Interactive Heatmap: https://pgdn.ai/heatmaps/2025-09-sui
Full Report: https://github.com/pgdn-network/pgdn-research/blob/main/reports/2025-09-sui.md
Research Repo: https://pgdn.ai/research/2025-09-research-sui

Key Highlights (September 2025)

• Validators scored on a 0–100 scale.

• Median score: 45%

• Highest observed score: 93%

• Lowest observed score: 15%

• 18.5% of validators met or exceeded our “good practice” threshold of 70.

Top 10 Validators (by score)

Bottom 10 Validators (by score)

Tools for Validators

To make this benchmark actionable, we’ve launched the PGDN Sentinel Discord Bot:

• Query validator scores directly in Discord

• Trigger rescans instantly

• Claim ownership to unlock enhanced analytics

[Add the bot to Discord – invite link]

Looking Ahead

We’ll refresh this dataset every month, building a public archive of validator security benchmarks across multiple protocols. Transparency + tools = stronger decentralized infrastructure.

• Recent Ethereum validator slashings (via SSV Labs ecosystem) highlight how fragile staking infra can be when key management or security hygiene fails.

• PGDN.ai’s analysis shows nearly 40% of Sui validator voting power is exposed — not from a single mistake, but systemic misconfigurations and poor security practice.

• Without addressing these weaknesses, Sui risks far worse than slashing: a potential consensus stall affecting billions in assets.

There's a great article about the slashing incident on The Block.

When Validators Fail, Networks Shake

This week, SSV Labs CEO Alon Muroch reassured the Ethereum staking community after several validators suffered slashing incidents. According to SSV, the protocol itself wasn’t compromised; instead, external key management errors by operators triggered the failures.

The takeaway was clear: even with strong protocol-level design, validator operators remain a weak link. Misconfigurations and operational mistakes can still lead to costly penalties, and reputational damage for the entire network.

Sui’s Hidden Risk Surface

If slashing from key mismanagement is painful, what PGDN.ai found on Sui is potentially catastrophic.

We scanned the entire Sui validator set and found nearly 40% of validator voting power exposed:

• Open SSH ports across core validators.

• Critical CVEs left unpatched (28% of validators).

• Default Apache landing pages exposed to the public internet.

• Docker port 2375 open on ~99% of validators, often with no firewall.

Unlike SSV’s incident, where the design worked but operators slipped, Sui’s issues point to systemic secops failures across the validator set.

Why It Matters

In proof-of-stake, slashing isn’t the only danger. If more than ~33% of validator voting power drops offline, consensus stalls. If the network halts, billions in assets could be frozen.

With 40% of voting power exposed, an attacker doesn’t need to “double sign” or exploit protocol bugs. They just need to take down enough vulnerable validators simultaneously to cross that threshold.

The Wrong Kind of Spotlight

Mysten Labs promotes Sui as "building critical infrastructure to enable a more decentralized internet." Yet when these issues were disclosed responsibly, the response was dismissive - "bug bounty" fodder rather than systemic risk.

Meanwhile, competitor Aptos came up clean on our first pass. Ironically, the chain with the biggest marketing spend may also have the weakest validator hygiene.

The Bigger Picture

The lesson from both SSV’s slashing incident and Sui’s exposures is that validator security is infrastructure security. Protocol design isn’t enough; the culture of secops among validator operators is just as critical.

Sui’s validators aren’t slashing today - but unless the hygiene gap is closed, the next headline could be worse than penalties. It could be a chain-wide stall.

Full Report: https://github.com/pgdn-network/sui-network-report-250819

In a proof-of-stake network like Sui, consensus halts if roughly 33.3% of the voting power is disrupted.
Our analysis showed that 3,955 voting power (~39.6%) was exposed - leaving a dangerously thin margin of only 621 voting power before a network-wide halt could occur.

A single, well-timed exploit could mean the loss of billions of dollars in assets. End game for Sui.

We have never seen this many production servers in a single network exposing SSH and default web pages. If we noticed, attackers almost certainly have too.

Key Findings

• 39.6% voting power externally exposed via SSH and/or CVEs

• 28% of validators running services with known CVEs

  • Some are patched Ubuntu builds with back-ported fixes

  • This figure is a conservative upper bound

• ~99% responding on port 2375/tcp (Docker-TCP)

  • SYN/ACK observed across most validators

  • Protocol unconfirmed → classified LOW confidence, excluded from exploitability math

• Default Apache landing pages observed on many validators, some with critical CVEs, mistakenly described as “RPC endpoints”. Seriously, WTF Sui?!

• Simulated attack scenario showed that a coordinated exploitation could cause a total network blackout.

Full dataset, methods, simulated attack etc are in the GitHub repo.

Why Hygiene and OPSEC Are Critical

Mysten Labs responded to our disclosure by framing these issues as “security hygiene, not exploitable vulnerabilities.”

That framing misses the point entirely. Hygiene issues are the very foundation of successful cyberattacks.

• Version fingerprinting: Public banners reveal the exact versions of software like OpenSSH and Ubuntu. Even if patched today, attackers can filter on these versions and launch an attack the moment a new CVE is released.

• Default web servers: Many validators are serving stock Apache pages, not RPC endpoints. These pages leak headers, advertise CVEs, and are a clear sign of misconfiguration.

• SSH exposure: SSH is one of the most abused management surfaces in history. Brute-force attacks, credential stuffing, or a future zero-day can all exploit this open port.

• Unexplained port 2375: Despite being consistently observed as open on nearly every validator, Mysten Labs denied its existence. This widespread, undocumented exposure is a significant concern.

Calling a CVE-affected Apache service an “intentional RPC” or denying open ports that are visible to anyone is not security. It is dismissal.

Disclosure and Response

We provided Mysten Labs with a report and access to a private GitHub repository, outlining our findings and a simulated attack scenario.

• Aug 18, 2025: Formal disclosure email sent to Mysten Labs

• Aug 21, 2025: Mysten Labs requested GitHub access, dataset shared

• Aug 22, 2025: Mysten Labs responded, calling the issues “hygiene, not vulnerabilities,” stating that ports 80/443 were “as intended,” and claiming port 2375 was not open

• Aug 26, 2025: Mysten Labs stated they do not manage independent validators and could only “pass along general messages” to encourage better practices

Mysten Labs confirmed their two validators were patched but did not dispute our findings on version fingerprinting.

They offered no remediation plan or guidance for independent validators.

Why This Matters

This isn’t about a single zero-day. It’s about systemic exposure across a decentralized network where halting consensus requires only one-third of voting power.

Without a minimum security baseline for validators, Sui - and any network like it - is one unpatched CVE away from the loss of all user funds.

Of note, our initial scans of Aptos were, clean as a whistle. Get your act together Sui.

Hygiene is not cosmetic. It is the difference between resilience and outage. While all the networks focus on internal audits, the outside is exposed.

About PGDN

PGDN measures the outside-in posture of decentralized infrastructure — validators, RPCs, bridges, sequencers, oracles and more.

We publish anonymized scores, reproducible methods, and remediation guidance to help operators and foundations harden their networks before attackers force the issue.

• Website: pgdn.ai

• GitHub: github.com/pgdn-ai

• X: https://x.com/pgdnai

• Contact: Simon Morley (sm@pgdn.ai)

Licensing: CC BY-NC-ND 4.0 — journalists may quote with attribution to PGDN; commercial reuse and derivative datasets prohibited.

Across the web:

"We audit contracts"
"We run bug bounties!"
"We're secure! We had a DDOS audit done in 2022!" (More on this in another post).

Yet the machines that run the chain?
They’ve been invisible. Until now.

Scores You Can Verify

Starting today, PGDN is making validator infrastructure scores public.

• On-chain — the permanent, verifiable record (view)

• Online — open for anyone to review (view one)

• On Twitter (@pgdnai) — because visibility drives action

The blockchain record is the source of truth. Twitter is just the loudspeaker.

Why This Matters

Infrastructure failures don’t happen in a vacuum - they happen in silence.
Without visibility, operators don’t fix them. Protocols don’t know they exist.
And attackers? The hackers do.

Publishing scores changes the equation:

• Creates a baseline every operator can measure against

• Gives protocols a clear signal on network health

• Incentivises fixes before incidents

This isn’t about calling people out. It’s about raising the floor for everyone.

How It Works

1. PGDN analyzes publicly exposed endpoints across supported networks

2. Findings are normalized, scored, and given a trust score

3. The score is hashed + published on-chain (permanent proof)

4. The same score is posted online + on @pgdnai for visibility

Anyone can verify a score against its on-chain record.

What’s Next

We’re extending the same approach to:

• Gateways

• Bridges

• RPC endpoints

• Network APIs

With automated alerts for regressions and opt-in remediation signals coming soon.

The decentralized edge is public.
Its security should be too.

Follow @pgdnai for live score updates and check the blockchain if you want the real receipts.

With all the recent crypto breaches, we assumed things would be protected. What we actually found was quite a shock.

PGDN is an AI-powered platform built to protect the decentralized edge, not by reacting to threats, but by proactively surfacing the weak points that make them possible.

PGDN is an agentic detection system: a purpose-built infrastructure intelligence layer that autonomously identifies, monitors, and scores validator nodes, RPC endpoints, and exposed components across decentralized networks.

The results are normalized, scored, and published as a permanent, verifiable audit trail - on-chain.

Everyone’s Auditing Apps - No One’s Watching the Infrastructure

In Web3, billions are poured into smart contract audits, formal verification, and protocol-level bug bounties. And yet:

• The nodes running those contracts are often unpatched

• Their RPCs are publicly exposed

• Their dashboards and ports are wide open

• Their infrastructure hygiene is untested, unaudited, and untracked

The external attack surface is growing, and no one’s looking.

That’s the gap PGDN exists to close.

In another article, we’ll cover the moment a security engineer from a major network sends us an outdated internal ddos audit, shortly after we sent him a report of a critical vulnerability on an external port.

Why We Scan Validators

Because they’re the actual entry points for attackers.

Smart contracts might hold the funds, but validators hold the keys to uptime, censorship, consensus, and exposure. If a validator goes down — or worse, is compromised — the entire network can be weakened or manipulated.

Here’s what we regularly find:

• RPC nodes running vulnerable versions

• Prometheus dashboards with no auth

• Default passwords still active

• BFT ports exposed globally

• Misconfigured TLS or proxies

In any other industry, this would trigger an incident response. In crypto, it’s often invisible.

Our Approach

PGDN doesn’t guess. We verify.

• We only scan publicly routable infrastructure

• We do not brute-force or exploit anything

• We fingerprint passively and match known CVEs

• We normalize, score, and publish findings on-chain

Every scan produces a validator trust score, traceable back to the original data, hashed and timestamped for full accountability.

We're Not Just Scanning - We're Setting the Standard

This isn’t about attacking networks. It’s about making them stronger.

We’re building a living, on-chain reputation layer for validator infrastructure one that protocols can rely on, and node operators can prove against.

Because decentralization without visibility is just security by assumption.

Coming Next

In Part 2, we scan the Sui.io mainnet and find that over 20% of validators expose critical misconfigurations.

Some of them are shockingly easy to fix. None of them should have existed.

PGDN - protecting the decentralized edge (and sometimes that means seeing what others choose not to).