be treated as if the legitimate signature was sent from a hacked account. Specifically, a hashlist of rescue transactions to be executed is tied to a destination address (i.e., a hacker address), and any executor who signs and publishes a summary of these fixed transactions is considered to have initiated the transaction as a valid hacker address owner. For these specific transactions, the validator node system bypasses the Deny List check. At the code level, Sui adds the following judgment to the transaction validation logic: when a transaction is blocked by the blacklist, the system iterates through its signer to check whether protocol_config.is_tx_allowed_via_aliasing(sender, signer, tx_digest) is true. As long as a signer satisfies the alias rule, that is, the transaction is allowed to pass, the previous interception error is ignored and the normal package execution continues. 4. Point of view 160 million, tearing apart is the deepest underlying belief in the industry From the author's personal point of view, this may be a storm that will pass soon, but this model will not be forgotten, because it subverts the foundation of the industry and breaks the traditional consensus that blockchain cannot be tampered with under the same set of ledgers. In blockchain design, the contract is the law, and the code is the referee. But in this case, the code failed, governance interfered, and power overrode the pattern, forming a pattern of voting behavior adjudicating code results. This is because Sui's direct appropriation of transactions is very different from the handling of hackers on mainstream blockchains. This is not the first time that consensus has been tampered with, but it has been the most silent Historically: Ethereum's 2016 The DAO incident used a hard fork to roll back transfers to cover losses, but this decision led to the split between Ethereum and Ethereum Classic, which was controversial, but ultimately different groups formed different consensus beliefs. The Bitcoin community has experienced similar technical challenges: the 2010 value spillover vulnerability was urgently fixed by developers and the consensus rules were upgraded, completely erasing some 18.4 billion illegally generated bitcoins. It's the same hard fork model, rolling back the ledger to the point where it was before the problem, and then the user can still decide which ledger system to continue using under the issue. Compared with the DAO hard fork, Sui did not choose to split the chain, but targeted this event accurately by upgrading the protocol and configuring aliases. In doing so, Sui maintains the continuity of the chain and most of the consensus rules, but also shows that the underlying protocol can be used to implement targeted "rescue operations". The problem is that historically, the "forked rollback" is a user's choice of faith; Sui's "protocol correction" is that the chain makes the decision for you. Not Your Key, Not Your Coin？ I'm afraid not anymore. In the long run, this means that the idea of "not your keys, not your coins" is dismantled on the Sui chain: even if the user's private key is intact, the network can still block the flow of assets and redirect them through collective agreement changes. If this becomes a precedent for blockchain to respond to large-scale security incidents in the future, it is even considered to be a practice that can be followed again. "When a chain can break rules for the sake of justice, it has a precedent for breaking any rules." Once there is a success of "public welfare money grabbing", the next time it may be an operation in the "moral ambiguity". So what happens? The hacker did steal the user's money, so can the crowd vote rob him of his money? Vote based on whose money is more (pos) or more people? If the one with more money wins, then Liu Cixin's final producer will come soon, and if the one with more people wins, then the group rabble will also be loud. Under the traditional system, it is very normal for illegal gains to be unprotected, and freezing and transferring are the routine operations of traditional banks. But the fact that this cannot be done technically is not the root of the development of the blockchain industry. Now the stick of industry compliance is continuing to ferment, today you can freeze for hackers and modify the account balance, then tomorrow you can do arbitrary modifications for geographical factors and contradictory factors. If the chain becomes part of the regional tool. The value of that industry has been greatly reduced, and at best it is a more difficult financial system. This is also the reason why the author is firmly committed to the industry: "Blockchain is not valuable because it cannot be frozen, but because even if you hate it, it will not change for you." Regulatory trends, can the chain keep its soul? Once upon a time, the alliance chain was more prosperous than the public chain, because it met the regulatory needs of that era, and now the decline of the alliance actually means that it simply complies with this demand, not the needs of real users. From the perspective of industry development Efficient centralization, is it a necessary stage in the development of blockchain? If the ultimate goal of decentralization is to protect the interests of users, can we tolerate centralization as a means of transition? The word "democracy", in the context of on-chain governance, is actually token weighted. So if a hacker holds a large amount of SUI (or one day the DAO is hacked, and the hacker controls the votes), can they also "legally vote to launder themselves"? In the end, the value of blockchain is not whether it can be frozen, but whether the group chooses not to do so even if it has the ability to freeze. The future of a chain is not determined by the technical architecture, but by the set of beliefs it chooses to protect.

The required amount, LOL

🚨 NEW SHO - 0xFútbol is LIVE! ⚽️ Join here: To celebrate, we’re giving away FREE DAO TOKENS on 🎁 ✅ Join the 0xFútbol sale ✅ Instantly get +100% bonus on Shakebox ✅ Rewards are yours to keep — even if you refund! 🔹 Public Round: Deposit a minimum of 75 USDC, get 500 DAO bonus 🔹 Private Round: Deposit a minimum of 500 DAO, get +500 DAO bonus 🛡️ 3-day refund window — no risk, just rewards! 🔗 Details:

$135k in DAO earnings today

🚨 New Proof of Vision episode for you folks today: In our 14th PoV episode, our Director of Protocol Services, @0xKmack, had on @nomos_paradox, Founder of Chroincle Protocol, & one of the designers of Maker's first Ethereum oracle... Chronicle Protocol is a blockchain-agnostic oracle infrastructure originally developed out of the MakerDAO ecosystem. Chronicle aims to deliver transparent, verifiable on-chain data at high scale. In this episode, we get into Chronicle's origins, Niklas's tokenomics thought processes, and more... Have a listen 👇 ⏲ Timestamps: 0:00 - Background on Niklas 08:09 - Origins of Chronicle 18:09 - What Makes Chronicle Stand Out? 29:07 - Chronicle's Business Model 43:38 - RWAs & Oracle Implementation 45:37 - Chronicle's Role in Evolving DeFi Landscape 53:08 - Chronicle Token Utility