Inside the Triple Outage: Unpacking the Dual Vulnerabilities That Paralyzed Sui's Mainnet

The Cascade Failure: Tracing the Roots of Network Instability

The Sui ecosystem recently navigated a turbulent period marked by three distinct mainnet outages in close succession. A comprehensive technical analysis has now been released, pinpointing the chain of events to a recent core software upgrade.

Flaw #1: The "Phantom Deduction" Bug

The investigation traces the initial instability to the v1.72 release. A new feature designed to improve address balance visibility inadvertently exposed a critical flaw in transaction fee handling. In specific scenarios where a transaction was cancelled due to insufficient funds, the network would still attempt to process the fee payment. This created invalid negative balances, causing validator nodes to fail during critical reconciliation processes and triggering the first major outage, which lasted approximately six and a half hours.

Flaw #2: A Risky Hotfix and a Hidden State Bug

In response to the initial crash, developers deployed an emergency patch on Thursday. This interim solution, however, carried a acknowledged risk of causing further disruption—a risk the team accepted to swiftly restore service. This risk materialized on Friday morning, leading to the second outage.

A third, separate interruption occurred later that afternoon. This was triggered by a previously undiscovered vulnerability related to random state management, which surfaced as validator nodes restarted to install a more permanent fix.

Remediation and Forward-Looking Safeguards

The report strongly emphasizes that user funds were never at risk during these operational incidents. Both identified vulnerabilities have since been permanently resolved. Furthermore, the team has implemented a new protocol mechanism capable of forcibly terminating a "stalled epoch," providing a more robust recovery path to enhance network resilience against future deadlock scenarios.