Skip to main content
Sign in
BlueBerry Protocol1 decision on this page

Audit log

Every state-changing event for BlueBerry Protocol: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-27 18:12:36Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,554,258
    sig
    4zhq55Jg7icE…9tLjAy3Fexplorer ↗
    hash
    BUjW39rQBv4R…3UeD4eW7sha256 → base58
    verifying row…full verify ↗
    canonical bytes (8235 B) ▸
    {"actor":"system:backfill","investigation_id":"3158155c-6640-4d25-b0b1-46733799554e","kind":"publish","page_slug":"blueberry","published_at":"2026-05-27T18:12:36.486Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"BlueBerry Protocol","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/@blueberryprotocol/2-22-24-exploit-post-mortem-6f6be7c1dcc3","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/defi-protocol-blueberry-pauses-after-exploit","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/white-hat-saves-million-defi-exploit/","type":"other","url":""},{"credibility":3,"name":"https://www.web3isgoinggreat.com/single/blueberry-protocol-narrowly-avoids-1-3-million-hack","type":"other","url":""},{"credibility":3,"name":"https://cryptonews.com/news/blueberry-defi-protocol-suspends-lending-services-after-1-3m-exploit/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/@blueberryprotocol/2-22-24-exploit-post-mortem-6f6be7c1dcc3","type":"other","url":""},{"credibility":3,"name":"https://www.web3isgoinggreat.com/single/blueberry-protocol-narrowly-avoids-1-3-million-hack","type":"other","url":""},{"credibility":3,"name":"https://bsc.news/post/defi-platform-blueberry-halts-operations-following-exploitation-attempt-what-happened","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://beincrypto.com/white-hat-saves-million-defi-exploit/","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@blueberryprotocol/2-22-24-exploit-post-mortem-6f6be7c1dcc3","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/242136/mev-bot-runner-c0ffeebabe-eth-returns-5-4-million-amid-curve-exploit","type":"other","url":""},{"credibility":3,"name":"https://cryptonews.com/news/blueberry-defi-protocol-suspends-lending-services-after-1-3m-exploit/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://github.com/sherlock-audit/2023-02-blueberry-judging","type":"other","url":""},{"credibility":3,"name":"https://github.com/sherlock-audit/2023-07-blueberry-judging","type":"other","url":""},{"credibility":3,"name":"https://hacken.io/audits/blueberry-protocol/","type":"other","url":""},{"credibility":3,"name":"https://hackmd.io/@brainbot-services/recap_blueberry","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@blueberryprotocol/re-launch-security-update-49442502ec67","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/@blueberryprotocol/2-22-24-exploit-post-mortem-6f6be7c1dcc3","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@blueberryprotocol/blueberry-tokenomics-and-token-generation-event-lockdrop-airdrop-1ac267d30092","type":"other","url":""},{"credibility":3,"name":"https://cryptorank.io/ico/blueberry-protocol","type":"other","url":""},{"credibility":3,"name":"https://www.binance.com/en/square/post/2024-02-24-blueberry-protocol-to-compensate-users-after-vulnerability-attack-4536854784242","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/@blueberryprotocol/team-behind-blueberry-raises-1-2m-to-enable-capital-efficient-borrowing-on-ethereum-f1aef0a25023","type":"other","url":""},{"credibility":3,"name":"https://www.finsmes.com/2024/06/blueberry-protocol-raises-2-5m-series-a-funding.html","type":"other","url":""},{"credibility":3,"name":"https://www.crunchbase.com/organization/blueberry-protocol","type":"other","url":""},{"credibility":3,"name":"https://www.linkedin.com/in/bailey-spraggins/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.web3isgoinggreat.com/single/blueberry-protocol-narrowly-avoids-1-3-million-hack","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/defi-protocol-blueberry-pauses-after-exploit","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/blueberry","type":"other","url":""},{"credibility":3,"name":"https://v1.docs.blueberry.garden/","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@blueberryprotocol/re-launch-security-update-49442502ec67","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@blueberryprotocol/blueberrys-security-first-approach-to-generalized-leverage-765c42dcd748","type":"other","url":""}]}],"sources_used":[],"summary":"Blueberry Protocol is an Ethereum-based decentralized leveraged yield farming and prime brokerage protocol developed by Composable Corp. In February 2024, the protocol suffered a significant exploit caused by an oracle misconfiguration that allowed a flash loan attacker to drain approximately 457.7 ETH (~$1.35M) from three lending markets; most funds were rescued by white hat MEV operator c0ffeebabe.eth but ~91 ETH (~$265,000) was permanently lost to validator payments. Despite completing multiple Sherlock and Hacken audits and raising $2.5M in a June 2024 Series A, the protocol's security track record and history of audit findings raise material concerns for prospective users.","timeline":[{"date":"2023-02-01","event":"Sherlock audit contest #1 (2023-02-blueberry) identifies high-severity issues including ineffective deadline checks and oracle staleness vulnerabilities.","source":""},{"date":"2023-04-01","event":"Sherlock audit contest #2 (2023-04-blueberry) identifies sandwich attack risks in IchiVaultSpell and ConvexSpell withdrawals.","source":""},{"date":"2023-05-01","event":"Sherlock audit contest #3 (2023-05-blueberry) conducted.","source":""},{"date":"2023-07-01","event":"Sherlock audit contest #4 (2023-07-blueberry) conducted.","source":""},{"date":"2024-01-29","event":"BLB token lockdrop campaign begins on Ethereum mainnet, offering 5% of total BLB supply to early lenders over a 56-day period.","source":""},{"date":"2024-02-22","event":"At 08:36 UTC, borrowing functionality in the new money market is activated prematurely — before the intended Monday launch of borrowing strategies. The money market is using CoreOracle, an incorrect oracle that prices assets with fewer than 18 decimals severely below market value.","source":""},{"date":"2024-02-23","event":"At 02:22 UTC, an attacker executes a flash loan attack using 1 WETH from Balancer, exploiting the oracle misconfiguration to drain 8,616 OHM, 913,263 USDC, and 6.87 WBTC across three lending markets, totaling 457.684 ETH (~$1.35M). c0ffeebabe.eth front-runs the attacker and routes 366.6 ETH to the Blueberry multisig. ~91 ETH is permanently lost to validator payments.","source":""},{"date":"2024-02-23","event":"Blueberry Protocol Foundation announces exploit on X (formerly Twitter), pauses all lending operations, and advises users to withdraw from lending markets.","source":""},{"date":"2024-02-24","event":"Blueberry Foundation publishes initial recovery statement committing to 100% repayment of affected lenders. Community TGE allocation increased from 5% to 10% of total supply as additional compensation for affected users.","source":""},{"date":"2024-02-25","event":"Post-mortem published confirming oracle misconfiguration as root cause. Composable Corp pays 10% bounty on recovered funds to c0ffeebabe.eth and collaborators.","source":""},{"date":"2024-03-01","event":"Post-exploit audits commissioned from Spearbit, 0x52, and Cuthalion0x. Results find no additional high-severity vulnerabilities threatening user funds beyond the oracle fix.","source":""},{"date":"2024-06-04","event":"Blueberry Protocol raises $2.5M Series A funding led by White Star Capital, with participation from Varys Capital, SNZ Capital, Alchemix DAO, and others.","source":""},{"date":"2024-06-05","event":"BLB token IDO opens, running through June 10, 2024, raising approximately $190,000 at $0.0194 per BLB.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 4a802956-f469-43bd-8b3e-eb0f6755758a
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.