Skip to main content
Sign in
Ambient Finance3 decisions on this page

Audit log

Every state-changing event for Ambient Finance: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-28 20:24:58Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,792,432
    sig
    5JPt5g6ynnu1…8THrjJ1Aexplorer ↗
    hash
    BnJd3J7qwwTE…rjGzUagSsha256 → base58
    verifying row…full verify ↗
    canonical bytes (3396 B) ▸
    {"actor":"system:backfill","investigation_id":"da19cc17-dd96-47a4-a5de-9fd11102f484","kind":"publish","page_slug":"ambient","published_at":"2026-05-28T20:24:58.229Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Ambient Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.ambient.finance/","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/ambient","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://crocswap.medium.com/ambient-finance-raises-seed-round-funding-78328f4fa7e","type":"other","url":""},{"credibility":3,"name":"https://tokeninsight.com/en/news/decentralized-exchange-ambient-raises-6.5m-in-seed-round-led-by-blocktower-capital","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://coinpaper.com/5737/ambient-finance-recovers-domain-after-major-hack","type":"other","url":""},{"credibility":3,"name":"https://mpost.io/blockaid-ambient-finance-front-end-suspected-to-be-hacked/","type":"other","url":""},{"credibility":3,"name":"https://crypto.news/defi-exchange-ambient-finance-recovers-domain-after-dns-attack/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://skynet.certik.com/projects/ambient-finance","type":"other","url":""},{"credibility":3,"name":"https://cantina.xyz/blog/a-guide-to-prevent-dns-hijacking-for-web3","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/ambient","type":"other","url":""},{"credibility":3,"name":"https://cryptorank.io/ico/ambient-finance","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://skynet.certik.com/projects/ambient-finance","type":"other","url":""},{"credibility":3,"name":"https://ambient.finance/","type":"other","url":""}]}],"sources_used":[],"summary":"Ambient Finance (formerly CrocSwap, operated by Crocodile Labs) is a decentralized exchange protocol that runs an entire DEX inside a single smart contract, combining concentrated and ambient liquidity on Ethereum and several L2 networks. On October 17, 2024, the protocol's frontend suffered a DNS hijacking attack deploying Inferno Drainer malware to drain wallets of users who interacted with the compromised site; the underlying smart contracts were unaffected and the team reimbursed all affected users in ETH. ZachXBT has flagged this entity.","timeline":[{"date":"2021-01-01","event":"Crocodile Labs founded by Douglas Colkitt; CrocSwap development begins.","source":""},{"date":"2023-07-11","event":"Ambient Finance raises $6.5M seed round led by BlockTower Capital; Ethereum mainnet launch.","source":""},{"date":"2024-10-17","event":"DNS hijacking attack compromises ambient.finance frontend; Inferno Drainer malware deployed.","source":""},{"date":"2024-10-17","event":"Ambient confirms smart contracts unaffected; warns users not to interact with site.","source":""},{"date":"2024-10-20","event":"Original ambient.finance domain fully restored and secured.","source":""},{"date":"2024-10-26","event":"Full reimbursement in ETH completed for all affected users.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 18e669f9-0fd1-410c-8bf6-f6d583115b21
  2. #2reviewby reviewerreviewer
    2026-06-09 21:42:56Z
    Score: 5252 (no score change)
    The core factual claims about Ambient Finance's identity, architecture, funding round, and the October 2024 DNS hijacking incident are well-supported by multiple credible sources. The single significant red flag is the unverified assertion that ZachXBT flagged the entity — no evidence of this was found, and the DNS attack was identified by Blockaid. A material coverage gap exists: a $110K smart contract exploit occurred on June 8, 2026 (the day before this review), contradicting the implication that smart contract risk is absent. The tokeninsight.com cited URL returns HTTP 403 and is effectively dead.
    anchoranchored
    chain
    mainnet-betaslot 425,411,479
    sig
    FRFNtBd1umYM…e1vUx53Wexplorer ↗
    hash
    GAWgPSdVWm6V…n7GW6AJ6sha256 → base58
    verifying row…full verify ↗
    canonical bytes (951 B) ▸
    {"actor":"reviewer","decided_at":"2026-06-09T21:42:56.149Z","decision":"review","investigation_id":"da19cc17-dd96-47a4-a5de-9fd11102f484","new_score":52,"page_slug":"ambient","prev_score":52,"reason":"The core factual claims about Ambient Finance's identity, architecture, funding round, and the October 2024 DNS hijacking incident are well-supported by multiple credible sources. The single significant red flag is the unverified assertion that ZachXBT flagged the entity — no evidence of this was found, and the DNS attack was identified by Blockaid. A material coverage gap exists: a $110K smart contract exploit occurred on June 8, 2026 (the day before this review), contradicting the implication that smart contract risk is absent. The tokeninsight.com cited URL returns HTTP 403 and is effectively dead.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision a7a063ee-998f-4561-af0c-b1df7d4f25cb
  3. #3review reviseby judgejudge
    2026-06-09 21:42:56Z
    Score: 5242 (-10)
    The reviewer confirmed 13 of 16 claims via multiple credible sources, including Tier 1 outlets for the October 2024 DNS hijacking incident. However, claim_findings[8] — the assertion that ZachXBT flagged Ambient Finance — is unverifiable: no source connecting ZachXBT to any investigation of this entity was found, and the DNS attack was identified by Blockaid, not ZachXBT. This claim appears in the public-facing summary and should be removed or sourced before the page is considered accurate. Additionally, the review identified a high-priority coverage gap: a $110K smart contract exploit occurred on June 8, 2026 — one day before this review — which directly contradicts the page's implication that smart contract risk is absent. All six page sections also have empty content and headings, making this page functionally a stub. A score reduction of 10 points is applied pending correction of the unverified ZachXBT claim and addition of the June 2026 exploit.
    anchoranchored
    chain
    mainnet-betaslot 425,411,484
    sig
    no9qVcXU1LXz…bWHWjBuvexplorer ↗
    hash
    CN6HSCEqmmSE…tL55Qbhxsha256 → base58
    verifying row…full verify ↗
    canonical bytes (1313 B) ▸
    {"actor":"judge","decided_at":"2026-06-09T21:42:56.149Z","decision":"review_revise","investigation_id":"da19cc17-dd96-47a4-a5de-9fd11102f484","new_score":42,"page_slug":"ambient","prev_score":52,"reason":"The reviewer confirmed 13 of 16 claims via multiple credible sources, including Tier 1 outlets for the October 2024 DNS hijacking incident. However, claim_findings[8] — the assertion that ZachXBT flagged Ambient Finance — is unverifiable: no source connecting ZachXBT to any investigation of this entity was found, and the DNS attack was identified by Blockaid, not ZachXBT. This claim appears in the public-facing summary and should be removed or sourced before the page is considered accurate. Additionally, the review identified a high-priority coverage gap: a $110K smart contract exploit occurred on June 8, 2026 — one day before this review — which directly contradicts the page's implication that smart contract risk is absent. All six page sections also have empty content and headings, making this page functionally a stub. A score reduction of 10 points is applied pending correction of the unverified ZachXBT claim and addition of the June 2026 exploit.","score_delta":-10,"sequence_num":3,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 465f45d4-60de-4e42-b059-3750cb96f971
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.