← BNB Chain Bridge3 decisions on this page
Audit log
Every state-changing event for BNB Chain Bridge: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.
- #1publishby system:backfill2026-05-30 18:25:03ZScore: ? → ? (no score change)anchoranchored
- chain
- ●mainnet-betaslot 423,210,378
- sig
2PJzBoFGV36k…vWxAvvCRexplorer ↗- hash
4BwZkzn8giT8…fFcmgUE3sha256 → base58
verifying row…full verify ↗canonical bytes (5700 B) ▸
{"actor":"system:backfill","investigation_id":"1880498b-a15d-46c2-aedf-3c9922c021d9","kind":"publish","page_slug":"bnb-chain-bridge","published_at":"2026-05-30T18:25:03.924Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"BNB Chain Bridge","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-bnb-chain-hack-october-2022","type":"other","url":""},{"credibility":3,"name":"https://medium.com/immunefi/hack-analysis-binance-bridge-october-2022-2876d39247c1","type":"other","url":""},{"credibility":3,"name":"https://sanebow.me/bnb-hack-iavl-explained","type":"other","url":""},{"credibility":3,"name":"https://www.elliptic.co/blog/analysis/attack-mints-569-million-worth-of-bnb-tokens-in-bsc-bridge-exploit","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.elliptic.co/blog/analysis/attack-mints-569-million-worth-of-bnb-tokens-in-bsc-bridge-exploit","type":"other","url":""},{"credibility":3,"name":"https://www.merklescience.com/blog/hack-track-analysis-of-the-bnb-smart-chain-exploit","type":"other","url":""},{"credibility":3,"name":"https://www.cnbc.com/2022/10/07/more-than-100-million-worth-of-binances-bnb-token-stolen-in-another-major-crypto-hack.html","type":"other","url":""},{"credibility":3,"name":"https://www.nansen.ai/research/bnb-chains-cross-chain-bridge-exploit-explained","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cointelegraph.com/news/bnb-chain-confirms-bsc-halt-due-to-potential-exploit","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/business/2022/10/10/binance-exec-bnb-smart-chain-hack-could-have-been-worse-if-validators-hadnt-sprung-into-action","type":"other","url":""},{"credibility":3,"name":"https://fortune.com/crypto/2022/10/06/binance-smart-chain-halts-after-exploit/","type":"other","url":""},{"credibility":3,"name":"https://blockworks.com/news/after-bnb-chain-hack-operators-must-face-question-of-decentralization","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/business/2022/10/11/bnb-smart-chain-to-perform-hard-fork-as-fix-for-100m-exploit","type":"other","url":""},{"credibility":3,"name":"https://www.bnbchain.org/en/blog/technology-update-of-bnb-chain-in-october-2022/","type":"other","url":""},{"credibility":3,"name":"https://github.com/bnb-chain/BEPs/pull/171","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/bnb-beacon-chain-hard-fork-adds-panic-feature-that-can-halt-blockchain","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.quillaudits.com/blog/hack-analysis/bsc-token-hub-bridge-hack","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@sharkteam/causes-of-merkle-tree-vulnerability-and-tracking-of-on-chain-funds-analysis-of-bnbchain-9aa802323754","type":"other","url":""},{"credibility":3,"name":"https://arxiv.org/html/2501.03423v1","type":"other","url":""},{"credibility":3,"name":"https://www.merklescience.com/blog/hack-track-analysis-of-the-bnb-smart-chain-exploit","type":"other","url":""}]}],"sources_used":[],"summary":"The BSC Token Hub, BNB Chain's cross-chain bridge connecting BNB Beacon Chain and BNB Smart Chain, was exploited on October 6, 2022 via a forged IAVL Merkle proof that allowed an attacker to mint approximately 2 million BNB valued at roughly $566–570 million. Rapid validator coordination halted the chain and froze most funds on BSC, limiting the attacker's realized gain to an estimated $137 million, though the incident exposed deep structural centralization concerns about BNB Smart Chain's 21-validator Proof of Staked Authority model.","timeline":[{"date":"2022-10-06","event":"Attacker executes two transactions of 1 million BNB each via a forged IAVL Merkle proof on the BSC Token Hub bridge, minting approximately 2 million BNB (~$566–570 million).","source":""},{"date":"2022-10-06","event":"BNB Chain contacts all 44 active validators and requests they suspend block production on BNB Smart Chain to prevent further fund movement.","source":""},{"date":"2022-10-06","event":"Binance CEO Changpeng Zhao publicly confirms the exploit on Twitter, states the issue is contained and user funds are safe.","source":""},{"date":"2022-10-07","event":"BNB Smart Chain resumes operations with a hotfix. Tether and Circle blacklist the attacker's addresses, freezing $33.5 million combined in USDT and USDC.","source":""},{"date":"2022-10-07","event":"Post-incident analysis confirms approximately $137 million was moved to other chains before the halt, with roughly $430 million remaining frozen on BSC.","source":""},{"date":"2022-10-11","event":"BNB Chain announces a scheduled hard fork for October 12 to permanently patch the cross-chain bridge vulnerability.","source":""},{"date":"2022-10-12","event":"BNB Chain hard fork (client v1.1.15) executed at 08:00 UTC, patching the IAVL proof verification flaw and re-enabling the cross-chain bridge.","source":""},{"date":"2022-10-13","event":"Cosmos SDK releases coordinated security disclosures for the 'Dragonfruit' and 'Dragonberry' bugs affecting all IBC-enabled chains using the same IAVL library.","source":""},{"date":"2023-02-06","event":"BNB Chain's Planck hard fork implements BEP-171, introducing permanent security enhancements including ICS23 proof verification, transfer time-locks, and emergency channel-pause mechanisms.","source":""}]},"v":1}Verify offline (run on your own machine)python -m src.verify_decision 0d184f90-5fa6-45d3-97f4-71463a6e60d6 - #2reviewby reviewerreviewer2026-06-13 20:13:02ZScore: 28 → 28 (no score change)The core narrative of the BNB Chain bridge exploit is well-supported: the IAVL Merkle proof forgery mechanism, the 2M BNB minted, the ~$566–570M face value, the $137M moved before chain halt, and the $33.5M frozen by Tether/Circle are all confirmed. Three claims are disputed: the timeline erroneously labels the October 12 hard fork as using client v1.1.15 (the actual hard fork used v1.1.16; v1.1.15 was the October 7 hotfix); the Cosmos SDK security disclosure event is dated October 13 but the relevant advisories were published October 8 and October 14; and the Planck hard fork is dated February 6, 2023 when it actually occurred April 12, 2023. Additionally, the page describes '44 active validators' when the correct characterization is 44 total validators with 26 active. All five section content fields are empty, which is a structural gap.anchoranchored
- chain
- ●mainnet-betaslot 426,269,092
- sig
4x2xFjXBytfv…mqYAY1FTexplorer ↗- hash
4c6uZXzT9HUc…Qu8YDEsXsha256 → base58
verifying row…full verify ↗canonical bytes (1202 B) ▸
{"actor":"reviewer","decided_at":"2026-06-13T20:13:02.703Z","decision":"review","investigation_id":"1880498b-a15d-46c2-aedf-3c9922c021d9","new_score":28,"page_slug":"bnb-chain-bridge","prev_score":28,"reason":"The core narrative of the BNB Chain bridge exploit is well-supported: the IAVL Merkle proof forgery mechanism, the 2M BNB minted, the ~$566–570M face value, the $137M moved before chain halt, and the $33.5M frozen by Tether/Circle are all confirmed. Three claims are disputed: the timeline erroneously labels the October 12 hard fork as using client v1.1.15 (the actual hard fork used v1.1.16; v1.1.15 was the October 7 hotfix); the Cosmos SDK security disclosure event is dated October 13 but the relevant advisories were published October 8 and October 14; and the Planck hard fork is dated February 6, 2023 when it actually occurred April 12, 2023. Additionally, the page describes '44 active validators' when the correct characterization is 44 total validators with 26 active. All five section content fields are empty, which is a structural gap.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}Verify offline (run on your own machine)python -m src.verify_decision caa1fcec-744c-4c7d-98c4-27f525239603 - #3review reviseby judgejudge2026-06-13 20:13:02ZScore: 28 → 16 (-12)The core factual narrative of the BNB Chain bridge exploit is well-supported across multiple independent sources — the IAVL Merkle proof forgery, 2 million BNB minted, the $566–570 million face value, the $137 million moved before the chain halt, and the $33.5 million frozen by Tether and Circle are all confirmed. However, three timeline claims are disputed: claim_findings[9] attributes the October 12 hard fork to client v1.1.15 when Tier-1 (GitHub) and Tier-2 (CoinDesk, GetBlock) sources confirm the hard fork used v1.1.16; claim_findings[10] dates the Cosmos SDK Dragonfruit/Dragonberry disclosures to October 13, 2022, but Tier-1 forum sources show Dragonfruit was published October 8 and Dragonberry on October 14; and claim_findings[11] gives the Planck hard fork date as February 6, 2023, contradicted by both a Tier-1 official BNB Chain announcement and a Tier-2 source that confirm April 12, 2023. Additionally, two high-priority structural gaps — empty section content fields across all five page sections and missing on-chain transaction-level evidence — indicate the page is incomplete and requires substantive expansion before it can be considered publication-ready.anchoranchored
- chain
- ●mainnet-betaslot 426,269,095
- sig
298czZ8LYvLh…KKx9AhWJexplorer ↗- hash
DGUKE2AE3wRF…6txCptCgsha256 → base58
verifying row…full verify ↗canonical bytes (1541 B) ▸
{"actor":"judge","decided_at":"2026-06-13T20:13:02.703Z","decision":"review_revise","investigation_id":"1880498b-a15d-46c2-aedf-3c9922c021d9","new_score":16,"page_slug":"bnb-chain-bridge","prev_score":28,"reason":"The core factual narrative of the BNB Chain bridge exploit is well-supported across multiple independent sources — the IAVL Merkle proof forgery, 2 million BNB minted, the $566–570 million face value, the $137 million moved before the chain halt, and the $33.5 million frozen by Tether and Circle are all confirmed. However, three timeline claims are disputed: claim_findings[9] attributes the October 12 hard fork to client v1.1.15 when Tier-1 (GitHub) and Tier-2 (CoinDesk, GetBlock) sources confirm the hard fork used v1.1.16; claim_findings[10] dates the Cosmos SDK Dragonfruit/Dragonberry disclosures to October 13, 2022, but Tier-1 forum sources show Dragonfruit was published October 8 and Dragonberry on October 14; and claim_findings[11] gives the Planck hard fork date as February 6, 2023, contradicted by both a Tier-1 official BNB Chain announcement and a Tier-2 source that confirm April 12, 2023. Additionally, two high-priority structural gaps — empty section content fields across all five page sections and missing on-chain transaction-level evidence — indicate the page is incomplete and requires substantive expansion before it can be considered publication-ready.","score_delta":-12,"sequence_num":3,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}Verify offline (run on your own machine)python -m src.verify_decision a31dfdae-5739-4627-84af-1cefa374b38e
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine —
python -m src.verify_decision <event_id>.