← Back to Blog

The $220 Million Rounding Error: Why "Security" Failed Cetus (and How to Fix It)

A postmortem-style breakdown of how rounding, invariants, and unchecked assumptions turn into catastrophic losses.

29 Dec 2025 8 min read Incident ReviewSecurity EngineeringSmart Contracts

The Cetus incident is a blunt reminder that most security failures are not “advanced” attacks. They are the product of small, compounding assumptions that no one codified or proved. A rounding edge case becomes a systemic loss when invariants are not explicit and enforcement is inconsistent.

What failed

At a high level, the failure was not a single bug. It was a chain:

  • A rounding path that allowed value to leak across accounting boundaries.
  • Invariants that were assumed but never enforced in code.
  • A system design that treated internal accounting as if it were precise when it was only approximately correct.

If you cannot prove that your state updates preserve conservation of value, you are already in danger.

The deeper issue: implicit invariants

Security is a property of the whole system, not just the critical path. Most teams say things like “balances always add up” or “fees never exceed X” but those claims are rarely enforced in one place. Instead they are scattered across helpers, tests, and comments.

When an invariant is implicit, it becomes easy to violate it during refactors or upgrades. The bug is not the refactor, it is the missing proof.

How to fix the class of failure

The fix is not a patch. It is a workflow.

  1. Write the invariants down. Make them executable.
  2. Make every state transition prove or check them.
  3. Treat rounding as a first-class risk, not a minor detail.

A good rule: if you need to reason about rounding, you need explicit bounds. If you cannot bound the error, you cannot bound the loss.

Defense in depth for math-heavy systems

Use multiple layers:

  • Property tests to search for conservation violations.
  • Formal proofs for the highest-value invariants.
  • Fuzzing with adversarial inputs tuned for rounding edges.
  • Runtime assertions in production for invariant checks.

If your system holds meaningful value, these are the minimum baseline.

How Welltyped Systems prevents this class of failure

We treat math-heavy systems as proof obligations, not guesswork. Our standard engagements include:

  • Formal correctness work for critical invariants and accounting rules.
  • Lean models that serve as verified oracles for conformance testing.
  • Adversarial fuzzing to surface rounding edge cases and invariant drift.
  • Property-based tests that encode conservation and bound errors explicitly.
  • PR-ready patch sets with reproduction tests and measurable fixes.

The takeaway

Cetus was not a failure of “security” as a concept. It was a failure to operationalise security into code, math, and proof. If you want to avoid the next nine-figure incident, you need fewer assumptions, more invariants, and mathematical rigor.

Ready to de-risk your stack?

We deliver formal specs, differential fuzzing suites, and conformance reports with remediation guidance.