Is Sui Safe?
Risk Grade: C+ (42/100)
Sui is rated as elevated risk — multiple novel mechanisms and notable interaction risks.
Elevated risk — innovative L1 technology with strong VC backing, but novel untested architecture, demonstrated validator censorship capability, and massive token unlock overhang create significant uncertainty
Sui is a Layer 1 blockchain built by Mysten Labs (founded by former Meta/Diem engineers) using the Move programming language and a novel object-centric data model designed for high-throughput parallel execution. Its C+ risk grade reflects the novelty of its untested consensus (Mysticeti) and execution model, significant validator centralization demonstrated during the May 2025 Cetus exploit recovery, and substantial token unlock overhang with 60%+ of supply still vesting through 2030.
TVL
$563M
Mechanisms
8
Interactions
6
Value Grade
C+
Key Risks for Sui Users
During the $223M Cetus DEX exploit in May 2025, Sui validators froze $162M in stolen funds by blacklisting attacker addresses — proving the network can censor transactions if validators coordinate, which raises fundamental decentralization concerns.
Only about 38% of the 10 billion SUI tokens are currently in circulation. The remaining 6.2 billion tokens will unlock through 2030, creating persistent sell pressure that could significantly dilute existing holders.
Sui's core technology — its Mysticeti consensus engine and object-centric execution model — are novel designs with less than 3 years of mainnet operation, compared to Ethereum's 10+ years of battle-testing.
The Sui Foundation and Mysten Labs together control approximately 60% of all SUI tokens, giving two closely related entities outsized influence over network governance and validator economics.
Top Risk Factors
- •Sui validators demonstrated the ability to freeze $162M in stolen funds within hours during the May 2025 Cetus exploit — a recovery success, but also proof that a coordinated supermajority of validators can censor arbitrary addresses, undermining the censorship-resistance claim.
- •Over 6 billion SUI tokens remain locked in vesting schedules through 2030. With only ~3.8B tokens circulating, ongoing unlocks create persistent sell pressure equivalent to 60%+ of current supply still to enter the market.
- •Sui's object-centric execution model and Mysticeti DAG consensus are novel designs with under 3 years of mainnet operation. Novel consensus and execution models carry higher risk of undiscovered edge-case failures compared to battle-tested alternatives.
- •The Sui Foundation controls 50%+ of total token supply through the Community Reserve, and Mysten Labs holds an additional 10% treasury allocation, creating significant centralization of economic power in two related entities.
How Sui Compares to Peers
Sui ranks #42 of 56 L1 protocols (below-median — riskier than average). At a risk score of 42/100, it's 7 points riskier than the sector average of 35/100.
Adjacent peers: Worldcoin (C+, 41/100) is ranked just safer, and Monero (C, 43/100) is ranked just riskier.
See the full L1 sector leaderboard or the Sui vs Monero comparison.
Common Questions about Sui
Plain-English answers based on Sui's scores across Hindenrank's 8 risk dimensions. The highest-scoring (riskiest) dimension is Scale Exposure (9/10).
Has Sui ever been hacked or exploited?
Sui has a fairly clean operational history. The track record dimension scored 5/15, indicating minor or no significant incidents on record. A clean track record is a positive signal but it does not guarantee future safety, especially as protocol complexity grows.
How much money is at stake in Sui?
Sui currently holds more than $563M in user deposits. A protocol of this size typically has deeper liquidity, more eyes on the code, and more attention from auditors — but it also means a single failure has a much larger blast radius.
What's the worst-case scenario for Sui?
Hindenrank has identified specific collapse scenarios for Sui. The most prominent: "Validator Cartel Censorship and Network Confidence Collapse". The trigger condition is A regulatory authority pressures the Sui Foundation to blacklist specific addresses, or a coordinated group of validators holding >67% of stake decides to censor transactions for economic or political reasons, building on the precedent set by the May 2025 Cetus freeze. Reading through the full scenario list on the protocol page is the single best way to understand the actual failure modes — generic "smart contract risk" is rarely the thing that takes a protocol down.
Is Sui regulated or insured?
Sui has low regulatory exposure on Hindenrank's framework (1/10). The protocol is structured in a way that minimizes counterparty and jurisdiction concentration, though regulatory risk in crypto can change rapidly. No DeFi protocol carries FDIC-style insurance — even with low regulatory risk, depositors are not protected in the way bank customers are.
What are the biggest red flags for Sui?
Hindenrank's retail-focused risk audit flagged: During the $223M Cetus DEX exploit in May 2025, Sui validators froze $162M in stolen funds by blacklisting attacker addresses — proving the network can censor transactions if validators coordinate, which raises fundamental decentralization concerns. Only about 38% of the 10 billion SUI tokens are currently in circulation. The remaining 6.2 billion tokens will unlock through 2030, creating persistent sell pressure that could significantly dilute existing holders. Sui's core technology — its Mysticeti consensus engine and object-centric execution model — are novel designs with less than 3 years of mainnet operation, compared to Ethereum's 10+ years of battle-testing. On the technical side, 1 critical-severity interaction risk has been identified.
Should beginners deposit into Sui?
Sui's C+ grade puts it in the elevated-risk band. This is not a beginner-friendly protocol. Anyone depositing here should treat the position as speculative and avoid concentrating significant savings in it.
How does Sui compare to safer L1 alternatives?
Sui is one protocol in Hindenrank's L1 coverage. The safest L1 protocols on the leaderboard tend to share three traits: a long incident-free track record, conservative mechanism design, and high-quality public documentation. Compare Sui against the full L1 ranking before committing capital.
For the full 8-dimension score breakdown, the radar chart, and dependency graph, see the Sui risk report.
Read the Full Sui Risk Report
This protocol has 2 collapse scenarios. 1 critical and 2 high-severity interaction risks identified. See the full mechanism classification, interaction matrix, and deep-dive recommendations.
View Full Report →Get risk alerts before it's too late
Weekly grade changes, downgrade alerts, and new protocol risk findings. Free.