Skip to main content
Sign in
Bond Protocol1 decision on this page

Audit log

Every state-changing event for Bond Protocol: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-30 12:14:53Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 423,154,350
    sig
    35zJzpvvtYSU…3xP9aUTqexplorer ↗
    hash
    DywtDU994H7u…b86saWGUsha256 → base58
    verifying row…full verify ↗
    canonical bytes (12978 B) ▸
    {"actor":"system:backfill","investigation_id":"d9137293-15db-46cf-b00d-94ca66903d90","kind":"publish","page_slug":"bond-protocol","published_at":"2026-05-30T12:14:53.891Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Bond Protocol","sections":[{"content":"","heading":"","severity":"low","sources":[{"credibility":2,"name":"Introducing Bond Protocol — Bond Protocol Medium","type":"official","url":"https://medium.com/@Bond_Protocol/introducing-bond-protocol-8476881f84e4"},{"credibility":2,"name":"OIP-104: Deploy Permissionless OP as Bond Protocol — OlympusDAO Forum","type":"official","url":"https://forum.olympusdao.finance/d/1243-oip-104-deploy-permissionless-op-as-bond-protocol"},{"credibility":2,"name":"OlympusDAO Vote to Split Olympus Pro and Rename as Bond Protocol — TokenInsight","type":"news_article","url":"https://tokeninsight.com/en/news/olympusdao-s-vote-to-split-olympus-pro-and-rename-as-bond-protocol-approved"},{"credibility":2,"name":"Bond Protocol — IQ.wiki","type":"research","url":"https://iq.wiki/wiki/bond-protocol"}]},{"content":"","heading":"","severity":"high","sources":[{"credibility":1,"name":"Bond Protocol Incident Report — Bond Protocol Medium","type":"official","url":"https://medium.com/@Bond_Protocol/bond-protocol-incident-report-e0aa1dfdeab"},{"credibility":1,"name":"Hacker Drains $300,000 from Olympus DAO on Bond Protocol — The Block","type":"news_article","url":"https://www.theblock.co/post/178927/hacker-drains-olympus-dao"},{"credibility":2,"name":"Explained: The OlympusDAO Hack (October 2022) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-olympusdao-hack-october-2022"},{"credibility":2,"name":"OlympusDAO Suffer $300K Exploit, White Hat Hacker Returns All Funds — BeInCrypto","type":"news_article","url":"https://beincrypto.com/olympusdao-suffer-300k-exploit-white-hat-hacker-returns-all-funds/"},{"credibility":2,"name":"Olympus DAO Bond Protocol Missing Validation Exploit — Medium","type":"research","url":"https://medium.com/@dragotanqueray/olympus-dao-bond-protocol-missing-validation-exploit-d486a6e692d1"}]},{"content":"","heading":"","severity":"high","sources":[{"credibility":1,"name":"Bond Protocol Incident Report — Bond Protocol Medium","type":"official","url":"https://medium.com/@Bond_Protocol/bond-protocol-incident-report-e0aa1dfdeab"},{"credibility":2,"name":"Sherlock Audit February 2023 — sherlock-audit/2023-02-bond (GitHub)","type":"research","url":"https://github.com/sherlock-audit/2023-02-bond/blob/main/README.md"},{"credibility":2,"name":"Sherlock Audit June 2023 — sherlock-audit/2023-06-bond (GitHub)","type":"research","url":"https://github.com/sherlock-audit/2023-06-bond"},{"credibility":2,"name":"Sherlock Audit Issues — sherlock-audit/2023-02-bond-judging (GitHub)","type":"research","url":"https://github.com/sherlock-audit/2023-02-bond-judging/issues"},{"credibility":2,"name":"How Bond Protocol Simulates User Interactions to Keep Users Safe — GuardianUI on Medium","type":"research","url":"https://medium.com/guardianui/how-bond-protocol-simulates-user-interactions-to-keep-users-safe-c3fc8f02c755"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":2,"name":"Announcing Our $2.5M Seed Round — Bond Protocol Medium","type":"official","url":"https://medium.com/@Bond_Protocol/announcing-our-2-5m-seed-round-ff5891ffa654"},{"credibility":2,"name":"Bond Protocol — Alchemy Dapps","type":"other","url":"https://www.alchemy.com/dapps/bond-protocol"},{"credibility":2,"name":"OIP-104: Deploy Permissionless OP as Bond Protocol — OlympusDAO Forum","type":"official","url":"https://forum.olympusdao.finance/d/1243-oip-104-deploy-permissionless-op-as-bond-protocol"},{"credibility":2,"name":"Bond-Protocol GitHub Organization","type":"official","url":"https://github.com/bond-protocol"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":2,"name":"Bond Protocol TVL Stats and Charts — DeFiLlama","type":"on_chain","url":"https://defillama.com/protocol/bond-protocol"},{"credibility":2,"name":"Bond Protocol Q2 2023 Report — Bond Protocol Medium","type":"official","url":"https://medium.com/@Bond_Protocol/bond-protocol-q2-2023-report-294f1182807a"},{"credibility":3,"name":"Pendle Bonds on Bond Protocol — Pendle Finance Twitter/X","type":"social_media","url":"https://x.com/pendle_fi/status/1638178409741430790"},{"credibility":2,"name":"Bond Protocol — IQ.wiki","type":"research","url":"https://iq.wiki/wiki/bond-protocol"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":2,"name":"ZachXBT — Investigations Archive (Mirror)","type":"research","url":"https://zachxbt.mirror.xyz/"},{"credibility":2,"name":"Investigations By ZachXBT — Paragraph","type":"research","url":"https://paragraph.com/@investigations"},{"credibility":2,"name":"Biggest DeFi Hacks in October 2022 — Halborn","type":"research","url":"https://www.halborn.com/blog/post/biggest-defi-hacks-in-october-2022"},{"credibility":2,"name":"Bondly Finance Hack Explained (July 2021) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-bondly-finance-hack-july-2021"}]},{"content":"","heading":"","severity":"high","sources":[{"credibility":2,"name":"What is Bonding (DeFi)? Definition, Examples, Risks — Cube Exchange","type":"research","url":"https://www.cube.exchange/what-is/bonding-defi"},{"credibility":2,"name":"Olympus DAO — DeFiLlama","type":"on_chain","url":"https://defillama.com/protocol/olympus-dao"},{"credibility":2,"name":"Bond Protocol General FAQ — Official Docs","type":"official","url":"https://docs.bondprotocol.finance/general-faq"},{"credibility":1,"name":"Olympus DAO Might Be the Future of Money (or It Might Be a Ponzi) — CoinDesk","type":"news_article","url":"https://www.coindesk.com/policy/2021/12/05/olympus-dao-might-be-the-future-of-money-or-it-might-be-a-ponzi"}]}],"sources_used":[{"credibility":1,"name":"Bond Protocol Incident Report — Bond Protocol Medium","type":"official","url":"https://medium.com/@Bond_Protocol/bond-protocol-incident-report-e0aa1dfdeab"},{"credibility":1,"name":"Hacker Drains $300,000 from Olympus DAO on Bond Protocol — The Block","type":"news_article","url":"https://www.theblock.co/post/178927/hacker-drains-olympus-dao"},{"credibility":2,"name":"Explained: The OlympusDAO Hack (October 2022) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-olympusdao-hack-october-2022"},{"credibility":2,"name":"OlympusDAO Suffer $300K Exploit, White Hat Hacker Returns All Funds — BeInCrypto","type":"news_article","url":"https://beincrypto.com/olympusdao-suffer-300k-exploit-white-hat-hacker-returns-all-funds/"},{"credibility":2,"name":"Introducing Bond Protocol — Bond Protocol Medium","type":"official","url":"https://medium.com/@Bond_Protocol/introducing-bond-protocol-8476881f84e4"},{"credibility":2,"name":"Announcing Our $2.5M Seed Round — Bond Protocol Medium","type":"official","url":"https://medium.com/@Bond_Protocol/announcing-our-2-5m-seed-round-ff5891ffa654"},{"credibility":2,"name":"OIP-104: Deploy Permissionless OP as Bond Protocol — OlympusDAO Forum","type":"official","url":"https://forum.olympusdao.finance/d/1243-oip-104-deploy-permissionless-op-as-bond-protocol"},{"credibility":2,"name":"Sherlock Audit February 2023 — GitHub","type":"research","url":"https://github.com/sherlock-audit/2023-02-bond/blob/main/README.md"},{"credibility":2,"name":"Sherlock Audit June 2023 — GitHub","type":"research","url":"https://github.com/sherlock-audit/2023-06-bond"},{"credibility":2,"name":"Sherlock Audit Issues (February 2023) — GitHub","type":"research","url":"https://github.com/sherlock-audit/2023-02-bond-judging/issues"},{"credibility":2,"name":"Bond Protocol TVL Stats and Charts — DeFiLlama","type":"on_chain","url":"https://defillama.com/protocol/bond-protocol"},{"credibility":2,"name":"Bond Protocol — IQ.wiki","type":"research","url":"https://iq.wiki/wiki/bond-protocol"},{"credibility":2,"name":"Biggest DeFi Hacks in October 2022 — Halborn","type":"research","url":"https://www.halborn.com/blog/post/biggest-defi-hacks-in-october-2022"},{"credibility":2,"name":"Bond Protocol Q2 2023 Report — Bond Protocol Medium","type":"official","url":"https://medium.com/@Bond_Protocol/bond-protocol-q2-2023-report-294f1182807a"},{"credibility":2,"name":"Olympus DAO Bond Protocol Missing Validation Exploit — Medium","type":"research","url":"https://medium.com/@dragotanqueray/olympus-dao-bond-protocol-missing-validation-exploit-d486a6e692d1"},{"credibility":2,"name":"How Bond Protocol Simulates User Interactions — GuardianUI on Medium","type":"research","url":"https://medium.com/guardianui/how-bond-protocol-simulates-user-interactions-to-keep-users-safe-c3fc8f02c755"},{"credibility":1,"name":"Olympus DAO Might Be the Future of Money (or It Might Be a Ponzi) — CoinDesk","type":"news_article","url":"https://www.coindesk.com/policy/2021/12/05/olympus-dao-might-be-the-future-of-money-or-it-might-be-a-ponzi"},{"credibility":2,"name":"ZachXBT — Investigations Archive (Mirror)","type":"research","url":"https://zachxbt.mirror.xyz/"},{"credibility":2,"name":"Investigations By ZachXBT — Paragraph","type":"research","url":"https://paragraph.com/@investigations"},{"credibility":2,"name":"Bondly Finance Hack Explained (July 2021) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-bondly-finance-hack-july-2021"}],"summary":"Bond Protocol is a permissionless bonds-as-a-service platform for DeFi, spun out of OlympusDAO's Olympus Pro product via a governance vote in mid-2022. In October 2022 — just weeks after its public launch — the protocol's Fixed-Expiry Teller smart contract was exploited for approximately $300,000 in OHM tokens due to a missing input validation vulnerability that had evaded three prior independent audits. The attacker ultimately returned all funds, the team underwent re-auditing with Zellic and Sherlock, and the protocol raised $2.5M in seed funding, though its TVL has since declined to minimal levels.","timeline":[{"date":"2021-09-01","event":"OlympusDAO launches Olympus Pro, the bonding-as-a-service marketplace that becomes the direct predecessor to Bond Protocol.","source":"OlympusDAO Medium","source_url":"https://olympusdao.medium.com/introducing-olympus-pro-d8db3052fca5"},{"date":"2022-07-15","event":"Bond Protocol formally announced as a standalone entity spun out of OlympusDAO's Olympus Pro following OIP-104 governance vote approval.","source":"Bond Protocol Medium","source_url":"https://medium.com/@Bond_Protocol/introducing-bond-protocol-8476881f84e4"},{"date":"2022-10-03","event":"Bond Protocol dApp goes live on mainnet, offering permissionless bond market creation for any token pair.","source":"Bond Protocol Medium","source_url":"https://medium.com/@Bond_Protocol/introducing-bond-protocol-8476881f84e4"},{"date":"2022-10-06","event":"Bond Protocol announces a $2.5M seed round led by Chapter One and IDEO CoLab Ventures, with Alchemy Ventures and Hypersphere Ventures participating.","source":"Bond Protocol Medium","source_url":"https://medium.com/@Bond_Protocol/announcing-our-2-5m-seed-round-ff5891ffa654"},{"date":"2022-10-21","event":"Fixed-Expiry Teller smart contract exploited for 30,437 OHM (~$300,000). Attacker deploys counterfeit bond tokens and exploits missing input validation in the redeem() function. Funds are returned within hours following negotiation.","source":"Bond Protocol Incident Report — Medium","source_url":"https://medium.com/@Bond_Protocol/bond-protocol-incident-report-e0aa1dfdeab"},{"date":"2022-10-21","event":"Bond Protocol closes all Fixed-Expiry markets and begins working with Zellic on a full re-audit of the codebase.","source":"Bond Protocol Incident Report — Medium","source_url":"https://medium.com/@Bond_Protocol/bond-protocol-incident-report-e0aa1dfdeab"},{"date":"2023-02-01","event":"First Sherlock competitive audit of Bond Protocol conducted, covering new oracle-based auctioneers, fixed price auctioneer, Chainlink oracle, and batch auction wrapper contracts.","source":"Sherlock Audit — GitHub","source_url":"https://github.com/sherlock-audit/2023-02-bond/blob/main/README.md"},{"date":"2023-06-01","event":"Second Sherlock competitive audit conducted, covering Bond Protocol's Options Liquidity Mining (OLM) system and related contracts.","source":"Sherlock Audit — GitHub","source_url":"https://github.com/sherlock-audit/2023-06-bond"},{"date":"2023-10-01","event":"Bond Protocol launches the DAOversified podcast focused on DAO treasury management and operations.","source":"Bond Protocol — IQ.wiki","source_url":"https://iq.wiki/wiki/bond-protocol"},{"date":"2026-05-01","event":"Bond Protocol TVL measured at approximately $75,900 on DeFiLlama, down sharply from peak activity levels in 2022-2023.","source":"DeFiLlama — Bond Protocol","source_url":"https://defillama.com/protocol/bond-protocol"}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 53da7b7f-ad30-4cfb-888c-f82af37ceb05
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.