Cetus Protocol has released its most detailed statement since the exploit that resulted in the loss of over $220 million. The update, published in a Q&A format, covers the current status of funds, the recovery process, and the technical efforts underway to restore normal operations. The team addressed widespread community concerns while emphasizing its commitment to transparency and user fund recovery.
We’ve covered the exploit of Cetus Protocol in detail in this article.
Read also: Cetus Releases Full Incident Report After The Exploit
Table of Contents
Status of Affected Funds
According to the update, the stolen assets are split between funds still within the Sui blockchain and others that have been bridged to Ethereum. The on-chain funds, totaling approximately $162 million, have been frozen through the cooperation of Sui validators. Cetus is now pursuing two parallel strategies for these assets: a community-approved on-chain vote to authorize recovery, or a whitehat agreement with the attacker.
The assets moved off-chain, valued at roughly $60 million, are under active investigation. Cetus is working with external cybersecurity experts and law enforcement to track these funds and explore options for recovery. No final decision has yet been made on the off-chain portion, but the team confirmed updates will follow once further actions are determined.
Protocol Operations and Data Recovery
Cetus stated that data recovery is currently in progress and could take “several tens of hours” to complete. The team is working to restore accurate user position data, which is a necessary step before full liquidity pool operations can resume. In the meantime, the Cetus aggregator service is already back online, supporting swaps through external liquidity providers like Phantom and Binance Alpha.
Some CLMM (concentrated liquidity market maker) pools, which were not affected by the exploit, will be restored first. The protocol’s restoration timeline will depend on the completion of accurate data reconciliation and verification across affected pools.
Coordination and Communication
The update acknowledged the community’s calls for more detailed and timely announcements. The team explained that coordination with the Sui Foundation and other stakeholders has delayed formal communications, as key recovery plans require consensus before being made public.
Cetus emphasized that its team has been working non-stop since the incident. Their focus areas include negotiating with the attacker, building legal cases with supporting evidence, repairing protocol data, and modeling compensation scenarios. The team is also collaborating with Sui validators to organize a network-wide vote on a proposed protocol upgrade, which would enable the return of frozen on-chain funds.
Commitment to Recovery and Compensation
Cetus reaffirmed its commitment to recovering user funds. The team stated it will dedicate all available financial resources to compensate users, with final plans dependent on how much can be recovered. Recovery and compensation models are currently under development and will be shared once a clearer picture of fund availability emerges.
To move forward, Cetus is urging Sui validators to initiate the on-chain vote that would authorize fund recovery from the attacker’s frozen addresses. The proposal would require consensus from validators and SUI stakers before it could be implemented.
Final Remarks
Cetus expressed gratitude for the community’s patience and support. The team noted that many core members have been working without rest and remain fully committed to managing the crisis responsibly. The update emphasized transparency and accountability, promising further updates as soon as there is new information to share.
Read also: Cetus Releases Full Incident Report After The Exploit
