Is Cetus Protocol Safe?
Risk Grade: D+ (58/100)
Cetus Protocol is rated as high risk — extreme novelty, critical interactions, unproven at scale.
High risk — already lost $223M to a math bug and TVL has collapsed 90%, signaling deep loss of trust
A decentralized exchange on Sui that was hacked for $223M in May 2025 through a math bug in its code. It currently holds about $33M, down from $300M+ before the exploit. Its D grade reflects the severity of the hack, the possibility of the same bug class reappearing, and deeply eroded user trust.
TVL
$33M
Mechanisms
7
Interactions
5
Value Grade
D-
Key Risks for Cetus Protocol Users
A single math error let an attacker create billions of dollars in fake liquidity and drain $223M in under 15 minutes. The rebuilt code may still contain similar overflow bugs
The Sui Foundation froze the blockchain to stop the attack. A second exploit would force another freeze, raising serious questions about whether Sui is truly decentralized
The same code runs on both Sui and Aptos. A bug found on one chain can be copied to the other before a fix goes out, doubling the damage
Top Risk Factors
- •$223M exploit in May 2025 via integer overflow in liquidity math library (integer-mate)
- •Concentrated liquidity positions amplify impermanent loss and manipulation risk on Sui/Move
- •Post-exploit TVL collapsed from $300M+ to ~$33M, signaling deep loss of user confidence
How Cetus Protocol Compares to Peers
Cetus Protocol ranks #110 of 111 DEX protocols (bottom quartile — among the riskiest). At a risk score of 58/100, it's 24 points riskier than the sector average of 34/100.
Adjacent peers: ALEX Lab (C-, 55/100) is ranked just safer, and THORChain (D, 67/100) is ranked just riskier.
See the full DEX sector leaderboard or the Cetus Protocol vs ALEX Lab comparison.
Common Questions about Cetus Protocol
Plain-English answers based on Cetus Protocol's scores across Hindenrank's 8 risk dimensions. The highest-scoring (riskiest) dimension is Interaction Severity (20/20).
Has Cetus Protocol ever been hacked or exploited?
Cetus Protocol has a documented incident history that materially raised its risk grade — the track record dimension scored 15/15, near the high end of the scale. Past exploits, governance failures, or contract issues are baked into this rating. Anyone considering deposits should review the incident details before allocating capital.
How much money is at stake in Cetus Protocol?
Cetus Protocol currently holds roughly $33M in user deposits. Smaller TVL means individual depositors carry a larger share of any loss event, and it can be harder to exit a position quickly during stress.
What's the worst-case scenario for Cetus Protocol?
Hindenrank has identified specific collapse scenarios for Cetus Protocol. The most prominent: "Second Integer Overflow Exploit". The trigger condition is A second integer overflow vulnerability is discovered in rebuilt math libraries or other fixed-point arithmetic paths, exploited before the low remaining TVL ($33M) can be withdrawn. Reading through the full scenario list on the protocol page is the single best way to understand the actual failure modes — generic "smart contract risk" is rarely the thing that takes a protocol down.
Is Cetus Protocol regulated or insured?
Cetus Protocol has some regulatory exposure (4/10), typical of mid-sized DeFi protocols. There is no specific enforcement action on record, but the structure includes elements that regulators have flagged in similar protocols. No DeFi protocol carries FDIC-style insurance — even with low regulatory risk, depositors are not protected in the way bank customers are.
What are the biggest red flags for Cetus Protocol?
Hindenrank's retail-focused risk audit flagged: A single math error let an attacker create billions of dollars in fake liquidity and drain $223M in under 15 minutes. The rebuilt code may still contain similar overflow bugs The Sui Foundation froze the blockchain to stop the attack. A second exploit would force another freeze, raising serious questions about whether Sui is truly decentralized The same code runs on both Sui and Aptos. A bug found on one chain can be copied to the other before a fix goes out, doubling the damage On the technical side, 2 critical-severity interaction risks have been identified.
Should beginners deposit into Cetus Protocol?
Cetus Protocol carries a D+ grade — among the riskiest protocols in Hindenrank's coverage. Beginners should not deposit here. Anyone considering a position should understand they may lose everything they put in, and should size accordingly.
How does Cetus Protocol compare to safer DEX alternatives?
Cetus Protocol is one protocol in Hindenrank's DEX coverage. The safest DEX protocols on the leaderboard tend to share three traits: a long incident-free track record, conservative mechanism design, and high-quality public documentation. Compare Cetus Protocol against the full DEX ranking before committing capital.
For the full 8-dimension score breakdown, the radar chart, and dependency graph, see the Cetus Protocol risk report.
Read the Full Cetus Protocol Risk Report
This protocol has 3 collapse scenarios. 2 critical and 2 high-severity interaction risks identified. See the full mechanism classification, interaction matrix, and deep-dive recommendations.
View Full Report →Get risk alerts before it's too late
Weekly grade changes, downgrade alerts, and new protocol risk findings. Free.