Audit log

Every state-changing event for Bungee: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-28 08:15:57Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 422,682,007

   sig

   5x1giabN5NQk…jaDbD2Ercopyexplorer ↗

   hash

   AyesMrEAgwaW…D96F7xL1copysha256 → base58

   verifying row…full verify ↗

   canonical bytes (4950 B) ▸

   {"actor":"system:backfill","investigation_id":"09053226-33df-4c47-9a09-055aa638373a","kind":"publish","page_slug":"bungee","published_at":"2026-05-28T08:15:57.394Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Bungee","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.bungee.exchange/overview/what-is-bungee","type":"other","url":""},{"credibility":3,"name":"https://theorg.com/org/socket-tech/org-chart/vaibhav-chellani","type":"other","url":""},{"credibility":3,"name":"https://www.crunchbase.com/person/vaibhav-chellani-b154","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2024/01/17/socket-bungee-restart-operations-after-apparent-33m-exploit","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/272986/socket-says-bungee-protocol-exploited","type":"other","url":""},{"credibility":3,"name":"https://www.web3isgoinggreat.com/?id=socket-service-and-its-bungee-bridge-suffer-3-3-million-theft","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/socket-tech-incident-analysis","type":"other","url":""},{"credibility":3,"name":"https://revoke.cash/exploits/socket","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.fxstreet.com/cryptocurrencies/news/breaking-bungee-exchange-and-socketdottech-likely-exploited-users-asked-to-revoke-address-202401161936","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/tech/2024/01/17/socket-bungee-restart-operations-after-apparent-33m-exploit","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coinlive.com/news-flash/425843","type":"other","url":""},{"credibility":3,"name":"https://blockworks.co/news/defi-exploit-socket-compensation-plan","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/273964/socket-ether-recovery-bungee-exploit","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.certik.com/resources/blog/socket-tech-incident-analysis","type":"other","url":""},{"credibility":3,"name":"https://revoke.cash/exploits/socket","type":"other","url":""},{"credibility":3,"name":"https://rivanorth.com/blog/hack-explained-socket","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://beincrypto.com/multi-chain-crypto-wallet-drain-phishing-exploit/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://status.bungee.exchange/","type":"other","url":""},{"credibility":3,"name":"https://www.bungee.exchange/","type":"other","url":""}]}],"sources_used":[],"summary":"Bungee Exchange is a cross-chain bridge aggregator and liquidity routing protocol developed by Socket (formerly SocketDotTech), founded in 2021 by Vaibhav Chellani and Rishabh Khurana. On January 16, 2024, the underlying Socket infrastructure was exploited via an inadequately validated smart contract route, resulting in approximately $3.3 million stolen from roughly 700 wallets with infinite token approvals. The protocol recovered approximately $2.23 million of the stolen funds one week later and resumed operations; it remains active as of 2026.","timeline":[{"date":"2021-01-01","event":"Socket Protocol founded by Vaibhav Chellani and Rishabh Khurana, previously from Biconomy.","source":""},{"date":"2022-01-01","event":"Socket raises seed/pre-seed funding from Coinbase Ventures, Lightspeed Venture Partners, Framework Ventures, Nascent, and others, reportedly totalling $5–12 million across rounds.","source":""},{"date":"2024-01-13","event":"Socket admin deploys a new bridging route to the SocketGateway contract containing an unvalidated .call() vulnerability.","source":""},{"date":"2024-01-16","event":"Exploit executed: attacker drains approximately $3.3 million from ~700 wallets with infinite token approvals to SocketGateway. @speekaway first flags attack at 18:20 UTC; PeckShield reports at 14:26 ET; Socket confirms and pauses contracts.","source":""},{"date":"2024-01-17","event":"Socket and Bungee restart bridging operations after patching the vulnerable route. Compensation plan for victims announced.","source":""},{"date":"2024-01-23","event":"Socket announces recovery of 1,032 ETH (~$2.23 million) of stolen funds; victim claim process initiated via on-chain message signing.","source":""},{"date":"2024-01-01","event":"CertiK publishes post-incident technical analysis confirming incomplete input validation as root cause.","source":""},{"date":"2026-04-27","event":"Bungee Exchange reports all services fully operational per its public status page.","source":""}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 6ca9467f-0cda-421f-9554-ec0b38b891dccopy