Sui awards $500k to CertiK for uncovering critical ‘HamsterWheel’ vulnerability
Sui awarded $500,000 to blockchain security firm CertiK for discovering a critical ‘HamsterWheel’ vulnerability on its network, according to a June 19 blog post.
In the blog post, CertiK’s Skyfall team detailed the technical aspects of the HamsterWheel attack, explaining how it would have negatively impacted Sui and how it was fixed.
Mysten Labs, Sui blockchain developers, was yet to respond to CryptoSlate’s request for comment as of press time.
HamsterWheel attack
The HamsterWheel vulnerability is a type of bug that could have caused the Sui network to be unable to process new transactions, causing a total network shutdown. CertiK wrote:
“This unique attack, different from previous known ones, allows an attacker to induce an infinite loop in the validator node by merely submitting a small payload of approximately 100 bytes. Moreover, this attack creates persistent damage that endures even after the validator network reboots.”
CertiK reported the vulnerability on April 27, and Sui fixed it on April 28. Sui designated the severity of the vulnerability as critical on April 30 and paid the $500,000 bug bounty reward on May 16.
Sui blockchain
Sui is a layer1 blockchain network built on Move that went live in May. Since its launch, the project has incentivized developers to build on its network and scored several partnerships, including its recent integration with OKX Web3 Wallet.
Data from Sui Explorer showed that the total number of active addresses on the network sits at 871,630, and its total daily addresses are 9,253. The network has processed over 13 million transaction blocks since its launch.
Additionally, 963 NFT collections have minted over 2 million NFTs on the network, with more than 460,000 holders, according to suivision data.
Meanwhile, the network has had its fair share of fraudulent projects, with one DEX, NemoSwap, misleading the public about its investors.
The SUI token trades at $0.75504 as of press time, according to CryptoSlate’s data. This is 46% down from its all-time high of $1.4.
The post Sui awards $500k to CertiK for uncovering critical ‘HamsterWheel’ vulnerability appeared first on CryptoSlate.