100% compensation, Cetus apologized 69 times in an hour and a half On Friday night at 9 o'clock, I was supposed to go fooling around when I saw Shen Chao pulling Cetus to open an AMA. I need to listen to this. I wrote two articles about this incident, both focusing on the governance process, but didn't mention Cetus much. What about feeding sheep? Just wait for them to disclose the details. Let's sneak in! ⬇️ To be honest, I came to listen to AMA with a critical mindset: I want to see how they explain their low-level mistakes, how they explain the governance process strongly promoted by the foundation, and how they explain how to restore confidence to Sui users in the future... Half eating the melon, half nitpicking, yes, that's the mentality. But after listening for an hour and a half, my heart melted, no, it was influenced. I gradually lost myself in the sound of "sorry", "sorry", "it's our fault", "we must learn from it"... Let's start with the key points: Restart LP pool and other services within 24 hours 85.7% to 96% of user assets can be directly compensated All 100% CETUS held by the team will be used for compensation Over the past 6 months, the average monthly agreement income has been 1.5m, with an annualized income of 18m The loan details of the foundation have not been disclosed, and Cetus is working to repay the loan The team, under pressure, takes responsibility with practical actions, promises not to evade or shift blame, and the compensation, safety upgrades, and governance improvements are also well-organized. It is a very mature team performance. one ️⃣ Compensation and Details On the surface, the funding gap appears to be the $60 million that was stolen by hackers across the chain, but the actual losses caused by the impact are far more than that. The first priority for compensation is definitely user assets. According to AMA, 85.7% to 96% of user assets can be directly compensated, and the remaining portion can gradually approach 100% after asset recovery. What kind of compensation? Cetus Agreement Current and Future Revenue Cash held by the team 100% Cetus tokens held by the team In terms of income, in the six months before the incident, @ CetuSProtocol earned approximately $1.5 million in monthly protocol revenue, which amounts to $18 million per year. The team holds unknown cash, and both of these are actual "money" that will be repurchased from Cetus, Sui, or other assets to compensate users. Surprisingly, the team took out 100% of their Cetus tokens (including those that were not unlocked) as compensation. I checked and found that the team and advisors account for 20%, which will be unlocked until the end of 2026. Calculated based on MC's $100 million, this is $20 million... Ah, the team is really bleeding. By the way, according to this ratio, the Sui Foundation should have provided a loan of approximately 30 million US dollars. Although Henry @ henrybuild said the agreement was confidential and not disclosed, after calculation, they basically knew. This money also needs to be repaid, and the interest is still unknown. Assuming Cetus can restore its current operational level, without eating or drinking, the team would have to work for three and a half years. Wow, if it were you, would you choose to work in prison for three and a half years and lose money, or just run away? How to compensate? It's not something that can be achieved overnight, it definitely needs to be done in batches. Compensation is much more complex than theft. Leaving aside the intricate assets and accounts damaged by hundreds of thousands of dollars, can they directly compensate by smashing coins? Definitely not, there are still many unlocked tokens here. So I don't expect it to be so fast. We should first give a clear number and then cooperate with the operation to attract some true fans to continue supporting the agreement, and strive to give them more rewards. However, the premise is clear: no new assets will be issued. two ️⃣ Destruction and Reconstruction Compensation is not the end, it's just the beginning. As I mentioned before, Cetus has had a significant impact on the Sui ecosystem, not only because it is a leading DEX with deep roots and abundant liquidity that connects all Sui DiFi ecosystems, but also because Cetus provides the earliest and most widely used Dex code repository, making many contributions to the development of Move code. In addition, almost all transaction aggregation projects involving Sui, including Binance Alpha, are still being completed by Cetus, which is essentially Sui's largest DeFi infrastructure. To put it simply, the entire foundation of Sui DeFi is largely built upon the technical framework of Cetus. If we look at it from a holistic perspective, losing money is really a small matter, and it makes sense for the Sui Foundation to be in a hurry. This is not about money, it's about losing their lifeline. What is visible is the emergency suspension agreement of Cetus, but what is invisible is that they still need to notify and find the team/project using their own technology to coordinate how to handle it. This is both an obligation and a responsibility, so behind the scenes, the team has indeed put in tremendous effort, not just for Cetus himself. Perhaps, when dealing with these, they are all enduring huge emotional differences and psychological pressures, without avoiding them. Let me give you some respect first. What about governance if the team takes out all their tokens? It's also interesting here, @ KaMiaoRich teacher's questions are very exciting. I think the team's answer here is a bit vague. If there is 100% DPoS governance and the team doesn't have any coins in their hands, no matter how much coordination is done, it will be dangerous. I can understand that community unity is important at critical junctures, but... let's just put it bluntly, work hard to make money and find ways to repurchase. In special circumstances, adjust the governance decision-making process first, and then actively seek community support. This is the only way. Haotian @ tmel0211 and Fengwuxiang @ 0xFeng teachers also raised questions about subsequent reconstruction from the perspectives of security experts and DeFi experts, respectively. This part of the feeling is a painful reflection, I was hit and really know where I went wrong. This time being hacked is not a simple function issue, but a major problem at the technical and operational boundaries. Previously, Cetus lived a very prosperous life, relying too much on audit companies for security and neglecting major issues in operation and maintenance logic. This time, through expert introduction, open source code, white hat rewards, and other methods, we have also managed to improve security. // Is this a violation of the decentralized concept? I'll put this at the end of the conversation to avoid being criticized again. Talk about ideals after eating enough, and discuss concepts after completing user compensation. The team does not believe that freezing assets through node governance voting is centralization, but rather a necessary decision to minimize user losses at present. I agree. My previous focus was not on this, but on the execution details. These Sui foundations have handled them very well, including node voting, open and transparent proposals, and transparent execution processes. This is already very good. My focus is, how was all of this achieved? Bypassing the private key is a technical fact that even the Heavenly King Laozi cannot change. But through today's AMA, I found that when I wrote it before, I did not emphasize a basic fact: Sui or Move language allows this to happen at the beginning of this chain, in case of special situations. So discussing decentralization here is no longer appropriate in the eyes of most people. Is Solana decentralized? Is BNBChain decentralized? Is Base decentralized? Today, decentralization has become a technological ideal, while permissionless may become a secondary code of conduct. As an ordinary user, like those who criticize me, I also vote with my feet: Dare to take responsibility, protect user assets, do not evade, do not shirk responsibility, no matter what you do, support first before making decisions. <End of Full Text>