Sui.

Post

Share your knowledge.

Benjamin XDV.
Jun 30, 2025
Expert Q&A

What Are Common Security Pitfalls in Sui Move Development?

I’m auditing a Sui Move smart contract and want to avoid critical vulnerabilities. From reviewing past exploits, I’ve seen: access control issues, arithmetic overflows, reentrancy risks, frontrunning, improper object ownership

Questions:

What are the most critical Sui Move vulnerabilities to watch for?

How does Move’s ownership model prevent/differ from traditional reentrancy?

Are there Sui-specific attack vectors (e.g., object spoofing)?

  • Sui
  • Architecture
5
2
Share
Comments
.

Answers

2
Evgeniy CRYPTOCOIN.
Jun 30 2025, 18:08

Answer

1. Top 5 Security Pitfalls in Sui Move

Improper Access Control

Risk: Functions that should be restricted are callable by anyone.

Example:

move
public fun admin_withdraw(signer: &signer) { // No check!  
    withdraw_coins(signer, ...);  
}  

Fix:

move
public fun admin_withdraw(signer: &signer, admin_cap: &AdminCap) {  
    assert!(address_of(signer) == admin_cap.admin, EUnauthorized);  
}  

Key Insight: Use capability patterns (AdminCap, OwnerCap) to gate sensitive ops.

Arithmetic Overflows/Underflows

Risk: u64 math wraps around silently (e.g., balances going to 0 → 2^64-1).

Example:

move
let total = user_balance + deposit_amount; // Overflow possible  

Fix:

move
use sui::math;  
let total = math::checked_add(user_balance, deposit_amount)?;  

Pro Tip: Always use:

math::checked_* (add/sub/mul/div)

balance::join()/split() for coins.

Shared Object Race Conditions

Risk: Concurrent modifications to shared objects (e.g., AMM pools) leading to corrupted state.

Example:

move
// Two TXNs read pool.reserves simultaneously → bad swap rates  

Fix:

Use &mut exclusively where possible.

For shared objects, design idempotent operations (e.g., require TXN digests as nonces).

Sui Advantage: Move’s type system prevents reentrancy (unlike Solidity), but shared objects can still race.

Frontrunning and MEV

Risk: Miners reordering TXNs to extract value (e.g., sandwich attacks).

Example:

move
// AMM swap with no slippage check:  
let dy = reserve_y * dx / reserve_x; // Miner can manipulate `reserve_x/y`  

Fix:

Require min_received parameters:


move
assert!(dy >= min_dy, EInsufficientOutput);  

Use deadline checks:

move
assert!(tx_context::epoch(ctx) <= deadline, EExpired);  
Phantom Type Confusion
Risk: Using the wrong type parameter (e.g., mixing Coin<USD> and Coin<USDC>).

Example:

move
public fun merge_coins<C>(a: Coin<C>, b: Coin<C>) { ... }  
// Can be called with `Coin<USD>` and `Coin<USDC>` if `C` isn’t constrained!  

Fix:

move
constraint C: store + drop; // Restrict valid types  

2. Sui-Specific Attack Vectors

Object Spoofing Risk: Fake objects injected via malicious RPC calls. Defense:

Always verify object ownership (has key and owner field).

Use object ID whitelists for critical operations.

Dynamic Field Hijacking Risk: Attacker adds malicious dynamic fields to your object. Defense:

Mark objects with store only if necessary.

Use private wrappers for sensitive data.

5
Best Answer
Comments
.
0xduckmove.
Jun 30 2025, 18:52

There are article about Security Best Practices for Building on Sui. It's awesome to check this https://blog.sui.io/security-best-practices/

0
Comments
.

Do you know the answer?

Please log in and share it.

Sui is a Layer 1 protocol blockchain designed as the first internet-scale programmable blockchain platform.

351Posts499Answers
Sui.X.Peera.

Earn Your Share of 1000 Sui

Gain Reputation Points & Get Rewards for Helping the Sui Community Grow.

Reward CampaignJuly