[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]  freshpants2x ✝️💧 [@freshpants2x](/creator/twitter/freshpants2x) on x XXX followers Created: 2025-07-23 17:24:57 UTC "Overflow Issue: The root cause of the hack was a flaw in the checked_shlw function within the integer-mate math library used by Cetus. This function, intended to prevent overflows in liquidity calculations, had an incorrect upper bound constant, allowing large values to wrap around silently. This led to a miscalculation where the attacker could deposit just one token (e.g., X unit of token A) but be credited with an enormous liquidity position, enabling them to drain significant assets from the pool. The overflow occurred in the get_delta_a function, which underestimated the required token amount due to improper handling of large integers." "Flash Loan Exploit: The attacker used a flash loan to borrow a large amount of tokens (e.g., XXXXXXXXXXXXX haSUI) to manipulate the pool's price and create favorable conditions for the exploit. By opening a liquidity position within a narrow tick range ([300000, 300200]), the attacker triggered the overflow bug, minting excessive liquidity with minimal token input. After withdrawing the inflated liquidity, they repaid the flash loan, keeping the profits. The flash loan was a tool to execute the attack, but the core vulnerability was the overflow bug." XX engagements  **Related Topics** [token](/topic/token) [cetus](/topic/cetus) [hack](/topic/hack) [Post Link](https://x.com/freshpants2x/status/1948071853353795599)
[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]
freshpants2x ✝️💧 @freshpants2x on x XXX followers
Created: 2025-07-23 17:24:57 UTC
"Overflow Issue: The root cause of the hack was a flaw in the checked_shlw function within the integer-mate math library used by Cetus. This function, intended to prevent overflows in liquidity calculations, had an incorrect upper bound constant, allowing large values to wrap around silently. This led to a miscalculation where the attacker could deposit just one token (e.g., X unit of token A) but be credited with an enormous liquidity position, enabling them to drain significant assets from the pool. The overflow occurred in the get_delta_a function, which underestimated the required token amount due to improper handling of large integers."
"Flash Loan Exploit: The attacker used a flash loan to borrow a large amount of tokens (e.g., XXXXXXXXXXXXX haSUI) to manipulate the pool's price and create favorable conditions for the exploit. By opening a liquidity position within a narrow tick range ([300000, 300200]), the attacker triggered the overflow bug, minting excessive liquidity with minimal token input. After withdrawing the inflated liquidity, they repaid the flash loan, keeping the profits. The flash loan was a tool to execute the attack, but the core vulnerability was the overflow bug."
XX engagements
