Before Sui mainnet went live, the problem was discovered, and the foundation awarded a $500,000 prize for the find.
Smart-contract audit company CertiK received a $500,000 grant from the Sui Foundation for identifying a potential point of attack on the Sui network.
A hostile smart contract may take use of the Sui code’s infinite loop fault to send the blockchain’s nodes into an unending cycle, effectively disabling the network.
The HamsterWheel attack traps all nodes in an endless state of operation without processing new transactions, simulating a hamster wheel, in contrast to previous assaults that shut down chains by crashing nodes. This tactic has the potential to completely disable networks, effectively leaving them useless, according to a news release issued on Monday by CertiK.
The Sui Foundation reports that once the flaw was found, a group of developers deployed “two key measures that would reduce the potential impact of a similar issue in the future.” A comprehensive technical report will be released later, according to CertiK, who also stated that remedies for the defect have already been released.
Darius Goore, director of communications at the Sui Foundation, said, “We are quite happy that the program resulted in detecting and addressing this flaw well before Sui went live.
The first six weeks of Sui mainnet have been extremely seamless from an operational and security viewpoint, he continued, “thanks to the bug bounty program, but also a robust third-party audits program, and thorough internal testing.”
According to Kang Li, chief security officer at CertiK, “the discovery of the HamsterWheel attack demonstrates the evolving sophistication of threats to blockchain networks.”