Skip to main content
Sign in
BearnFi1 decision on this page

Audit log

Every state-changing event for BearnFi: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-21 18:45:40Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 421,258,814
    sig
    AKC9cz8spUHk…pSt47m5texplorer ↗
    hash
    8wQsopnGnzdf…KXidJTDZsha256 → base58
    verifying row…full verify ↗
    canonical bytes (5474 B) ▸
    {"actor":"system:backfill","investigation_id":"c8c9fc2c-9ea4-4bf1-8606-ce0fb1afb4ae","kind":"publish","page_slug":"bearnfi","published_at":"2026-05-21T18:45:40.610Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"BearnFi","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://peckshield.medium.com/bearn-fi-incident-inconsistent-asset-denomination-between-vault-strategy-9b24b68ab1c0","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/defi-protocol-bearn-suffers-11m-flash-loan-attack/","type":"other","url":""},{"credibility":3,"name":"https://bearndao.medium.com/bvaults-busd-alpaca-strategy-exploit-post-mortem-and-bearn-s-compensation-plan-b0b38c3b5540","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/bearn-rekt/","type":"other","url":""},{"credibility":3,"name":"https://github.com/OriginProtocol/security/blob/master/incidents/2021-05-16-BearnFi.md","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/bearn-rekt/","type":"other","url":""},{"credibility":3,"name":"https://peckshield.medium.com/bearn-fi-incident-inconsistent-asset-denomination-between-vault-strategy-9b24b68ab1c0","type":"other","url":""},{"credibility":3,"name":"https://www.bsc.news/post/bearn-jan-2021-review","type":"other","url":""},{"credibility":3,"name":"https://www.vidma.io/blog/the-bearn-exploit-a-18-million-lesson-in-defi-smart-contract-vulnerabilities","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://bearndao.medium.com/bvaults-busd-alpaca-strategy-exploit-post-mortem-and-bearn-s-compensation-plan-b0b38c3b5540","type":"other","url":""},{"credibility":3,"name":"https://cryptoslate.com/defi-platform-bearn-fi-promises-105-compensation-after-10-million-hack-but-is-it-the-right-thing/","type":"other","url":""},{"credibility":3,"name":"https://www.bsc.news/post/victims-of-latest-defi-bearn-fi-exploit-receives-assurance-of-complete-compensation","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://bearndao.medium.com/official-ama-with-the-bearn-fi-team-8d814d09d60d","type":"other","url":""},{"credibility":3,"name":"https://bearndao.medium.com/bearn-fi-introduction-9e65f6395dfc","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coinlore.com/coin/bearn-fi","type":"other","url":""},{"credibility":3,"name":"https://coinpaprika.com/coin/bfi-bearnfi/","type":"other","url":""},{"credibility":3,"name":"https://stack.money/asset/bearn-fi","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://github.com/OriginProtocol/security/blob/master/incidents/2021-05-16-BearnFi.md","type":"other","url":""},{"credibility":3,"name":"https://protos.com/bsc-binance-smart-chainflash-loan-attacks-crypto-may/","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/the-10-biggest-defi-hacks-of-2021-a-recap","type":"other","url":""},{"credibility":3,"name":"https://www.chainsec.io/defi-hacks","type":"other","url":""}]}],"sources_used":[],"summary":"bEarn.fi (BearnFi) is a Binance Smart Chain-based cross-chain yield farming and algorithmic stablecoin protocol that launched in late 2020. On May 16, 2021, an attacker exploited a smart contract denomination mismatch to drain approximately $10.85 million in BUSD from the protocol's bVaults via a flash loan attack. The project subsequently became inactive, with its native BFI token recording no price data after mid-2023 and a market capitalization of effectively zero. The entity has been flagged by ZachXBT.","timeline":[{"date":"2020-11-01","event":"bEarn.fi protocol launches on Binance Smart Chain, offering cross-chain yield farming, algorithmic stablecoin, and related DeFi products.","source":""},{"date":"2021-01-01","event":"bEarn.fi January review published; CertiK audit of the bDollar smart contract reported as in progress but not yet completed.","source":""},{"date":"2021-05-16","event":"Flash loan exploit occurs at 10:36:20 AM UTC. Attacker borrows 7.8M BUSD from Cream Finance and executes 26-30 deposit/withdrawal cycles against the bVaults BUSD Alpaca strategy, draining approximately $10.85 million in BUSD.","source":""},{"date":"2021-05-16","event":"bEarn team freezes all bVaults, contacts Binance to flag attacker address 0x47f341d896b08daacb344d9021f955247e50d089, and engages CertiK and PeckShield.","source":""},{"date":"2021-05-17","event":"bEarn team publishes post-mortem and announces 105% compensation plan for affected users: 87.5% BUSD + 7.5% BDOv2 immediately, 10% BDEX vested over 80 weeks.","source":""},{"date":"2021-05-17","event":"PeckShield publishes technical analysis confirming root cause as inconsistent asset denomination (BUSD vs ibBUSD) between BvaultsBank and BvaultsStrategy contracts.","source":""},{"date":"2021-05-17","event":"Yearn Finance developer Banteg criticizes bEarn's immediate compensation promise, warning it creates a distorted perception of risk for DeFi users.","source":""},{"date":"2023-08-10","event":"Last recorded price data for BFI token per market data aggregators. Protocol activity effectively ceases with market capitalization falling to zero.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision ea4a5ce6-3081-490e-b87b-9803107963e4
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.