CertiK Awarded $500K Bounty For Detecting Vulnerabilities On Sui
Key Points:
- CertiK uncovered a flaw in the freshly released Sui blockchain that threatened to shut down the network.
- An infinite loop problem in the Sui code caused the blockchain’s nodes to run in an unending cycle, thus halting the network.
- Sui received a $500,000 award for the crucial discovery.
Blockchain security company CertiK has discovered a vulnerability that could put Sui at risk of shutting down blockchain operations.
The “HamsterWheel” threat has the ability to interrupt the whole Sui Layer 1 chain. Unlike typical assaults that disrupt chains by crashing nodes, the HamsterWheel attack keeps all nodes operating indefinitely without processing new transactions as if they were on a hamster wheel. This method has the potential to paralyze large networks, essentially making them useless.
CertiK detected the aforementioned vulnerability on April 27, and the network side quickly issued a corrected version. On April 30, the network validated the severity of the aforementioned problem in person. Sui then gave CertiK a $500,000 bug reward.
The security company disclosed this severe vulnerability to Sui before of their mainnet launch and got confirmation from Sui of the possible network damage caused by the HamsterWheel attack. Sui quickly devised ways to reduce the potential impact of such assaults, recognizing the seriousness of the issue. Repairs have already been implemented to guarantee the SUI network’s security.
“The discovery of the HamsterWheel attack demonstrates the evolving sophistication of threats to blockchain networks. At CertiK, we are dedicated to staying at the forefront of security developments to ensure the safety and reliability of the Web3 world,” said Kang Li, Chief Security Officer at CertiK.
After the fault was discovered, a team of engineers implemented two essential procedures that would lessen the possible effect of a similar issue in the future, according to the Sui Foundation. CertiK verified that the fault has been fixed and promised to provide a detailed technical report later.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Harold
Coincu News