Security Is Our Top Priority

The Sui ecosystem is constantly monitored for security threats targeting the community. Identified threats are rapidly investigated and remediated to ensure user safety.

The Sui network and affiliated products undergo regular third-party audits as part of a concerted effort to maintain the highest level of security possible. The findings of these reports and the actions taken as a response are shared in a timely manner.

Recent Reports
Sui Core L1
Halborn conducted a security audit on Sui with the goal of ensuring it operated as intended and identifying potential security issues with the codebase.
Submitted on April 21, 2023
Move and Sui Security Assessment
Zellic reviewed Move and Sui Security Assessment’s code for security vulnerabilities, design issues, and general weaknesses in security posture.
Submitted on May 8, 2023
Sui Adapter & Verifier
Halborn conducted a security audit of Sui’s smart contracts to ensure they operate as intended and to identify any potential security issues.
Submitted on October 14, 2022
Deepbook Smart Contract Security Assessment
Zellic reviewed DeepBook’s code for security vulnerabilities, design issues, and general weaknesses in security posture.
Submitted on April 26, 2023
Groth16 Verifier API
Halborn conducted a security audit of the Groth16 Verifier API to ensure the smart contract functions as intended and identify potential security issues.
Submitted on Dec 9, 2022
Sui Typescript SDK
Halborn conducted a security audit of the SUi Typescript SDK in order to improve the quality of the systems reviewed and to target sufficient remediation to help protect users.
Submitted on Oct 6, 2022
Denial-of-Service Security Assessment
Halborn conducted a DoS security audit to identify if there was any risk of DoS conditions on nodes that may result from custom transactions and signatures.
Submitted on April 14, 2023
JSON-RPC Audit WebApp Pentest
Halborn conducted a security audit on the JSON-RPC API.
Submitted on Oct 6, 2022
Miscellaneous Audits
OtterSec performed an assessment of sui-verifier, sui-framework, sui-governance, sui-json-rpc, sui-adapter, collectibe, kiosk, suifrens, suins and sui.id programs.
June 2023
Sui-System
FYEO conducted a security assessment of sui-system, the staking code in Sui Move.
June 2023
ECVRF and Ristretto255
Common Prefix conducted an audit of the Elliptic Curve Verifiable Random Function and Ristretto255 implementations within Sui's fastcrypto library.
Submitted on April 7, 2023
secp256k1
Common Prefix conducted an audit of the Elliptic Curve Digital Signature Algorithm (ECDSA) sec256k1 implementation within Sui's fastcrypto library.
Submitted on April 7, 2023
BLS12381
Common Prefix conducted an audit of the BLS12381 implementation within Sui's fastcrypto library.
Submitted on April 7, 2023