The Sui Foundation released an incident analysis report on June 1, attributing the three mainnet outages that occurred last week to two independent vulnerabilities introduced by the v1.72 version upgrade. The Foundation acknowledged that the emergency hotfix deployed last Thursday contained a “known issue, but with a very low probability of causing a network meltdown.” The team accepted this risk to restore service quickly, and the network broke again on Friday morning.
Confirmed Timeline and Root Causes of the Three Outages
According to the Sui Foundation’s timeline: the first outage began at 10:00 AM Eastern Time on Thursday and lasted until about 4:30 PM (about six and a half hours); the second outage occurred early Friday morning and was restored later that morning; the third outage began at 4:30 PM Eastern Time on Friday and lasted until about 10:20 PM.
The root causes of the first two outages were the same: the “address balance” feature introduced in v1.72 exposed a flaw in the way gas fees are deducted— even if a transaction is canceled due to insufficient funds, the network still consumes those funds, resulting in negative balances and causing validator nodes to crash during the account reconciliation step. The third outage was caused by a different random state vulnerability: when validator nodes restarted to install the repair procedure scheduled for Friday morning, they failed to record the decision to “turn off the random number generator,” preventing the cycle from ending and freezing the network for the third time.
The Foundation’s Admission: The Hotfix Came With Known Risk
In the incident report, the Sui Foundation explicitly stated that the hotfix方案 deployed on Thursday had a “known issue, but with a very low probability of causing a network meltdown.” To restore service as quickly as possible, while developing a more durable fix, the team decided to accept this risk. On Friday morning, the network encountered a variant of the same issue, forming a “second outage triggered by the fix itself.”
Confirmed Remediation Measures and AI Agent Diagnostics
The Sui Foundation confirmed that both the gas fee vulnerability and the random state vulnerability have been fixed by validator nodes. The Foundation also established a mechanism to forcibly terminate a stalled epoch, and it used it once during the recovery process. The Foundation also said that AI agents with access to production systems accelerated the diagnosis process significantly by querying validator logs and collecting indicators on demand. The Foundation further stated that it plans to invest in fault containment capabilities so that when similar vulnerabilities occur in the future, it can terminate faulty transactions rather than causing the entire network to go down.
Frequently Asked Questions
Did the three Sui mainnet outages share the same root cause?
According to the Sui Foundation’s report, the first two outages shared the same underlying gas fee vulnerability root cause, while the third outage was caused by a different random state vulnerability, occurring when validator nodes restarted to install the repair procedure.
Were user funds and settled transactions affected?
The Sui Foundation confirmed that user funds were never at risk during the three outages, and after the network was restored, no settled transactions were rolled back.
Has Sui previously had any similar major outage events?
Yes. According to a report by The Block, Sui experienced about six hours of mainnet downtime in January 2026, and also had an outage in November 2024 due to a validator crash vulnerability. This was the second major shutdown event for 2026.
