A prominent crypto investigator from SlowMist, known as Cosine, has issued a critical warning to users interacting with the Sui and Aptos blockchains.
According to his statement on X, Sui and Aptos, while appearing similar in address structure, do not share private key compatibility.
The recent development means the private key that controls a Sui wallet cannot be used to access funds on an Aptos wallet, even if the addresses appear visually identical.
The risk is particularly high for users managing wallets derived from a single mnemonic phrase across both networks, who might assume compatibility that does not exist.
Different Derivation Logics Lead to Different Wallets
Cosine explained that even when using the same mnemonic phrase, the two blockchains use different derivation logic, resulting in distinct wallet addresses.
Although both Aptos and Sui addresses may begin with “0x” and contain 66 characters, they are not interchangeable beneath the surface.
Wallet generation on each blockchain follows a unique cryptographic path, which means even slight misuse, such as sending Aptos tokens to a Sui wallet, can render funds unrecoverable.
Despite the similar appearance of the addresses, no technical bridge or derivation tool can recover the funds once the mistake is made.
Common UI and Address Similarities Cause Dangerous Confusion
The issue is further complicated by how similar the wallet addresses look on the surface, especially to casual or less-experienced users.
Both Sui and Aptos use hexadecimal formats and follow address structures that start with “0x”, which are commonly accepted as valid across many crypto interfaces and wallets.
The misleading uniformity can lull users into a false sense of security, leading them to input addresses incorrectly or assume that one keypair will work on both networks.
Cosine stressed that this confusion is not merely theoretical, it has already led to real-world financial losses.
Also Read: SlowMist Alerts On EOS Blockchain Crypto Threat Citing Malicious Address Poisoning Activity
A Call for User Awareness and Wallet Improvements
The SlowMist warning serves as a strong reminder for users to double-check blockchain compatibility before initiating any transfers.
Developers and wallet providers are also being urged to implement better cross-chain safeguards to prevent these types of mistakes.
Cosine’s findings highlight the need for clearer visual indicators, blockchain-specific address validation, or user prompts that verify the destination chain before funds are sent.
Until such changes are widely adopted, the best defense remains user education: never assume that a wallet address from one chain is compatible with another, no matter how identical they appear.
Also Read: SlowMist Warns Crypto Users Of Malicious Chrome Extensions Hijacking Browsing Traffic
Broader Pattern of Security Alerts from Crypto Investigators
This warning is just the latest in a series of security alerts issued by SlowMist.
On the 18th of June, the firm uncovered a crypto scam in which attackers hijacked WeChat accounts using stolen passwords to steal funds from Chinese OTC traders.
Scammers exploited trust between contacts to bypass two-factor authentication and request transfer codes, often during late-night hours.
In another case in June, SlowMist detected a major flaw in Meta Pool’s staking ecosystem that could have allowed unchecked token minting, risking token inflation.
Additionally in May, potential suspicious activity was spotted on the Nexo platform via Binance Smart Chain, prompting warnings for users to safeguard their assets.
These incidents underline the growing complexity of security threats in crypto, reinforcing the need for constant vigilance and education.