Sui Foundation Launches Multi-year Security Push to Harden its Ecosystem

The Sui Foundation has announced a sweeping, multi-year program designed to harden the entire Sui ecosystem, not just the base-layer protocol, but the apps, wallets, explorers and third-party tools where most real attacks happen. Building on a $10 million commitment revealed earlier this year, the Sui Ecosystem Security Expansion Initiative will fund proactive monitoring, formal verification, exploit simulation and shared defense tools intended to raise the baseline of safety for everyone building and using Sui.

The urgency behind the move is obvious. While Sui has invested heavily in base-layer security from day one, the industry has repeatedly shown that the most damaging exploits target the application layer rather than the core networking protocol. In the first half of 2025 alone, nearly $2.5 billion was impacted by hacks and exploits across Web3, a stark reminder that the space faces a multibillion-dollar problem. Sui’s answer is to build defenses that span the whole ecosystem, not just patch individual projects one at a time.

“For too long, advanced security has been an overlooked part of crypto tooling,” said Christian Thompson, Managing Director of the Sui Foundation. “Sui is setting a new standard by not only protecting the core protocol, but also hardening the entire ecosystem.” That sentiment underpins the initiative’s central idea: audits are necessary, but they’re only part of the picture.

An audit is like a pre-flight checklist; it tells you whether the plane is ready to take off, but it doesn’t protect the flight from turbulence or sudden weather changes. The Foundation’s plan is more like building an air-traffic control system for the ecosystem: always-on protection that detects threats, alerts stakeholders, and helps the community respond in real time.

The program expands security capabilities across every layer where users and builders interact. On the user side, Sui is investing in protections that reduce phishing and impersonation risk by widening Web2-style takedown coverage and improving impersonation detection for ecosystem brands. Transaction simulation, already integrated into wallets such as Slush, OKX and Backpack, will be extended to more wallets so users can preview and spot malicious transactions before signing. Meanwhile, malicious app detection will identify suspicious apps, tokens and addresses across user-facing tools so threats can be flagged before people interact with them.

Visibility across the ecosystem is another major focus. The Foundation plans to roll out active exploit monitoring and alerting so teams can react quickly when suspicious contract behavior appears. Block explorers will gain richer, integrated tooling: transaction graph visualizations, wallet risk scores and address attribution will help everyone see and understand suspicious activity on chain, instead of leaving detection to individual projects working in isolation.

Pushing Advanced Security Practice

At the protocol and developer level, Sui is pushing advanced security practices that go beyond conventional testing. The initiative will fund exploit simulations designed to surface vulnerabilities before attackers find them, and expand access to Move Prover formal verification services so teams can mathematically validate critical contract logic.

The Foundation also plans to leverage crowdsourced and AI-driven bug finding to uncover hidden issues in high-risk contracts. To make safe development easier by default, Sui will publish secure-by-default smart contract templates that developers can use as a foundation, raising the default level of safety across new projects.

Crucially, the Foundation says this isn’t about subsidizing security that teams should already provide; it’s about raising the floor for everyone. End users should see the difference in everyday tools, safer wallets, explorers and marketplaces where risk warnings, address tagging and escrow protections reduce the chance of loss. Builders should benefit from funded access to formal verification, exploit simulations and secure templates, making advanced defenses affordable and practical for smaller teams.

The approach is explicitly collaborative: pooled resources and shared tooling should make the cost and complexity of advanced security manageable for projects of all sizes, while lifting the whole network’s resilience. As decentralized systems grow in complexity, continuous monitoring and better tooling embedded into daily workflows will be critical to keeping users safe.

“Building in crypto requires both creativity and vigilance,” the Foundation said in outlining the program. With this Security Expansion Initiative, Sui is betting that an ongoing, ecosystem-level defense posture, not a one-off audit, is the way to raise trust, protect users and set a new bar for what it means to be a security-conscious Layer 1.