Skip to main content
Sign in
Allbridge Core1 decision on this page

Audit log

Every state-changing event for Allbridge Core: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-30 12:14:39Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 423,154,316
    sig
    5iTwkpVTNvVs…wkQH4jVhexplorer ↗
    hash
    7L9Nf4y56HAt…iRjUHhUMsha256 → base58
    verifying row…full verify ↗
    canonical bytes (14366 B) ▸
    {"actor":"system:backfill","investigation_id":"69b33041-8d59-4e35-a72d-e8a0fc25ba5c","kind":"publish","page_slug":"allbridge-core","published_at":"2026-05-30T12:14:39.820Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Allbridge Core","sections":[{"content":"","heading":"","severity":"low","sources":[{"credibility":1,"name":"What is Allbridge Core? — Official Documentation","type":"official","url":"https://docs-core.allbridge.io"},{"credibility":2,"name":"Allbridge Core — QuickNode Builders Guide","type":"other","url":"https://www.quicknode.com/builders-guide/tools/allbridge-core-by-allbridge-core-team"},{"credibility":2,"name":"Mitigating Risk in the Allbridge Core — Kudelski Security Research (January 2023)","type":"research","url":"https://research.kudelskisecurity.com/2023/01/12/mitigating-risk-in-the-allbridge-core/"},{"credibility":2,"name":"Audit of Allbridge Core — Quarkslab Blog","type":"research","url":"https://blog.quarkslab.com/allbridge-core-stellar.html"}]},{"content":"","heading":"","severity":"critical","sources":[{"credibility":2,"name":"Decoding AllBridge $570K Flash Loan Exploit — QuillAudits via CoinMonks","type":"research","url":"https://medium.com/coinmonks/decoding-allbridge-570k-flash-loan-exploit-quillaudits-8da8dccd729d"},{"credibility":2,"name":"How Was Allbridge Exploited? — Neptune Mutual","type":"research","url":"https://medium.com/neptune-mutual/how-was-allbridge-exploited-956a05f3cb58"},{"credibility":2,"name":"Allbridge offers bounty to exploiter who stole $573K in flash loan attack — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/allbridge-offers-bounty-to-exploiter-who-stole-570k-in-flashloan-attack"},{"credibility":2,"name":"Allbridge Hack: Cross-Chain Protocol Loses $570,000 To Exploiter — Bitcoinist","type":"news_article","url":"https://bitcoinist.com/allbridge-hack-570000-lost/"},{"credibility":2,"name":"DeFi Cross-Chain Solution Allbridge Exploited For $570,000 — BeInCrypto","type":"news_article","url":"https://beincrypto.com/defi-allbridge-hack-570/"}]},{"content":"","heading":"","severity":"critical","sources":[{"credibility":2,"name":"Decoding AllBridge $570K Flash Loan Exploit — QuillAudits via CoinMonks","type":"research","url":"https://medium.com/coinmonks/decoding-allbridge-570k-flash-loan-exploit-quillaudits-8da8dccd729d"},{"credibility":2,"name":"How Was Allbridge Exploited? — Neptune Mutual","type":"research","url":"https://medium.com/neptune-mutual/how-was-allbridge-exploited-956a05f3cb58"},{"credibility":2,"name":"Allbridge Hack Response: Bridge Locked, White Hat Bounty, LPs Opened for Withdrawals — CryptoNews","type":"news_article","url":"https://cryptonews.net/news/security/20754571/"}]},{"content":"","heading":"","severity":"high","sources":[{"credibility":2,"name":"BNB Chain claims to have identified Allbridge's $570,000 exploiter — The Block","type":"news_article","url":"https://www.theblock.co/post/224521/allbridge-exploiter-identified-bnb-chain"},{"credibility":2,"name":"Allbridge Hacker Returns 1,500 BNB, Keeps $100,000 as Bounty — BeInCrypto","type":"news_article","url":"https://beincrypto.com/allbridge-defi-recovers-stolen-crypto-hacker-bounty/"},{"credibility":2,"name":"How Was Allbridge Exploited? — Neptune Mutual","type":"research","url":"https://medium.com/neptune-mutual/how-was-allbridge-exploited-956a05f3cb58"},{"credibility":2,"name":"Allbridge Hack Response — CryptoNews","type":"news_article","url":"https://cryptonews.net/news/security/20754571/"}]},{"content":"","heading":"","severity":"high","sources":[{"credibility":2,"name":"Allbridge exploiter returns most of the $573K stolen in attack — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/allbridge-exploiter-returns-most-of-the-573k-stolen-in-attack"},{"credibility":2,"name":"Allbridge Hacker Returns 1,500 BNB, Keeps $100,000 as Bounty — BeInCrypto","type":"news_article","url":"https://beincrypto.com/allbridge-defi-recovers-stolen-crypto-hacker-bounty/"},{"credibility":2,"name":"DeFi Project Allbridge Recovers Most of Stolen $570K — DailyCoin","type":"news_article","url":"https://dailycoin.com/defi-project-allbridge-recovers-most-of-stolen-570k/"},{"credibility":2,"name":"Allbridge Recovers $465,000 Stolen in Crypto Exploit — Blockchain.news","type":"news_article","url":"https://blockchain.news/news/allbridge-recovers-465-000-stolen-in-crypto-exploit"},{"credibility":2,"name":"Allbridge offers bounty to exploiters behind $573k hack — Crypto.news","type":"news_article","url":"https://crypto.news/allbridge-offers-bounty-to-exploiters-behind-573k-hack/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":1,"name":"Allbridge Core Updates Following the Relaunch — Allbridge Medium","type":"official","url":"https://allbridge.medium.com/allbridge-core-updates-following-the-relaunch-9f7716eeb5da"},{"credibility":1,"name":"Security Audit — Allbridge Core Docs","type":"official","url":"https://docs-core.allbridge.io/product/security-audit"},{"credibility":2,"name":"Allbridge Hack Response: Bridge Locked, White Hat Bounty, LPs Opened for Withdrawals — CryptoNews","type":"news_article","url":"https://cryptonews.net/news/security/20754571/"},{"credibility":1,"name":"Kudelski Security Audit Completed — Allbridge Medium","type":"official","url":"https://allbridge.medium.com/kudelski-security-audit-completed-8483e6bc463e"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"ZachXBT — Twitter/X post referencing Allbridge","type":"social_media","url":"https://twitter.com/zachxbt/status/1652732324969172992"},{"credibility":2,"name":"ZachXBT — Wikipedia","type":"other","url":"https://en.wikipedia.org/wiki/ZachXBT"},{"credibility":2,"name":"ZachXBT: The On-Chain Investigator Exposing Scams Across the Crypto World — OneKey Blog","type":"other","url":"https://onekey.so/blog/ecosystem/zachxbt-the-on-chain-investigator-exposing-scams-across-the-crypto-world/"}]}],"sources_used":[{"credibility":2,"name":"Decoding AllBridge $570K Flash Loan Exploit — QuillAudits via CoinMonks","type":"research","url":"https://medium.com/coinmonks/decoding-allbridge-570k-flash-loan-exploit-quillaudits-8da8dccd729d"},{"credibility":2,"name":"How Was Allbridge Exploited? — Neptune Mutual","type":"research","url":"https://medium.com/neptune-mutual/how-was-allbridge-exploited-956a05f3cb58"},{"credibility":1,"name":"Allbridge Core Updates Following the Relaunch — Allbridge Medium","type":"official","url":"https://allbridge.medium.com/allbridge-core-updates-following-the-relaunch-9f7716eeb5da"},{"credibility":2,"name":"Allbridge offers bounty to exploiter who stole $573K in flash loan attack — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/allbridge-offers-bounty-to-exploiter-who-stole-570k-in-flashloan-attack"},{"credibility":2,"name":"BNB Chain claims to have identified Allbridge's $570,000 exploiter — The Block","type":"news_article","url":"https://www.theblock.co/post/224521/allbridge-exploiter-identified-bnb-chain"},{"credibility":2,"name":"Allbridge Hacker Returns 1,500 BNB, Keeps $100,000 as Bounty — BeInCrypto","type":"news_article","url":"https://beincrypto.com/allbridge-defi-recovers-stolen-crypto-hacker-bounty/"},{"credibility":2,"name":"Allbridge Hack Response: Bridge Locked, White Hat Bounty, LPs Opened for Withdrawals — CryptoNews","type":"news_article","url":"https://cryptonews.net/news/security/20754571/"},{"credibility":2,"name":"DeFi Cross-Chain Solution Allbridge Exploited For $570,000 — BeInCrypto","type":"news_article","url":"https://beincrypto.com/defi-allbridge-hack-570/"},{"credibility":2,"name":"Allbridge offers bounty to exploiters behind $573k hack — Crypto.news","type":"news_article","url":"https://crypto.news/allbridge-offers-bounty-to-exploiters-behind-573k-hack/"},{"credibility":2,"name":"DeFi Project Allbridge Recovers Most of Stolen $570K — DailyCoin","type":"news_article","url":"https://dailycoin.com/defi-project-allbridge-recovers-most-of-stolen-570k/"},{"credibility":2,"name":"Allbridge Recovers $465,000 Stolen in Crypto Exploit — Blockchain.news","type":"news_article","url":"https://blockchain.news/news/allbridge-recovers-465-000-stolen-in-crypto-exploit"},{"credibility":2,"name":"Mitigating Risk in the Allbridge Core — Kudelski Security Research","type":"research","url":"https://research.kudelskisecurity.com/2023/01/12/mitigating-risk-in-the-allbridge-core/"},{"credibility":2,"name":"Audit of Allbridge Core — Quarkslab Blog","type":"research","url":"https://blog.quarkslab.com/allbridge-core-stellar.html"},{"credibility":1,"name":"Security Audit — Allbridge Core Docs","type":"official","url":"https://docs-core.allbridge.io/product/security-audit"},{"credibility":1,"name":"Kudelski Security Audit Completed — Allbridge Medium","type":"official","url":"https://allbridge.medium.com/kudelski-security-audit-completed-8483e6bc463e"},{"credibility":2,"name":"Allbridge Hack: Cross-Chain Protocol Loses $570,000 To Exploiter — Bitcoinist","type":"news_article","url":"https://bitcoinist.com/allbridge-hack-570000-lost/"},{"credibility":3,"name":"ZachXBT — Twitter/X post referencing Allbridge","type":"social_media","url":"https://twitter.com/zachxbt/status/1652732324969172992"},{"credibility":1,"name":"What is Allbridge Core? — Official Documentation","type":"official","url":"https://docs-core.allbridge.io"}],"summary":"Allbridge Core is a cross-chain stablecoin bridge protocol operating across EVM-compatible chains, Solana, Tron, and Stellar. On April 1-2, 2023, the protocol suffered a flash loan price-manipulation exploit on BNB Chain that drained approximately $570,000 from its BUSD and USDT liquidity pools. The attacker was subsequently identified via on-chain analysis by BNB Chain and AvengerDAO, and ultimately returned roughly $465,000 of the stolen funds after Allbridge offered a white hat bounty with immunity from legal action.","timeline":[{"date":"2022-07-10","event":"Kudelski Security completes a security audit of Allbridge Core, finding no significant issues.","source":"Kudelski Security Audit Completed — Allbridge Medium","source_url":"https://allbridge.medium.com/kudelski-security-audit-completed-8483e6bc463e"},{"date":"2023-01-12","event":"Kudelski Security publishes a public blog post on mitigating risks in Allbridge Core based on its December 2022 assessment.","source":"Mitigating Risk in the Allbridge Core — Kudelski Security Research","source_url":"https://research.kudelskisecurity.com/2023/01/12/mitigating-risk-in-the-allbridge-core/"},{"date":"2023-01-01","event":"The same wallet later identified as the Allbridge exploiter (labeled 'UF Dao Hacker' on BscScan) allegedly steals approximately $90,000 from the UF Dao protocol in a separate attack.","source":"BNB Chain claims to have identified Allbridge's $570,000 exploiter — The Block","source_url":"https://www.theblock.co/post/224521/allbridge-exploiter-identified-bnb-chain"},{"date":"2023-04-01","event":"PeckShield publicly alerts Allbridge via Twitter that an address is actively manipulating the swap price of its BNB Chain liquidity pools, acting simultaneously as a liquidity provider and swapper to drain BUSD and USDT pools.","source":"DeFi Cross-Chain Solution Allbridge Exploited For $570,000 — BeInCrypto","source_url":"https://beincrypto.com/defi-allbridge-hack-570/"},{"date":"2023-04-02","event":"Allbridge Core confirms the exploit. Approximately $570,000 is drained from BNB Chain pools (282,889 BUSD and 290,868 USDT). Total losses including a secondary attack are estimated at approximately $650,000. Allbridge immediately locks the bridge.","source":"Decoding AllBridge $570K Flash Loan Exploit — QuillAudits","source_url":"https://medium.com/coinmonks/decoding-allbridge-570k-flash-loan-exploit-quillaudits-8da8dccd729d"},{"date":"2023-04-02","event":"Allbridge reopens liquidity pools temporarily to allow liquidity providers to withdraw remaining assets. The team engages security partners PeckShield, Hacken, and HAPI Labs.","source":"Allbridge Hack Response: Bridge Locked, White Hat Bounty, LPs Opened for Withdrawals — CryptoNews","source_url":"https://cryptonews.net/news/security/20754571/"},{"date":"2023-04-03","event":"BNB Chain and AvengerDAO announce they have identified the exploiter through on-chain analysis. The wallet is linked to the prior UF Dao hack. Centralized exchanges begin freezing associated accounts.","source":"BNB Chain claims to have identified Allbridge's $570,000 exploiter — The Block","source_url":"https://www.theblock.co/post/224521/allbridge-exploiter-identified-bnb-chain"},{"date":"2023-04-03","event":"Allbridge sends an on-chain message to the attacker offering a 10% white hat bounty and immunity from legal action in exchange for return of stolen funds.","source":"Allbridge offers bounty to exploiter who stole $573K in flash loan attack — CoinTelegraph","source_url":"https://cointelegraph.com/news/allbridge-offers-bounty-to-exploiter-who-stole-570k-in-flashloan-attack"},{"date":"2023-04-04","event":"The attacker returns approximately 1,500 BNB (roughly $465,000–$466,000), routed through Tornado Cash, to Allbridge's recovery address. Approximately $100,000–$108,000 is retained by the attacker as the bounty. Approximately 507.3 BNB had previously been sent to Tornado Cash in the days after the attack.","source":"Allbridge Hacker Returns 1,500 BNB, Keeps $100,000 as Bounty — BeInCrypto","source_url":"https://beincrypto.com/allbridge-defi-recovers-stolen-crypto-hacker-bounty/"},{"date":"2023-04-04","event":"Allbridge converts returned BNB to BUSD and launches a compensation program for affected liquidity providers, requiring them to submit application forms.","source":"DeFi Project Allbridge Recovers Most of Stolen $570K — DailyCoin","source_url":"https://dailycoin.com/defi-project-allbridge-recovers-most-of-stolen-570k/"},{"date":"2023-05-30","event":"Allbridge publishes a relaunch update post describing security fixes implemented: single pool per chain, automatic pool shutdown on depeg, emergency pause controls, and open-sourced contracts on GitHub.","source":"Allbridge Core Updates Following the Relaunch — Allbridge Medium","source_url":"https://allbridge.medium.com/allbridge-core-updates-following-the-relaunch-9f7716eeb5da"}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 10fc93cd-f8e6-4f9e-bf0d-a5263a8a724f
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.