Home
Welcome to Sui Community Forum
Bounty Posts
+15
Expert Q&AXavier.eth313Jun 27, 2025Sui Transaction Failing: Objects Reserved for Another Transaction
I'm encountering a persistent JsonRpcError when trying to execute transactions on Sui. The error indicates that objects are reserved for another transaction, even though I've implemented sequential transaction processing with delays. JsonRpcError: Failed to sign transaction by a quorum of validators because one or more of its objects is reserved for another transaction. Other transactions locking these objects: AV7coSQHWg5vN3S47xada6UiZGW54xxUNhRv1QUPqWK (stake 33.83) 0x1c20f15cbe780ee7586a2df90c1ab70861ca77a15970bea8702a8cf97bd3eed9 0x1c20f15cbe780ee7586a2df90c1ab70861ca77a15970bea8702a8cf97bd3eed9 0x1c20f15cbe780ee7586a2df90c1ab70861ca77a15970bea8702a8cf97bd3eed9 I've tried: Sequential transaction execution (waiting for previous transaction to complete) Added 3-second delays between transactions And still getting the same error consistently. Using Sui RPC for transaction submission. The same object ID appears multiple times in the lock list. Error occurs even with careful transaction sequencing. What causes objects to be "reserved" for other transactions? How can I properly check if an object is available before using it in a transaction? Are there best practices for handling object locks in Sui? Could this be related to transaction finality timing? Has anyone encountered this issue before? Any insights on proper object management in Sui transactions would be greatly appreciated!
- Sui
- Transaction Processing
- Move
24+15
Expert Q&AXavier.eth313Jun 17, 2025How do ability constraints interact with dynamic fields in heterogeneous collections?
I'm building a marketplace that needs to handle multiple asset types with different ability requirements, and I've hit some fundamental questions about Move's type system. I want to store different asset types in the same collection, but they have different abilities: Regular NFTs: key + store (transferable) Soulbound tokens: key only (non-transferable) Custom assets with transfer restrictions public struct Marketplace has key { id: UID, listings: Bag, // Want to store different asset types here } // This works for transferable assets public fun list_transferable( marketplace: &mut Marketplace, asset: T, price: u64 ) { /* ... */ } // But how to handle soulbound assets? public fun list_soulbound( // No store ability marketplace: &mut Marketplace, asset_ref: &T, // Can only take reference price: u64 ) { /* How do I store metadata about this? */ } Key Questions: Ability Requirements: When using dynamic_field::add(), does V always need store at compile time? Can wrapper types work around this? Heterogeneous Storage: Can a single Bag store objects with different ability sets (key + store + copy vs key + store), and handle them differently at runtime? Type Safety: Since dynamic fields perform type erasure, how do I maintain type safety when retrieving values? What's the pattern for storing type metadata? Witness Pattern: How do ability constraints work with phantom types? Can I store Asset and Asset in the same collection and extract type info later? Building a system where NFTs, soulbound tokens, and restricted assets all need marketplace functionality but with different transfer semantics. I’ve tried wrapper types, multiple collections per ability set, separate type metadata storage. Each has tradeoffs between type safety, gas costs, and complexity.
- Sui
- Architecture
04Best Answer
New Articles
- Mastering Move Language Concepts – Course #2ArticleMiniBob701Jul 01, 2025
While Course #1 i've made before introduced you to the basics of writing smart contracts in Move and building simple dApps on the Sui blockchain, this course focuses on deepening your understanding of the Move language itself — from its powerful type system to advanced patterns like generics, events, modules, and access control mechanisms. By the end of this course, you’ll be able to: Write modular, reusable, and secure Move code Use generics, abilities, and resource types effectively Implement fine-grained access control using capabilities Emit and listen to events for off-chain integration Work with complex data structures like tables and vectors Understand how Move differs from other smart contract languages like Solidity Let’s dive into the heart of the Move language! Step 1: Understanding Move’s Core Language Features Move is designed with safety and clarity in mind. Let's explore some of the most important features that make Move unique as a smart contract language. 1.1 Resource-Oriented Programming (Revisited) At the core of Move is the concept of resources, which are special types that cannot be copied or deleted unless explicitly allowed. This enforces safe handling of digital assets like tokens or NFTs. module examples::token { use sui::object::{Self, UID}; struct MyToken has key, store { id: UID, value: u64, } public fun mint(ctx: &mut TxContext): MyToken { MyToken { id: object::new(ctx), value: 100, } } } In this example: MyToken is a resource because it has the key ability. It can be stored (store) and uniquely identified by its id. It cannot be duplicated or dropped unless specified. This guarantees that each MyToken instance is uniquely owned and managed, preventing accidental duplication or deletion. 1.2 Abilities System Every type in Move has a set of abilities that define what operations it supports: | Ability | Meaning | |--------|---------| | copy | Can be duplicated | | drop | Can be discarded without destruction | | store | Can be stored in global storage | | key | Can be used as a struct with an ID field (i.e., an object) | Example: struct Example has copy, drop { value: u64 } Understanding these abilities is essential for designing secure and predictable smart contracts. Why Abilities Matter Abilities enforce strict rules at compile time. For instance: A struct with only key and store cannot be copied or dropped. You cannot return a non-droppable struct from a function unless it's stored or transferred. This prevents bugs like double-spending or accidental token loss. 1.3 Generics and Type Parameters Move supports generic types, allowing developers to write flexible and reusable code. module examples::storage { use sui::object::{Self, UID}; struct Box has key { id: UID, content: T, } public fun new_box(ctx: &mut TxContext, content: T): Box { Box { id: object::new(ctx), content, } } } Here, ` is a type parameter, making Box` work with any type while still being safe and efficient. Note: The phantom keyword indicates that T doesn’t affect the runtime representation of the struct — useful for abstract modeling. Step 2: Modular Development and Package Management As your Move projects grow in complexity, organizing your code becomes critical. 2.1 Creating and Publishing Move Packages A Move package contains one or more modules and defines dependencies. It's the unit of deployment and versioning in Move. Directory structure: sources/ place.move user.move Move.toml Define dependencies in Move.toml: [dependencies] Sui = { git = "https://github.com/MystenLabs/sui.git", subdir = "crates/sui-framework" } MyLibrary = { local = "../my-library" } You can publish packages to the Sui network and reuse them across multiple dApps. 2.2 Reusing Existing Modules The Sui Framework provides battle-tested modules like coin, transfer, and tx_context. Always check what’s available before writing custom logic. For example, to transfer an object: use sui::transfer; public entry fun send_place(place: Place, recipient: address) { transfer::public_transfer(place, recipient); } Using standard libraries ensures safer, faster development and better interoperability. Step 3: Events and Off-Chain Communication To build real-world applications, your Move contracts need to communicate with off-chain systems like frontends or indexers. 3.1 Emitting Events Move allows emitting events that can be indexed by external services. use sui::event; struct PlaceCreated has drop { name: String, } public fun emit_place_created(name: String) { event::emit(PlaceCreated { name }); } This event will appear on the blockchain and can be picked up by explorers or indexing tools. 3.2 Listening to Events Use tools like Suiet Explorer, Subsquid, or the Sui JSON-RPC API to listen for emitted events and react accordingly in your application. In JavaScript/TypeScript: import { JsonRpcProvider } from '@mysten/sui.js'; const provider = new JsonRpcProvider('https://fullnode.devnet.sui.io'); const events = await provider.getEvents({ MoveEventType: '0x...::example::PlaceCreated' }); Step 4: Access Control and Security Patterns Security is paramount when dealing with smart contracts. Move provides several tools to implement robust access control. 4.1 Object Ownership Model Sui enforces ownership at the protocol level. Only the owner of an object can mutate or transfer it. public entry fun update_name(sweet_place: &mut SweetPlace, new_name: String) { sweet_place.name = new_name; } Only the current owner can call this function. 4.2 Capabilities Pattern For more granular permissions, use the capability pattern — create special objects that grant limited access to certain functions. struct AdminCap has key { id: UID } public entry fun grant_admin_cap(ctx: &mut TxContext) { let cap = AdminCap { id: object::new(ctx) }; transfer::public_transfer(cap, tx_context::sender(ctx)); } public entry fun restricted_action(_: &AdminCap) { // perform admin action } Now only users who hold the AdminCap can execute restricted_action. This pattern is widely used in DeFi and DAOs to delegate authority securely. Step 5: Working with Complex Data Structures Move supports structured data types that allow developers to model complex logic and relationships. 5.1 Vectors Vectors are used to store ordered collections of items of the same type. let names = vector[String::utf8(b"Alice"), String::utf8(b"Bob")]; They’re useful for storing lists of NFTs, user roles, or dynamic metadata. Example usage: vector::push_back(&mut names, String::utf8(b"Charlie")); 5.2 Tables (via Sui Standard Library) While Move doesn’t natively support maps or hash tables, Sui provides the Table type in its standard library. use sui::table::{Self, Table}; struct Registry has key { id: UID, entries: Table, } public fun add_entry(registry: &mut Registry, key: u64, value: String) { table::add(&mut registry.entries, key, value); } Use tables to manage large datasets efficiently. Step 6: Testing and Debugging Your Contracts Testing ensures your Move code behaves as expected under various conditions. 6.1 Unit Testing in Move Write unit tests directly in your Move modules using the testing framework. #[test] public fun test_create_sweet_place() { let ctx = tx_context::dummy(); create_sweet_place(&mut ctx, String::utf8(b"My House")); } Run tests with: sui move test 6.2 Using Sui Explorer After deploying your contract, use the Sui Explorer to inspect transactions, view object states, and debug issues. Step 7: Real-World Applications of Advanced Move Concepts Now that you understand the core language features, let’s explore how they apply to real-world scenarios. 7.1 NFT Minting Platform Create a platform that allows users to mint NFTs backed by Move resources, leveraging the ownership and resource models. 7.2 DAO Voting System Implement a decentralized autonomous organization (DAO) using Move for voting, proposals, and governance, using events and capabilities for secure actions. 7.3 Token Swaps and AMMs Build a decentralized exchange (DEX) using Move modules to represent liquidity pools and token swaps, using generics and tables for efficient state management.
2 - What Are Dynamic NFTs, and Why Does Sui Excel at Them?ArticleJun 30, 2025
The NFT space is evolving beyond static images and profile pictures (PFPs). The next frontier? Dynamic NFTs (dNFTs)—tokens that can change based on real-world data, user interactions, or on-chain events. While many blockchains support NFTs, Sui Network is uniquely positioned to power the future of dNFTs thanks to its innovative architecture. This article explores: What makes an NFT "dynamic"? Why Sui’s technology is perfect for dNFTs Real-world use cases today The future of interactive digital assets 1. What Are Dynamic NFTs? Unlike traditional NFTs (which are static and immutable), dynamic NFTs can update their: Metadata (e.g., a sports NFT that changes based on game stats) Appearance (e.g., an artwork that evolves over time) Utility (e.g., a loyalty NFT that unlocks new perks) How Do They Work? dNFTs use smart contract logic + external data inputs (oracles, user actions, etc.) to trigger changes. Example: A weather-sensitive NFT artwork that shifts colors based on real-time climate data. A game character NFT that levels up as you play. 2. Why Sui is the Best Blockchain for Dynamic NFTs While Ethereum and Solana also support dNFTs, Sui’s design offers key advantages: On-Chain Storage (No External Dependencies) Most blockchains store NFT metadata off-chain (e.g., IPFS), making dynamic updates clunky. Sui stores everything on-chain, enabling instant, trustless modifications. Move Language: Safe & Flexible Upgrades Ethereum’s Solidity requires complex proxy contracts for upgradable NFTs. Sui’s Move language allows native mutability—no clunky workarounds. Parallel Processing (Massive Scalability) Updating thousands of dNFTs at once? Ethereum struggles with congestion. Sui’s parallel execution handles millions of updates without slowdowns. Object-Centric Model (Granular Control) Each NFT is an independent object with customizable logic. Enables fine-tuned interactivity (e.g., only the owner can trigger changes). 3. Real-World Use Cases of dNFTs on Sui Gaming & Metaverse Evolving in-game items (e.g., a sword NFT that gains abilities with use). Cross-game interoperability (Sui’s objects can move between dApps). Example: Sui-based games like Panzerdogs use dNFTs for customizable avatars. Generative & Reactive Art AI-powered NFTs that shift style based on market trends. Collaborative art where collectors influence the final piece. Example: Art labs like Sui Gallery host dNFT exhibitions. Real-World Asset (RWA) Tracking Deed NFTs that update with property records. Certification badges that expire or renew automatically. Loyalty & Membership Programs Dynamic discount NFTs that improve with customer spending. VIP access passes that unlock new tiers over time. Example: Sui’s retail partners are testing dNFT loyalty programs. 4. The Future of dNFTs on Sui Expect to see: AI-integrated dNFTs (e.g., chatbots living in NFT avatars). DeFi-collateralized dNFTs (value adjusts based on market conditions). Fully on-chain games where every asset is a mutable dNFT. Conclusion: Sui is Building the Future of NFTs While static NFTs dominated 2021-2023, dynamic NFTs will rule the next bull run—and Sui’s tech makes it the ideal platform. With **on-chain storage, Move’s security, and unmatched scalability, Sui is poised to become the home of advanced dNFTs.
5 - Will AI Replace Human Developers in Web3?ArticleBenjamin XDV232Jun 30, 2025
The rapid advancement of AI-powered coding tools (like GitHub Copilot, ChatGPT, and Claude) has sparked debate: Will AI eventually replace Web3 developers? While AI is transforming how we build decentralized applications (dApps), the answer isn’t a simple yes or no. This article explores: How AI is already changing Web3 development Limitations of AI in blockchain coding The evolving role of human developers Who will dominate the future of Web3: AI, humans, or both? 1. How AI is Transforming Web3 Development AI is already assisting developers in key ways: Faster Smart Contract Writing Tools like ChatGPT and Warp AI (for Solana) can generate basic smart contract templates in seconds. Example: "Write a Solidity ERC-20 token contract with burn functionality." Automated Auditing & Bug Detection AI-powered tools (Certora, Slither) scan code for vulnerabilities like reentrancy attacks. Reduces $3B+ annual losses from DeFi hacks. Natural Language to Code Developers can describe logic in plain English, and AI converts it into Move (Sui), Solidity (Ethereum), or Rust (Solana). Optimizing Gas Fees & Deployment AI suggests gas-efficient transaction methods. Predicts best times to deploy contracts to avoid network congestion. 2. Why AI Won’t Fully Replace Web3 Developers (Yet) Despite these advances, AI still has critical limitations: Lack of Deep Blockchain Understanding AI can replicate existing code but struggles with novel cryptographic solutions (e.g., zero-knowledge proofs). Often hallucinates incorrect logic in complex smart contracts. No Intuition for Security Risks AI may miss subtle attack vectors that human auditors catch. Example: An AI might not foresee a governance exploit in a DAO. Inability to Innovate Most AI tools remix existing code rather than invent new consensus mechanisms or tokenomics models. True blockchain breakthroughs (like Ethereum’s PoS transition) still require human ingenuity. Legal & Ethical Blind Spots AI can’t navigate regulatory gray areas (e.g., securities laws for token launches). Ethical decisions (e.g., decentralization vs. scalability trade-offs) need human judgment. 3. The Future: AI as a Co-Pilot, Not a Replacement The most likely scenario? AI augments developers but doesn’t replace them. Junior Devs Will Leverage AI Routine tasks (boilerplate contracts, unit tests) will be automated. Entry-level devs must upskill in security and architecture to stay relevant. Senior Devs Will Focus on Innovation Top engineers will design new protocols, optimize L1/L2 systems, and tackle unsolved problems (e.g., MEV resistance). New Roles Will Emerge "AI Smart Contract Trainers" – Fine-tuning models for blockchain-specific tasks. "Hybrid Auditor" – Combining AI tools with manual review. Conclusion: AI is a Tool, Not a Takeover AI will disrupt low-level coding jobs but won’t eliminate the need for skilled Web3 developers. Instead, the industry will shift: Average devs who rely on copy-paste coding risk obsolescence. Elite devs who master AI + deep blockchain expertise will thrive. Final Verdict: Short-term (2024-2026): AI handles 30-50% of boilerplate coding. Long-term (2030+): Humans and AI co-create smarter, safer dApps.
4 - AI’s Impact on Decentralized Applications (dApps)ArticleBekky35Jun 30, 2025
AI is revolutionizing dApps, enhancing smart contracts, DeFi, and blockchain ecosystems—while raising questions about security and decentralization. Key AI Innovations in dApps Smarter Smart Contracts – AI enables adaptive contracts that optimize fees, detect exploits, and adjust to market conditions (e.g., Fetch.ai). AI-Powered DeFi – Improves risk management, fraud detection, and automated portfolio strategies (e.g., Numerai). Decentralized AI Marketplaces – Blockchain allows transparent, incentivized AI model trading (e.g., Bittensor). AI Oracles – Enhances data accuracy for dApps by validating and processing complex inputs (e.g., DIA). AI-Generated NFTs & Gaming – Creates dynamic NFTs and adaptive in-game experiences (e.g., Alethea AI). Challenges in AI-Powered dApps Centralization Risks Most AI models require massive computational power, often relying on centralized cloud providers (e.g., AWS, Google Cloud). This contradicts blockchain’s decentralization ethos, creating potential single points of failure. Solutions like decentralized compute networks (e.g., Akash, Gensyn) aim to address this but are still in early stages. Regulatory Uncertainty If an AI-driven smart contract makes a faulty decision (e.g., incorrect liquidation in DeFi), who is liable—the developer, the AI model, or the DAO? Governments may impose strict rules on AI-powered financial applications, potentially stifling innovation. Compliance becomes complex when AI operates across multiple jurisdictions. High Costs of On-Chain AI Training and running AI models on-chain is prohibitively expensive due to gas fees and storage limitations. Emerging solutions like zero-knowledge machine learning (zkML) and off-chain AI with on-chain verification could reduce costs. Layer-2 scaling solutions may help, but efficiency remains a challenge. Future Possibilities for AI in dApps Autonomous DAOs Governed by AI AI could replace human voting in DAOs, making decisions based on real-time data analysis. Example: An AI DAO managing a DeFi protocol could auto-adjust interest rates or security parameters without proposals. Self-Optimizing Blockchains AI-driven consensus mechanisms could dynamically adjust block size, fees, or security protocols for efficiency. Networks might "learn" from past attacks (e.g., 51% attacks) to prevent future exploits. AI-Curated DeFi Protocols DeFi platforms could use AI to auto-rebalance liquidity pools, predict crashes, or blacklist malicious actors. Example: An AI-powered lending protocol could adjust collateral requirements in real time based on market volatility.
5 - Common Sui Blockchain Errors: Object Locking & Faucet Rate LimitsArticleOwen496Jun 30, 2025
When developing or testing applications on the Sui blockchain, developers often run into two common issues: Object locking errors during transaction execution Rate-limited faucet requests when trying to obtain test tokens This article explains both problems in detail and provides actionable solutions to help you avoid frustration during development. 1. Error: Objects Reserved for Another Transaction 🔍 What It Means You may encounter an error like this: JsonRpcError: Failed to sign transaction by a quorum of validators because one or more of its objects is reserved for another transaction. This means one or more objects (e.g., gas coins or shared objects) involved in your transaction are currently locked by a previously submitted transaction — even if it hasn’t completed yet. Sui uses optimistic concurrency control, which locks objects until a transaction is finalized or expires (~30–60 seconds). If multiple transactions attempt to use the same object before finalization, they will fail with this error. How to Check If an Object Is Available Use the sui_getObject RPC method to inspect the object status: curl --location --request POST 'https://fullnode.testnet.sui.io:443' \ --header 'Content-Type: application/json' \ --data-raw '{ "jsonrpc": "2.0", "id": 1, "method": "sui_getObject", "params": [""] }' If the response contains "status": "Locked" or "owner": "locked", wait before using the object again. Best Practices to Avoid Object Locking Issues Wait for Finalization Before Submitting New Transactions Use waitForTransaction from the SDK: import { JsonRpcProvider } from '@mysten/sui.js'; const provider = new JsonRpcProvider('https://fullnode.testnet.sui.io:443'); await provider.waitForTransaction(''); Use Multiple Gas Coins To avoid contention, split your gas coin: sui client split-coin --coin-id --amounts Then use a different gas coin for each transaction. Retry with Exponential Backoff When encountering lock errors, retry after increasing delays (e.g., 1s, 2s, 4s). Monitor via Explorer Use Sui Explorer to track the status of the locking transaction by digest. 2. Error: 429 Too Many Requests – Faucet Rate Limiting What It Means When requesting test tokens from the Sui faucet, you may see: API Error: 429 POST /v2/gas - “429 Too Many Requests” This indicates that you’ve exceeded the rate limit — usually due to too many requests from the same IP address or account within a 24-hour window. Solutions Try Alternative Faucets The official faucet (faucet.testnet.sui.io) has strict limits. You can try alternative services: https://faucet.n1stake.com/ https://faucet.sui.io These faucets often have more lenient policies or separate rate limits. Reuse Test Accounts Instead of creating new accounts every time, reuse existing ones to reduce faucet requests. Run a Local Testnet For heavy development/testing, consider running your own local Sui network: sui start --local-rpc-address This gives you full control over gas and avoids external dependencies.
5 - How Does Sui Prevent Smart Contract Hacks?ArticleArnold40Jun 30, 2025
Smart contract hacks have plagued the blockchain industry, with over $3 billion lost in 2023 alone due to exploits in platforms like Ethereum. Sui Network, designed with security as a priority, introduces several key innovations to minimize these risks. This article explores: 🔒 Sui’s built-in security features 💡 How the Move language prevents common exploits 🛡️ Comparison with Ethereum’s vulnerabilities 🚀 Why Sui could become the safest smart contract platform 1. The Move Programming Language: A Security-First Approach Sui uses Move, a language originally developed for Facebook’s Diem blockchain, designed specifically for secure asset management. Key Security Benefits of Move: No Unchecked External Calls – Prevents reentrancy attacks (like the $60M DAO hack on Ethereum). Strong Typing & Ownership Rules – Eliminates accidental fund loss due to coding errors. Formal Verification Support – Allows mathematical proof of contract correctness. Example: In Ethereum, a simple typo can drain funds. In Move, the compiler rejects unsafe code before deployment. 2. Object-Centric Model: Isolating Vulnerabilities Unlike Ethereum’s shared-state model (where one bug can affect many contracts), Sui’s object-based storage limits exploit propagation: Each asset (coin, NFT, etc.) is a distinct object with strict ownership rules. Contracts can’t arbitrarily modify unrelated data. Impact: Even if a contract is compromised, the damage is contained, unlike Ethereum’s composability risks (e.g., the $325M Wormhole bridge hack). 3. No "Gas Griefing" Attacks On Ethereum, attackers can spam contracts with high-gas transactions to block legitimate users (e.g., Denial-of-Service attacks). Sui’s Solution: Fixed low-cost transactions (no gas auctions). Parallel execution prevents network-wide congestion. 4. On-Chain Security Monitoring Sui’s validators actively monitor for suspicious activity: Transaction pre-checks – Reject obviously malicious requests. Real-time analytics – Flag abnormal behavior (e.g., sudden large withdrawals). 5. Real-World Safety Record (So Far) Sui has had zero major hacks since mainnet launch (2023). Ethereum averages 2-3 major DeFi exploits monthly. Case Study: A Sui-based DEX (Cetus) has processed $1B+ trades without security incidents—unlike Ethereum DEXs, which frequently suffer exploits. 6. Future-Proofing: Formal Verification & Audits Sui encourages: Formal verification – Mathematically proving contracts are bug-free. Multi-audit requirements – Major projects must pass 3+ audits. Conclusion: Is Sui the Most Secure Smart Contract Platform? While no system is 100% hack-proof, Sui’s Move language + object model + parallel execution make it far less vulnerable than Ethereum today. The Bottom Line: For developers – Move reduces human error risks. For users – Lower chance of losing funds to exploits. For institutions – Enterprise-grade security builds trust. **What’s Next? Will Ethereum adopt Move-like features? Can Sui maintain its clean security record as adoption grows?** Share your thoughts below
6 - Can Sui’s DeFi Ecosystem Rival Ethereum’s?ArticleBenjamin XDV232Jun 30, 2025
Decentralized finance (DeFi) has long been dominated by Ethereum, home to giants like Uniswap, Aave, and MakerDAO. But newer blockchains like Sui are emerging with faster speeds, lower fees, and innovative architectures—posing the question: Can Sui’s DeFi ecosystem compete with Ethereum’s dominance? This article examines: Sui’s technical advantages for DeFi Current DeFi landscape on Sui vs. Ethereum Key challenges Sui must overcome The future outlook for Sui’s DeFi growth Why Sui Could Be a Strong DeFi Contender Speed & Scalability (100K+ TPS Potential) Ethereum processes ~15-30 TPS (up to 100+ with Layer 2s). Sui’s parallel processing enables 100,000+ TPS in theory, making it ideal for high-frequency trading and liquidations. Near-Zero Gas Fees Ethereum’s gas fees can spike above $50 during congestion. Sui’s efficient model keeps fees below $0.01 consistently. Move Language: Safer Smart Contracts Ethereum’s Solidity has seen $3B+ in DeFi hacks (e.g., reentrancy attacks). Sui’s Move language prevents common exploits with built-in security checks. Capital Efficiency & On-Chain Liquidity Sui’s object-centric model allows more flexible asset management. Dynamic NFTs can act as collateral in DeFi, unlocking new use cases. Challenges Sui Must Overcome Liquidity Fragmentation Ethereum has deep liquidity pools (e.g., Uniswap’s $4B+ TVL). Sui needs more bridges, incentives, and institutional participation to compete. Composability (Ecosystem Interoperability) Ethereum’s DeFi apps integrate seamlessly (e.g., DAI in Aave → Curve). Sui’s ecosystem is still siloed, limiting complex strategies. Brand Trust & Developer Adoption Ethereum has first-mover advantage and a massive dev community. Sui must attract top DeFi teams (e.g., incentives like grants). Regulatory Uncertainty Ethereum’s regulatory clarity (e.g., ETH not deemed a security) helps. Sui’s SUI token and DeFi apps could face stricter scrutiny. How Sui Could Catch Up (Or Even Surpass Ethereum) Killer Apps That Leverage Sui’s Strengths High-frequency trading DEXs (e.g., an order book-based exchange). Real-time lending/borrowing with instant liquidations. On-chain derivatives (options, perps) with low latency. Incentivizing Ethereum Migrations Wormhole & Axelar bridges can port liquidity from Ethereum. Yield farming boosts (e.g., higher APYs than Ethereum L2s). Institutional Adoption Sui’s enterprise-friendly design could attract TradFi players. Regulated DeFi (e.g., compliant stablecoins) might thrive on Sui. Long-Term Scalability (When Ethereum Hits Limits) If Ethereum’s rollups face congestion, Sui’s native scalability could shine. Final Verdict: Can Sui Rival Ethereum in DeFi? Short-Term (2024–2025): No, But It Will Grow Ethereum’s liquidity moat is too strong. Sui will likely remain a niche for high-speed, low-cost DeFi. Long-Term (2026+): Possible, If… Sui attracts 1–2 flagship DeFi apps (e.g., a Uniswap competitor). Ethereum L2s fail to scale smoothly, pushing users elsewhere. Sui’s Move-based security prevents major hacks (building trust). What Do You Think? Will Sui ever surpass Ethereum in DeFi, or will it remain an alternative? What’s the one thing Sui needs to compete? Share your thoughts below!
5 - A Hacker's Guide to Conquering Move CTF 2025 (Week 1)Articleharry phan595Jun 30, 2025
In blockchain security, there’s no better training ground than a Capture The Flag (CTF) challenge. Developers forge their skills in the fires of friendly competition. The Move CTF 2025 Week 1 challenge on the Sui blockchain is a perfect example designed to test your understanding of the Move language. We'll go from setting up the environment to analyzing the smart contract's defenses, crafting a solver script, and finally executing the transaction that reveals the coveted prize: CTF{Letsmovectf_week1}. Whether you're a Move novice or a seasoned security researcher, this walkthrough will provide a practical roadmap to sharpen your skills. Let's dive in! Step 1: Reconnaissance - Understanding the Targe Before writing a single line of code, our first job is to understand the battlefield. The challenge is centered around a single Move module, week1::challenge, which we need to analyze. public struct Challenge has key { id: UID, secret: String, current_score: u64, round_hash: vector, finish: u64, } Our mission, simply put, is to successfully call the get_flag entry function. A successful call will trigger a FlagEvent, broadcasting our victory and the flag to the entire network. However, the get_flag function is protected by a series of five distinct validation checks. To succeed, we must satisfy all of them in a single transaction. Step 2: Deconstructing the Defenses - The Five Hurdles The get_flag function is a fortress, and its walls are made of assert! statements. Let's break down each of these hurdles one by one. Hurdle 1: The score Check The Task: Calculate the sha3_256 hash of the current challenge.secret string. The correct score is a u64 number derived from the first 4 bytes of that hash (using big-endian byte order). The Concept: This is a basic cryptographic challenge to ensure you can correctly perform hashing and byte manipulation as required by the contract. Hurdle 2: The guess Check (A Proof-of-Work Puzzle) The Task: Find a guess (a byte vector, which acts as a nonce) such that when you hash your guess and the secret together (sha3_256(guess || secret)), the first two bytes of the resulting hash match the first two bytes of the challenge.round_hash. The Concept: This is a classic Proof-of-Work (PoW) mechanism. It can't be solved mathematically; it requires computational effort ("brute force") to find a valid guess, proving you've spent resources to solve it. Hurdle 3: The hash_input Check (Identity Binding) The Task: Provide a hash that correctly combines the secret and your personal github_id. The trick here is that the secret must first be serialized using Binary Canonical Serialization (bcs::to_bytes). This is different from just using its raw bytes, as BCS prepends the data with its length. The final calculation is sha3_256(bcs(secret) || github_id). The Concept: This check links your solution to your unique identifier, preventing others from simply replaying your successful transaction. The use of BCS is a common pattern in Move and a key detail to notice. Hurdle 4 & 5: The seed and magic_number Check The Task: These two parameters are linked. seed is calculated as length(secret) * 2. magic_number is calculated as (score % 1000) + seed. The Concept: These are logic puzzles that test your ability to read the Move code carefully and replicate its simple arithmetic operations. Step 3: Setting Up Your Toolkit - Environment and Deployment With the theory understood, it's time to get our hands dirty. First, ensure your Sui CLI is installed and configured for the testnet. Check your Sui version sui --version sui 1.50.1-homebrew Check your active environment sui client envs testnet Check your active address and gas balance sui client active-address sui client gas Next, build and publish the Move contract to the Sui testnet. This will compile the code and deploy it, creating the initial shared Challenge object we need to interact with. Build the project sui move build Publish the contract to the testnet sui client publish --gas-budget 100000000 After a successful publish, the CLI will output the results, including two critical pieces of information you must save: Package ID: The address of your newly published contract. Object ID: The address of the shared Challenge object created by the init function. Step 4: Forging the Keys - Crafting the Python Solver Now, we need to calculate the correct arguments to pass to get_flag. Manually doing this is tedious, so we'll write a Python script to automate it. This script reads the initial secret, "Letsmovectf_week1", and computes all five required parameters. import hashlib --- Configuration --- github_id = b"qiaopengjun5162" secret = b"Letsmovectf_week1" --- 1. Calculate Score --- hash_bytes = hashlib.sha3_256(secret).digest() score = int.from_bytes(hash_bytes[:4], 'big') print(f"✅ Score: {score}") --- 2. Solve Proof-of-Work for Guess --- target_prefix = hash_bytes[:2] found_guess = None for i in range(1000000): # Brute-force loop guess_candidate = f"guess{i}".encode() combined_data = guess_candidate + secret random_hash = hashlib.sha3_256(combined_data).digest() if random_hash[:2] == target_prefix: found_guess = guess_candidate print(f"✅ Guess Found: {found_guess.decode()}") print(f" (as hex): {found_guess.hex()}") break --- 3. Calculate Hash Input (with BCS) --- BCS serialization for a string prepends its length as a ULEB128 integer. For short strings, this is just a single byte representing the length. bcs_encoded_secret = bytes([len(secret)]) + secret bcs_input_data = bcs_encoded_secret + github_id hash_input = hashlib.sha3_256(bcs_input_data).digest() print(f"✅ Hash Input (hex): {hash_input.hex()}") --- 4 & 5. Calculate Seed and Magic Number --- secret_len = len(secret) seed = secret_len * 2 magic_number = (score % 1000) + seed print(f"✅ Seed: {seed}") print(f"✅ Magic Number: {magic_number}") Step 5: The Heist - Calling get_flag and Capturing the Prize With our parameters calculated, we'll use another Python script to construct and execute the final sui client call command. This automates the tedious process of formatting the arguments for the command line. call_get_flag.py (summary) import subprocess --- Configuration (using values from previous script) --- package_id = "0x804c92e4eef709b83f135d6cc667005ce35d7eccd49384570cbd7b1b40e32434" challenge_id = "0xd28bc35560711a8b6ca93e2bf8e353fa6e17c15cbc426c48ece1ade9d83ce5ee" random_id = "0x8" # Default Random object on Sui gas_budget = "10000000" --- Calculated Parameters --- score = 1478524421 guess = [103, 117, 101, 115, 115, 55, 54, 57, 48, 56] # b'guess76908' hash_input = [...] # The full byte array from the solver github_id = "qiaopengjun5162" magic_number = 455 seed = 34 --- Construct and Execute the Sui CLI Command --- command = [ "sui", "client", "call", "--package", package_id, "--module", "challenge", "--function", "get_flag", "--args", str(score), str(guess), str(hash_input), f'"{github_id}"', str(magic_number), str(seed), challenge_id, random_id, "--gas-budget", gas_budget ] Execute the command and print the output result = subprocess.run(command, capture_output=True, text=True, check=True) print(result.stdout) Upon running this script, the transaction is sent. If all our parameters are correct, the output will show Status: Success and, most importantly, the emitted FlagEvent: "ParsedJSON": { "flag": "CTF{Letsmovectf_week1}", "github_id": "qiaopengjun5162", "rank": "1", "success": true } Success! The flag is captured. A well-designed CTF doesn't end after one solve. After our successful call, the get_flag function uses the Random object to generate a new secret and updates the Challenge object. I confirmed this by querying the object again, finding a new secret, and repeating the process. My solver scripts were reusable—I just had to update the secret variable, re-run the calculation, and execute the call again to capture the flag a second and third time, climbing the ranks. https://suiscan.xyz/testnet/tx/AzJywLk8zv1Fx5Pc8p4ZrZwFZQ9hmTbtvweo14MVn8fZ Conclusion: More Than Just a Flag Tackling the Move CTF 2025 Week 1 challenge was an incredible learning experience. It forced me to move beyond theory and engage directly with the Sui blockchain, reinforcing key concepts like: Smart Contract Logic: Carefully reading and understanding Move code is paramount. Cryptography in Practice: Applying hashing (sha3_256) and understanding byte manipulation. On-Chain Mechanics: The importance of specific serialization formats like BCS. Automation: Using scripts to make complex, repeatable tasks manageable. This challenge is a testament to the power of hands-on learning. If you're looking to grow your skills in blockchain development and security, I highly encourage you to jump into the
1 - Illustration of Sui Move Standard Library - Core Token Package (balance, coin, pay)ArticleMoonBags116Jun 30, 2025
This article analyzes the three core components of Sui Move tokens: balance (value storage layer), coin (token operation layer), and pay (payment abstraction layer). Through principle diagrams and code examples, the design principles of the three-layer architecture are revealed. | Modules | Tiers | Function | Scenario | | :--- | :--- | :--- | :--- | | sui::balance | Value storage layer (underlying storage) | Manage the mapping relationship between addresses and token balances | Balance query, token ownership verification | | sui::coin | Token operation layer (basic operation) | Focus on the life cycle management of the token itself; including: token creation, destruction and metadata management, etc. | Custom token issuance and token metadata maintenance | | sui::pay | Payment abstraction layer (high-level encapsulation) | Provides compound operations for token payment including: single or batch token splitting, merging, transfer, etc. | Batch transfer, split account logic, airdrop | Method diagram The method is relatively simple, mainly calling cointhe method in balance. The method coinwill be called in, so this article focuses on cointhe core method illustrated. The principles of regulatory currency will be introduced in a separate article and will be ignored in this article. Code Examples module cookbook::aig_token { use std::string::{Self, String}; use std::ascii; use sui::coin::{Self, TreasuryCap}; use sui::balance::{Self, Balance}; use sui::url::{Self, Url}; use sui::event; public struct EventMint has copy, drop { sender: address, amount: u64, coin_left: u64 } public struct EventAirdrop has copy, drop { method: String, sender: address, amount: u64 } public struct EventCoinMeta has copy, drop { decimals: u8, symbol: ascii::String, name: String, description: String, icon_url: Option, } public struct EventTotalSupply has copy, drop { total_supply: u64 } public struct Vault has key { id: UID, balance: Balance, } public struct AIG_TOKEN has drop {} fun init( witness: AIG_TOKEN, ctx: &mut TxContext ) { let decimals = 3; let symbol = b"AIG"; let name = b"AIG Token"; let description = b"AIG Token is a token that is used to incentivize the community to achieve the goals of the AI Goal."; let url = url::new_unsafe_from_bytes(b"https://ai-goal.vercel.app/"); let (treasury_cap, metadata) = coin::create_currency( witness, decimals, symbol, name, description, option::some(url), ctx ); event::emit( EventCoinMeta { decimals: coin::get_decimals(&metadata), symbol: coin::get_symbol(&metadata), name: coin::get_name(&metadata), description: coin::get_description(&metadata), icon_url: option::some(url), } ); transfer::public_freeze_object(metadata); transfer::public_transfer(treasury_cap, ctx.sender()); transfer::share_object( Vault { id: object::new(ctx), balance: balance::zero(), } ); } public(package) fun airdrop( vault: &mut Vault, amount: u64, method: vector, ctx: &mut TxContext ) { let sender = ctx.sender(); let mut balance_drop = balance::split(&mut vault.balance, amount); let coin_drop = coin::take(&mut balance_drop, amount, ctx); transfer::public_transfer(coin_drop, sender); balance::destroy_zero(balance_drop); event::emit( EventAirdrop { method: string::utf8(method), sender, amount, } ); } public fun mint_balance( treasury_cap: &mut TreasuryCap, vault: &mut Vault, amount: u64, ctx: &mut TxContext ) { let balance_minted = coin::mint_balance(treasury_cap, amount); balance::join(&mut vault.balance, balance_minted); event::emit( EventMint { sender: ctx.sender(), amount: amount, coin_left: balance::value(&vault.balance) } ); } #[allow(lint(self_transfer))] public fun mint_coin( treasury_cap: &mut TreasuryCap, amount: u64, ctx: &mut TxContext ) { let coin_minted = coin::mint(treasury_cap, amount, ctx); transfer::public_transfer(coin_minted, ctx.sender()); coin::mint_and_transfer( treasury_cap, amount, ctx.sender(), ctx ); event::emit( EventTotalSupply { total_supply: coin::total_supply(treasury_cap) } ) } }
2 - How to integrate the Vue front-end framework into the sui ecosystemArticleHaGiang266Jun 25, 2025
I'm currently working on a transformation of an old front-end project. The old project uses Vue as the front-end framework. How to connect to the wallet of the Sui ecosystem has always been a headache for me. In previous development, if I used the react framework, I could easily use the official one @mysten/dapp-kitto build a complete set of wallet connections, initiate transactions, and sign methods. Among the methods provided by mysten labs, there is @mysten/wallet-standard this library, which @mysten/suican be used to build the corresponding methods for wallet connection and signature transactions. The process of connecting to the wallet is as follows: Determine whether the user has connected to the wallet: initWallet() { const connectedWallet = window.localStorage.getItem("connectedWallet") const connectedAddress = window.localStorage.getItem("connectedAddress") if (connectedWallet && this.supportWallets.includes(connectedWallet) && connectedAddress) { this.connectWallet(connectedWallet) } } Connect your wallet // Connect Wallet (e.g., Slush) async connectWallet(walletName) { try { const availableWallets = getWallets().get(); let wallet = availableWallets.find(e => e.name === walletName); await wallet.features['standard:connect'].connect(); if (wallet.accounts.length > 0) { // Usually the first account is the currently active address const address = wallet.accounts[0].address; this.connectedWallet = wallet.name; this.address = address; window.localStorage.setItem("connectedAddress", address); window.localStorage.setItem("connectedWallet", wallet.name); } // Listen for wallet address changes or disconnection wallet.features['standard:events'].on('change', (event) => { // Logic for when the current wallet address doesn't match the stored address or when disconnected if (event.accounts.length === 0 || event.accounts[0].address !== this.address) { console.log('User changed accounts or disconnected...'); setTimeout(() => { window.localStorage.removeItem("connectedAddress"); window.localStorage.removeItem("connectedWallet"); window.location.reload(); }, 1000); } }); } catch (error) { console.log(error); } } The following is the transfer operation. All transactions can be wallet.features['sui:signTransaction'].signTransactionsigned: async transferSui() { try { const wallet = getWallets().get().find(e => e.name === this.connectedWallet) const amount = this.amount const toAddress = this.toAddress const tx = new Transaction() const [coin] = tx.splitCoins(tx.gas, [amount * 1e9]) tx.transferObjects([coin], toAddress) const { bytes, signature } = await wallet.features['sui:signTransaction'].signTransaction({ transaction: tx, account: wallet.accounts[0], chain: sui:${import.meta.env.VITE_SUPPORT_NETWORK} }); const executeRes = await suiClient.executeTransactionBlock({ transactionBlock: bytes, signature: signature, options: { showEffects: true, showObjectChanges: true, showBalanceChanges: true, showEvents: true, showInput: true } }); this.hash = executeRes.digest } catch (error) { console.log(error); } } Finally, you can create a function to disconnect the wallet on the web: async disconnectWallet() { try { const availableWallets = getWallets().get(); const walletName = window.localStorage.getItem("connectedWallet") let wallet = availableWallets.find(e => e.name === walletName) await wallet.features['standard:disconnect'].disconnect(); window.localStorage.removeItem("connectedAddress") window.localStorage.removeItem("connectedWallet") window.location.reload() } catch (error) { console.log('meet some errors '); } }, `
2
Posts
351- Expert Q&ACarlkawIy259Jul 01, 2025
How to recover SUI coins from an old wallet?
I've been trying to locate my SUI coins when setting up a new Slush account, but I don't see them. How can I verify if I'm using the correct phrase to import my old wallet?
- Sui
02 - ArticleMiniBob701Jul 01, 2025
Mastering Move Language Concepts – Course #2
While Course #1 i've made before introduced you to the basics of writing smart contracts in Move and building simple dApps on the Sui blockchain, this course focuses on deepening your understanding of the Move language itself — from its powerful type system to advanced patterns like generics, events, modules, and access control mechanisms. By the end of this course, you’ll be able to: Write modular, reusable, and secure Move code Use generics, abilities, and resource types effectively Implement fine-grained access control using capabilities Emit and listen to events for off-chain integration Work with complex data structures like tables and vectors Understand how Move differs from other smart contract languages like Solidity Let’s dive into the heart of the Move language! Step 1: Understanding Move’s Core Language Features Move is designed with safety and clarity in mind. Let's explore some of the most important features that make Move unique as a smart contract language. 1.1 Resource-Oriented Programming (Revisited) At the core of Move is the concept of resources, which are special types that cannot be copied or deleted unless explicitly allowed. This enforces safe handling of digital assets like tokens or NFTs. module examples::token { use sui::object::{Self, UID}; struct MyToken has key, store { id: UID, value: u64, } public fun mint(ctx: &mut TxContext): MyToken { MyToken { id: object::new(ctx), value: 100, } } } In this example: MyToken is a resource because it has the key ability. It can be stored (store) and uniquely identified by its id. It cannot be duplicated or dropped unless specified. This guarantees that each MyToken instance is uniquely owned and managed, preventing accidental duplication or deletion. 1.2 Abilities System Every type in Move has a set of abilities that define what operations it supports: | Ability | Meaning | |--------|---------| | copy | Can be duplicated | | drop | Can be discarded without destruction | | store | Can be stored in global storage | | key | Can be used as a struct with an ID field (i.e., an object) | Example: struct Example has copy, drop { value: u64 } Understanding these abilities is essential for designing secure and predictable smart contracts. Why Abilities Matter Abilities enforce strict rules at compile time. For instance: A struct with only key and store cannot be copied or dropped. You cannot return a non-droppable struct from a function unless it's stored or transferred. This prevents bugs like double-spending or accidental token loss. 1.3 Generics and Type Parameters Move supports generic types, allowing developers to write flexible and reusable code. module examples::storage { use sui::object::{Self, UID}; struct Box has key { id: UID, content: T, } public fun new_box(ctx: &mut TxContext, content: T): Box { Box { id: object::new(ctx), content, } } } Here, ` is a type parameter, making Box` work with any type while still being safe and efficient. Note: The phantom keyword indicates that T doesn’t affect the runtime representation of the struct — useful for abstract modeling. Step 2: Modular Development and Package Management As your Move projects grow in complexity, organizing your code becomes critical. 2.1 Creating and Publishing Move Packages A Move package contains one or more modules and defines dependencies. It's the unit of deployment and versioning in Move. Directory structure: sources/ place.move user.move Move.toml Define dependencies in Move.toml: [dependencies] Sui = { git = "https://github.com/MystenLabs/sui.git", subdir = "crates/sui-framework" } MyLibrary = { local = "../my-library" } You can publish packages to the Sui network and reuse them across multiple dApps. 2.2 Reusing Existing Modules The Sui Framework provides battle-tested modules like coin, transfer, and tx_context. Always check what’s available before writing custom logic. For example, to transfer an object: use sui::transfer; public entry fun send_place(place: Place, recipient: address) { transfer::public_transfer(place, recipient); } Using standard libraries ensures safer, faster development and better interoperability. Step 3: Events and Off-Chain Communication To build real-world applications, your Move contracts need to communicate with off-chain systems like frontends or indexers. 3.1 Emitting Events Move allows emitting events that can be indexed by external services. use sui::event; struct PlaceCreated has drop { name: String, } public fun emit_place_created(name: String) { event::emit(PlaceCreated { name }); } This event will appear on the blockchain and can be picked up by explorers or indexing tools. 3.2 Listening to Events Use tools like Suiet Explorer, Subsquid, or the Sui JSON-RPC API to listen for emitted events and react accordingly in your application. In JavaScript/TypeScript: import { JsonRpcProvider } from '@mysten/sui.js'; const provider = new JsonRpcProvider('https://fullnode.devnet.sui.io'); const events = await provider.getEvents({ MoveEventType: '0x...::example::PlaceCreated' }); Step 4: Access Control and Security Patterns Security is paramount when dealing with smart contracts. Move provides several tools to implement robust access control. 4.1 Object Ownership Model Sui enforces ownership at the protocol level. Only the owner of an object can mutate or transfer it. public entry fun update_name(sweet_place: &mut SweetPlace, new_name: String) { sweet_place.name = new_name; } Only the current owner can call this function. 4.2 Capabilities Pattern For more granular permissions, use the capability pattern — create special objects that grant limited access to certain functions. struct AdminCap has key { id: UID } public entry fun grant_admin_cap(ctx: &mut TxContext) { let cap = AdminCap { id: object::new(ctx) }; transfer::public_transfer(cap, tx_context::sender(ctx)); } public entry fun restricted_action(_: &AdminCap) { // perform admin action } Now only users who hold the AdminCap can execute restricted_action. This pattern is widely used in DeFi and DAOs to delegate authority securely. Step 5: Working with Complex Data Structures Move supports structured data types that allow developers to model complex logic and relationships. 5.1 Vectors Vectors are used to store ordered collections of items of the same type. let names = vector[String::utf8(b"Alice"), String::utf8(b"Bob")]; They’re useful for storing lists of NFTs, user roles, or dynamic metadata. Example usage: vector::push_back(&mut names, String::utf8(b"Charlie")); 5.2 Tables (via Sui Standard Library) While Move doesn’t natively support maps or hash tables, Sui provides the Table type in its standard library. use sui::table::{Self, Table}; struct Registry has key { id: UID, entries: Table, } public fun add_entry(registry: &mut Registry, key: u64, value: String) { table::add(&mut registry.entries, key, value); } Use tables to manage large datasets efficiently. Step 6: Testing and Debugging Your Contracts Testing ensures your Move code behaves as expected under various conditions. 6.1 Unit Testing in Move Write unit tests directly in your Move modules using the testing framework. #[test] public fun test_create_sweet_place() { let ctx = tx_context::dummy(); create_sweet_place(&mut ctx, String::utf8(b"My House")); } Run tests with: sui move test 6.2 Using Sui Explorer After deploying your contract, use the Sui Explorer to inspect transactions, view object states, and debug issues. Step 7: Real-World Applications of Advanced Move Concepts Now that you understand the core language features, let’s explore how they apply to real-world scenarios. 7.1 NFT Minting Platform Create a platform that allows users to mint NFTs backed by Move resources, leveraging the ownership and resource models. 7.2 DAO Voting System Implement a decentralized autonomous organization (DAO) using Move for voting, proposals, and governance, using events and capabilities for secure actions. 7.3 Token Swaps and AMMs Build a decentralized exchange (DEX) using Move modules to represent liquidity pools and token swaps, using generics and tables for efficient state management.
- Sui
- Architecture
- Move
2 - ArticleJun 30, 2025
What Are Dynamic NFTs, and Why Does Sui Excel at Them?
The NFT space is evolving beyond static images and profile pictures (PFPs). The next frontier? Dynamic NFTs (dNFTs)—tokens that can change based on real-world data, user interactions, or on-chain events. While many blockchains support NFTs, Sui Network is uniquely positioned to power the future of dNFTs thanks to its innovative architecture. This article explores: What makes an NFT "dynamic"? Why Sui’s technology is perfect for dNFTs Real-world use cases today The future of interactive digital assets 1. What Are Dynamic NFTs? Unlike traditional NFTs (which are static and immutable), dynamic NFTs can update their: Metadata (e.g., a sports NFT that changes based on game stats) Appearance (e.g., an artwork that evolves over time) Utility (e.g., a loyalty NFT that unlocks new perks) How Do They Work? dNFTs use smart contract logic + external data inputs (oracles, user actions, etc.) to trigger changes. Example: A weather-sensitive NFT artwork that shifts colors based on real-time climate data. A game character NFT that levels up as you play. 2. Why Sui is the Best Blockchain for Dynamic NFTs While Ethereum and Solana also support dNFTs, Sui’s design offers key advantages: On-Chain Storage (No External Dependencies) Most blockchains store NFT metadata off-chain (e.g., IPFS), making dynamic updates clunky. Sui stores everything on-chain, enabling instant, trustless modifications. Move Language: Safe & Flexible Upgrades Ethereum’s Solidity requires complex proxy contracts for upgradable NFTs. Sui’s Move language allows native mutability—no clunky workarounds. Parallel Processing (Massive Scalability) Updating thousands of dNFTs at once? Ethereum struggles with congestion. Sui’s parallel execution handles millions of updates without slowdowns. Object-Centric Model (Granular Control) Each NFT is an independent object with customizable logic. Enables fine-tuned interactivity (e.g., only the owner can trigger changes). 3. Real-World Use Cases of dNFTs on Sui Gaming & Metaverse Evolving in-game items (e.g., a sword NFT that gains abilities with use). Cross-game interoperability (Sui’s objects can move between dApps). Example: Sui-based games like Panzerdogs use dNFTs for customizable avatars. Generative & Reactive Art AI-powered NFTs that shift style based on market trends. Collaborative art where collectors influence the final piece. Example: Art labs like Sui Gallery host dNFT exhibitions. Real-World Asset (RWA) Tracking Deed NFTs that update with property records. Certification badges that expire or renew automatically. Loyalty & Membership Programs Dynamic discount NFTs that improve with customer spending. VIP access passes that unlock new tiers over time. Example: Sui’s retail partners are testing dNFT loyalty programs. 4. The Future of dNFTs on Sui Expect to see: AI-integrated dNFTs (e.g., chatbots living in NFT avatars). DeFi-collateralized dNFTs (value adjusts based on market conditions). Fully on-chain games where every asset is a mutable dNFT. Conclusion: Sui is Building the Future of NFTs While static NFTs dominated 2021-2023, dynamic NFTs will rule the next bull run—and Sui’s tech makes it the ideal platform. With **on-chain storage, Move’s security, and unmatched scalability, Sui is poised to become the home of advanced dNFTs.
- Sui
- Architecture
5 - ArticleBenjamin XDV232Jun 30, 2025
Will AI Replace Human Developers in Web3?
The rapid advancement of AI-powered coding tools (like GitHub Copilot, ChatGPT, and Claude) has sparked debate: Will AI eventually replace Web3 developers? While AI is transforming how we build decentralized applications (dApps), the answer isn’t a simple yes or no. This article explores: How AI is already changing Web3 development Limitations of AI in blockchain coding The evolving role of human developers Who will dominate the future of Web3: AI, humans, or both? 1. How AI is Transforming Web3 Development AI is already assisting developers in key ways: Faster Smart Contract Writing Tools like ChatGPT and Warp AI (for Solana) can generate basic smart contract templates in seconds. Example: "Write a Solidity ERC-20 token contract with burn functionality." Automated Auditing & Bug Detection AI-powered tools (Certora, Slither) scan code for vulnerabilities like reentrancy attacks. Reduces $3B+ annual losses from DeFi hacks. Natural Language to Code Developers can describe logic in plain English, and AI converts it into Move (Sui), Solidity (Ethereum), or Rust (Solana). Optimizing Gas Fees & Deployment AI suggests gas-efficient transaction methods. Predicts best times to deploy contracts to avoid network congestion. 2. Why AI Won’t Fully Replace Web3 Developers (Yet) Despite these advances, AI still has critical limitations: Lack of Deep Blockchain Understanding AI can replicate existing code but struggles with novel cryptographic solutions (e.g., zero-knowledge proofs). Often hallucinates incorrect logic in complex smart contracts. No Intuition for Security Risks AI may miss subtle attack vectors that human auditors catch. Example: An AI might not foresee a governance exploit in a DAO. Inability to Innovate Most AI tools remix existing code rather than invent new consensus mechanisms or tokenomics models. True blockchain breakthroughs (like Ethereum’s PoS transition) still require human ingenuity. Legal & Ethical Blind Spots AI can’t navigate regulatory gray areas (e.g., securities laws for token launches). Ethical decisions (e.g., decentralization vs. scalability trade-offs) need human judgment. 3. The Future: AI as a Co-Pilot, Not a Replacement The most likely scenario? AI augments developers but doesn’t replace them. Junior Devs Will Leverage AI Routine tasks (boilerplate contracts, unit tests) will be automated. Entry-level devs must upskill in security and architecture to stay relevant. Senior Devs Will Focus on Innovation Top engineers will design new protocols, optimize L1/L2 systems, and tackle unsolved problems (e.g., MEV resistance). New Roles Will Emerge "AI Smart Contract Trainers" – Fine-tuning models for blockchain-specific tasks. "Hybrid Auditor" – Combining AI tools with manual review. Conclusion: AI is a Tool, Not a Takeover AI will disrupt low-level coding jobs but won’t eliminate the need for skilled Web3 developers. Instead, the industry will shift: Average devs who rely on copy-paste coding risk obsolescence. Elite devs who master AI + deep blockchain expertise will thrive. Final Verdict: Short-term (2024-2026): AI handles 30-50% of boilerplate coding. Long-term (2030+): Humans and AI co-create smarter, safer dApps.
- Sui
- Move
4 - Expert Q&A0xduckmove618Jun 30, 2025
Is the testnet server down?
0|pictor-node | SuiHTTPStatusError: Unexpected status code: 503 0|pictor-node | at SuiHTTPTransport.request (/home/ubuntu/pictor-backend-nodejs/node_modules/@mysten/sui/src/client/http-transport.ts:113:10) 0|pictor-node | at processTicksAndRejections (node:internal/process/task_queues:105:5) 0|pictor-node | at SuiClient.getNormalizedMoveFunction (/home/ubuntu/pictor-backend-nodejs/node_modules/@mysten/sui/src/client/client.ts:397:10) 0|pictor-node | at /home/ubuntu/pictor-backend-nodejs/node_modules/@mysten/sui/src/experimental/transports/json-rpc-resolver.ts:267:17 0|pictor-node | at async Promise.all (index 0) 0|pictor-node | at normalizeInputs (/home/ubuntu/pictor-backend-nodejs/node_modules/@mysten/sui/src/experimental/transports/json-rpc-resolver.ts:264:3) 0|pictor-node | at resolveTransactionData (/home/ubuntu/pictor-backend-nodejs/node_modules/@mysten/sui/src/experimental/transports/json-rpc-resolver.ts:33:3) 0|pictor-node | at /home/ubuntu/pictor-backend-nodejs/node_modules/@mysten/sui/src/transactions/resolve.ts:68:3 0|pictor-node | at /home/ubuntu/pictor-backend-nodejs/node_modules/@mysten/sui/src/transactions/Transaction.ts:764:5 0|pictor-node | at _Transaction.runPlugins_fn (/home/ubuntu/pictor-backend-nodejs/node_modules/@mysten/sui/src/transactions/Transaction.ts:786:3) { 0|pictor-node | status: 503, 0|pictor-node | statusText: 'Service Unavailable' 0|pictor-node | } `
- Sui
- Architecture
11 - Expert Q&ABenjamin XDV232Jun 30, 2025
What Are Common Security Pitfalls in Sui Move Development?
I’m auditing a Sui Move smart contract and want to avoid critical vulnerabilities. From reviewing past exploits, I’ve seen: access control issues, arithmetic overflows, reentrancy risks, frontrunning, improper object ownership Questions: What are the most critical Sui Move vulnerabilities to watch for? How does Move’s ownership model prevent/differ from traditional reentrancy? Are there Sui-specific attack vectors (e.g., object spoofing)?
- Sui
- Architecture
52Best Answer - ArticleBekky35Jun 30, 2025
AI’s Impact on Decentralized Applications (dApps)
AI is revolutionizing dApps, enhancing smart contracts, DeFi, and blockchain ecosystems—while raising questions about security and decentralization. Key AI Innovations in dApps Smarter Smart Contracts – AI enables adaptive contracts that optimize fees, detect exploits, and adjust to market conditions (e.g., Fetch.ai). AI-Powered DeFi – Improves risk management, fraud detection, and automated portfolio strategies (e.g., Numerai). Decentralized AI Marketplaces – Blockchain allows transparent, incentivized AI model trading (e.g., Bittensor). AI Oracles – Enhances data accuracy for dApps by validating and processing complex inputs (e.g., DIA). AI-Generated NFTs & Gaming – Creates dynamic NFTs and adaptive in-game experiences (e.g., Alethea AI). Challenges in AI-Powered dApps Centralization Risks Most AI models require massive computational power, often relying on centralized cloud providers (e.g., AWS, Google Cloud). This contradicts blockchain’s decentralization ethos, creating potential single points of failure. Solutions like decentralized compute networks (e.g., Akash, Gensyn) aim to address this but are still in early stages. Regulatory Uncertainty If an AI-driven smart contract makes a faulty decision (e.g., incorrect liquidation in DeFi), who is liable—the developer, the AI model, or the DAO? Governments may impose strict rules on AI-powered financial applications, potentially stifling innovation. Compliance becomes complex when AI operates across multiple jurisdictions. High Costs of On-Chain AI Training and running AI models on-chain is prohibitively expensive due to gas fees and storage limitations. Emerging solutions like zero-knowledge machine learning (zkML) and off-chain AI with on-chain verification could reduce costs. Layer-2 scaling solutions may help, but efficiency remains a challenge. Future Possibilities for AI in dApps Autonomous DAOs Governed by AI AI could replace human voting in DAOs, making decisions based on real-time data analysis. Example: An AI DAO managing a DeFi protocol could auto-adjust interest rates or security parameters without proposals. Self-Optimizing Blockchains AI-driven consensus mechanisms could dynamically adjust block size, fees, or security protocols for efficiency. Networks might "learn" from past attacks (e.g., 51% attacks) to prevent future exploits. AI-Curated DeFi Protocols DeFi platforms could use AI to auto-rebalance liquidity pools, predict crashes, or blacklist malicious actors. Example: An AI-powered lending protocol could adjust collateral requirements in real time based on market volatility.
- Sui
5 - Expert Q&AJun 30, 2025
How to Create a Liquidity Pool in Sui Move?
I'm building a DeFi protocol on Sui and need to implement a basic liquidity pool (like Uniswap-style AMM) in Move. I'm struggling with: Storing LP tokens – How to handle dynamic supply and balances? Deposits/Withdrawals – Ensuring atomic swaps and proper math. Fee mechanism – Where to deduct fees without breaking invariants? Frontrunning protection – Is there a built-in way to handle slippage? What I've tried: Basic two-token pool using Table for balances. Manual LP mint/burn logic. Fixed 0.3% fee on swaps. Issues encountered: "Arithmetic overflow" when calculating liquidity. Reentrancy risks – Can Sui Move prevent this? LP token accuracy – Decimals handling feels hacky. Questions: What’s the correct architecture for a Sui liquidity pool? How to implement safe math for swaps/deposits? Are there Sui-specific optimizations (vs. EVM AMMs)? How to make the pool composable with other DeFi protocols?
- Sui
51Best Answer - ArticleOwen496Jun 30, 2025
Common Sui Blockchain Errors: Object Locking & Faucet Rate Limits
When developing or testing applications on the Sui blockchain, developers often run into two common issues: Object locking errors during transaction execution Rate-limited faucet requests when trying to obtain test tokens This article explains both problems in detail and provides actionable solutions to help you avoid frustration during development. 1. Error: Objects Reserved for Another Transaction 🔍 What It Means You may encounter an error like this: JsonRpcError: Failed to sign transaction by a quorum of validators because one or more of its objects is reserved for another transaction. This means one or more objects (e.g., gas coins or shared objects) involved in your transaction are currently locked by a previously submitted transaction — even if it hasn’t completed yet. Sui uses optimistic concurrency control, which locks objects until a transaction is finalized or expires (~30–60 seconds). If multiple transactions attempt to use the same object before finalization, they will fail with this error. How to Check If an Object Is Available Use the sui_getObject RPC method to inspect the object status: curl --location --request POST 'https://fullnode.testnet.sui.io:443' \ --header 'Content-Type: application/json' \ --data-raw '{ "jsonrpc": "2.0", "id": 1, "method": "sui_getObject", "params": [""] }' If the response contains "status": "Locked" or "owner": "locked", wait before using the object again. Best Practices to Avoid Object Locking Issues Wait for Finalization Before Submitting New Transactions Use waitForTransaction from the SDK: import { JsonRpcProvider } from '@mysten/sui.js'; const provider = new JsonRpcProvider('https://fullnode.testnet.sui.io:443'); await provider.waitForTransaction(''); Use Multiple Gas Coins To avoid contention, split your gas coin: sui client split-coin --coin-id --amounts Then use a different gas coin for each transaction. Retry with Exponential Backoff When encountering lock errors, retry after increasing delays (e.g., 1s, 2s, 4s). Monitor via Explorer Use Sui Explorer to track the status of the locking transaction by digest. 2. Error: 429 Too Many Requests – Faucet Rate Limiting What It Means When requesting test tokens from the Sui faucet, you may see: API Error: 429 POST /v2/gas - “429 Too Many Requests” This indicates that you’ve exceeded the rate limit — usually due to too many requests from the same IP address or account within a 24-hour window. Solutions Try Alternative Faucets The official faucet (faucet.testnet.sui.io) has strict limits. You can try alternative services: https://faucet.n1stake.com/ https://faucet.sui.io These faucets often have more lenient policies or separate rate limits. Reuse Test Accounts Instead of creating new accounts every time, reuse existing ones to reduce faucet requests. Run a Local Testnet For heavy development/testing, consider running your own local Sui network: sui start --local-rpc-address This gives you full control over gas and avoids external dependencies.
- Sui
- Transaction Processing
5 - ArticleArnold40Jun 30, 2025
How Does Sui Prevent Smart Contract Hacks?
Smart contract hacks have plagued the blockchain industry, with over $3 billion lost in 2023 alone due to exploits in platforms like Ethereum. Sui Network, designed with security as a priority, introduces several key innovations to minimize these risks. This article explores: 🔒 Sui’s built-in security features 💡 How the Move language prevents common exploits 🛡️ Comparison with Ethereum’s vulnerabilities 🚀 Why Sui could become the safest smart contract platform 1. The Move Programming Language: A Security-First Approach Sui uses Move, a language originally developed for Facebook’s Diem blockchain, designed specifically for secure asset management. Key Security Benefits of Move: No Unchecked External Calls – Prevents reentrancy attacks (like the $60M DAO hack on Ethereum). Strong Typing & Ownership Rules – Eliminates accidental fund loss due to coding errors. Formal Verification Support – Allows mathematical proof of contract correctness. Example: In Ethereum, a simple typo can drain funds. In Move, the compiler rejects unsafe code before deployment. 2. Object-Centric Model: Isolating Vulnerabilities Unlike Ethereum’s shared-state model (where one bug can affect many contracts), Sui’s object-based storage limits exploit propagation: Each asset (coin, NFT, etc.) is a distinct object with strict ownership rules. Contracts can’t arbitrarily modify unrelated data. Impact: Even if a contract is compromised, the damage is contained, unlike Ethereum’s composability risks (e.g., the $325M Wormhole bridge hack). 3. No "Gas Griefing" Attacks On Ethereum, attackers can spam contracts with high-gas transactions to block legitimate users (e.g., Denial-of-Service attacks). Sui’s Solution: Fixed low-cost transactions (no gas auctions). Parallel execution prevents network-wide congestion. 4. On-Chain Security Monitoring Sui’s validators actively monitor for suspicious activity: Transaction pre-checks – Reject obviously malicious requests. Real-time analytics – Flag abnormal behavior (e.g., sudden large withdrawals). 5. Real-World Safety Record (So Far) Sui has had zero major hacks since mainnet launch (2023). Ethereum averages 2-3 major DeFi exploits monthly. Case Study: A Sui-based DEX (Cetus) has processed $1B+ trades without security incidents—unlike Ethereum DEXs, which frequently suffer exploits. 6. Future-Proofing: Formal Verification & Audits Sui encourages: Formal verification – Mathematically proving contracts are bug-free. Multi-audit requirements – Major projects must pass 3+ audits. Conclusion: Is Sui the Most Secure Smart Contract Platform? While no system is 100% hack-proof, Sui’s Move language + object model + parallel execution make it far less vulnerable than Ethereum today. The Bottom Line: For developers – Move reduces human error risks. For users – Lower chance of losing funds to exploits. For institutions – Enterprise-grade security builds trust. **What’s Next? Will Ethereum adopt Move-like features? Can Sui maintain its clean security record as adoption grows?** Share your thoughts below
- Sui
6
Sui is a Layer 1 protocol blockchain designed as the first internet-scale programmable blockchain platform.
- Sui
- Architecture
- SDKs and Developer Tools
- Move
- Security Protocols
- NFT Ecosystem
- Transaction Processing