Audit log

Every state-changing event for Coinbase: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-19 15:39:35Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 420,798,269

   sig

   kMi5ScZZqAbi…xHUS1L7Lcopyexplorer ↗

   hash

   BHFuEjdBzg8g…DrdW43fScopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (6072 B) ▸

   {"actor":"system:backfill","investigation_id":"34a1d395-ed34-4277-a8ff-7adb35a32f66","kind":"publish","page_slug":"coinbase","published_at":"2026-05-19T15:39:35.239Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Coinbase","sections":[{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]}],"sources_used":[],"summary":"Coinbase (NASDAQ: COIN) is the largest publicly listed cryptocurrency exchange in the United States, founded in 2012 and regulated across multiple jurisdictions. Despite its regulated status, the platform has been the subject of significant documented concerns: a May 2025 insider-enabled data breach affecting approximately 70,000 users with estimated remediation costs of $180–400 million, ongoing documented losses exceeding $300 million per year from social engineering scams targeting Coinbase users (as reported by blockchain investigator ZachXBT), a $100 million AML compliance settlement with the NYDFS in 2023, and controversies surrounding its Base Layer-2 blockchain including a disputed token launch and a contentious departure from the Optimism OP Stack ecosystem.","timeline":[{"date":"2015-01-01","event":"CFTC later determined Coinbase's automated trading programs 'Hedger' and 'Replicator' began producing wash trades (violations covering January 2015 through September 2018).","source":"","source_url":"https://www.cftc.gov/PressRoom/PressReleases/8369-21"},{"date":"2016-06-01","event":"A Coinbase employee placed intentional matching LTC/BTC trades over a six-week period to simulate liquidity, later found by CFTC to constitute wash trading.","source":"","source_url":"https://www.cftc.gov/PressRoom/PressReleases/8369-21"},{"date":"2021-03-19","event":"CFTC ordered Coinbase to pay a $6.5 million civil penalty for false, misleading, and inaccurate reporting and wash trading.","source":"","source_url":"https://www.cftc.gov/PressRoom/PressReleases/8369-21"},{"date":"2023-01-04","event":"NYDFS announced $100 million settlement with Coinbase over significant AML compliance failures, including inadequate KYC and transaction monitoring deficiencies.","source":"","source_url":"https://www.dfs.ny.gov/reports_and_publications/press_releases/pr202301041"},{"date":"2023-06-01","event":"SEC filed civil enforcement action against Coinbase alleging the exchange listed unregistered securities.","source":"","source_url":"https://www.sec.gov/newsroom/press-releases/2025-47"},{"date":"2024-09-01","event":"Insider data theft at Coinbase began, with a TaskUs contractor in India photographing and selling customer records to outside threat actors for approximately $200 per image.","source":"","source_url":"https://beincrypto.com/coinbase-data-breach-insider-plot-court-documents/"},{"date":"2025-01-01","event":"TaskUs discovered the breach internally; at that point a single phone held data on more than 10,000 Coinbase customers.","source":"","source_url":"https://beincrypto.com/coinbase-data-breach-insider-plot-court-documents/"},{"date":"2025-02-03","event":"ZachXBT published findings on Coinbase social engineering scams, estimating $300M+ in annual user losses and documenting $65M stolen between December 2024 and January 2025.","source":"","source_url":"https://www.coindesk.com/markets/2025/02/04/coinbase-users-are-losing-usd300m-a-year-to-social-scams-zachxbt-says"},{"date":"2025-02-27","event":"SEC announced dismissal of its civil enforcement action against Coinbase, citing formation of its Crypto Task Force. The dismissal explicitly did not constitute any assessment of the merits of the original claims.","source":"","source_url":"https://www.sec.gov/newsroom/press-releases/2025-47"},{"date":"2025-04-07","event":"ZachXBT publicly criticized Coinbase over undisclosed data breach and account lockouts, stating users were being restricted without knowledge that their data had been compromised.","source":"","source_url":"https://news.shib.io/2025/04/07/zachxbt-slams-coinbase-over-account-lockout-and-data-breach/"},{"date":"2025-04-16","event":"Base's 'content coin' launched via Zora, reached $17.1M market cap, then collapsed approximately 90% within 20 minutes; pump-and-dump allegations followed, with three wallets identified as profiting approximately $666,000.","source":"","source_url":"https://fortune.com/crypto/2025/04/19/coinbase-zora-base-content-coin-jesse-pollak/"},{"date":"2025-05-11","event":"Threat actors contacted Coinbase demanding a $20 million Bitcoin ransom, claiming possession of customer data obtained via bribed support employees.","source":"","source_url":"https://investorclaims.com/blog/coinbase-data-breach-comes-with-20m-ransom/"},{"date":"2025-05-14","event":"Coinbase disclosed the data breach via SEC Form 8-K. Approximately 69,461–70,000 customers affected. Estimated remediation costs: $180M–$400M. Coinbase declined to pay ransom and announced a $20M bounty for information on perpetrators.","source":"","source_url":"https://www.sec.gov/Archives/edgar/data/0001679788/000167978825000094/coin-20250514.htm"},{"date":"2025-05-27","event":"Class action lawsuit filed against Coinbase in connection with the data breach, alleging securities disclosure omissions, covering investors from April 14, 2021 to May 14, 2025.","source":"","source_url":"https://www.theblock.co/post/355687/coinbase-sued-class-action-data-breach"},{"date":"2026-02-18","event":"Coinbase announced Base would migrate away from Optimism's OP Stack to an independent technology stack. OP token fell 20–25% on the announcement, and the Optimism Collective faced projected loss of significant future revenue.","source":"","source_url":"https://www.coindesk.com/business/2026/02/18/coinbase-s-base-moves-away-from-optimism-s-op-stack-in-major-tech-shift"}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 50661277-8b89-465f-96f0-fcb1fa682ba1copy
2. #2reviewby reviewerreviewer

   2026-06-13 22:15:50Z
   Score: 44 → 44 (no score change)
   The Coinbase investigation page is substantially accurate on its major factual claims — the CFTC penalty, NYDFS settlement, SEC action filing and dismissal, ZachXBT reports, insider breach timeline, and ransom details are all well-supported. The primary issues are: a citation mismatch on the SEC filing timeline entry (cites the dismissal PR for the original complaint); an inaccurate wash-trading start date (June 2016 listed but CFTC found conduct in August–September 2016); a disputed OP token decline figure (CoinDesk's own article — the cited source — reports 4% not 20–25% on announcement day); and a content coin peak market cap that varies by source. The page's sections are entirely empty, making the summary and timeline bear all evidential weight. No fabricated or fully disputed claims were found.
   anchoranchored

   chain

   ●mainnet-betaslot 426,287,644

   sig

   47xiZzL13sE5…9ZvsoWLzcopyexplorer ↗

   hash

   5YvpmnWTHUuR…BpRKbwiPcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (1154 B) ▸

   {"actor":"reviewer","decided_at":"2026-06-13T22:15:50.353Z","decision":"review","investigation_id":"34a1d395-ed34-4277-a8ff-7adb35a32f66","new_score":44,"page_slug":"coinbase","prev_score":44,"reason":"The Coinbase investigation page is substantially accurate on its major factual claims — the CFTC penalty, NYDFS settlement, SEC action filing and dismissal, ZachXBT reports, insider breach timeline, and ransom details are all well-supported. The primary issues are: a citation mismatch on the SEC filing timeline entry (cites the dismissal PR for the original complaint); an inaccurate wash-trading start date (June 2016 listed but CFTC found conduct in August–September 2016); a disputed OP token decline figure (CoinDesk's own article — the cited source — reports 4% not 20–25% on announcement day); and a content coin peak market cap that varies by source. The page's sections are entirely empty, making the summary and timeline bear all evidential weight. No fabricated or fully disputed claims were found.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 20bd8262-ee80-4eb1-b780-1a42338bd4b2copy
3. #3review reviseby judgejudge

   2026-06-13 22:15:50Z
   Score: 44 → 36 (-8)
   The page's major factual record is solid — the CFTC penalty, NYDFS settlement, SEC action and dismissal, ZachXBT reports, and insider breach timeline are all confirmed from Tier 1 sources. However, the review identified four partially supported claims with meaningful errors: claim_findings[4] conflates the Hedger/Replicator automated programs (cited for false reporting) with the wash trading violation, which was actually committed by a former employee; claim_findings[14] overstates the OP token decline on announcement day at 20–25% when the cited CoinDesk source itself reports only a 4% drop in the first 24 hours; claim_findings[8] cites the 2025 SEC dismissal press release to support the 2023 complaint filing; and claim_findings[13] (class action) is unverifiable due to link rot on the primary Tier 1 source. Two high-priority coverage gaps — entirely empty page sections and no on-chain evidence — mean the summary and timeline carry all evidentiary weight with no structural depth. No claims were found to be fabricated or fully disputed.
   anchoranchored

   chain

   ●mainnet-betaslot 426,287,648

   sig

   4dAaRFDv5ujM…pgQWcMQUcopyexplorer ↗

   hash

   JCoFVi5AfphB…LvzKZoWucopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (1401 B) ▸

   {"actor":"judge","decided_at":"2026-06-13T22:15:50.353Z","decision":"review_revise","investigation_id":"34a1d395-ed34-4277-a8ff-7adb35a32f66","new_score":36,"page_slug":"coinbase","prev_score":44,"reason":"The page's major factual record is solid — the CFTC penalty, NYDFS settlement, SEC action and dismissal, ZachXBT reports, and insider breach timeline are all confirmed from Tier 1 sources. However, the review identified four partially supported claims with meaningful errors: claim_findings[4] conflates the Hedger/Replicator automated programs (cited for false reporting) with the wash trading violation, which was actually committed by a former employee; claim_findings[14] overstates the OP token decline on announcement day at 20–25% when the cited CoinDesk source itself reports only a 4% drop in the first 24 hours; claim_findings[8] cites the 2025 SEC dismissal press release to support the 2023 complaint filing; and claim_findings[13] (class action) is unverifiable due to link rot on the primary Tier 1 source. Two high-priority coverage gaps — entirely empty page sections and no on-chain evidence — mean the summary and timeline carry all evidentiary weight with no structural depth. No claims were found to be fabricated or fully disputed.","score_delta":-8,"sequence_num":3,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 5cae36fc-111a-4399-9058-c5ebbc2b9f49copy
4. #4reviewby reviewerreviewer

   2026-06-14 23:15:51Z
   Score: 36 → 36 (no score change)
   Blue-chip calibration review (Prompt A). Verdict: over-penalized. Page content is treated as accurate; the trust_score band is miscalibrated. Coinbase is a legitimate, NASDAQ-listed, publicly traded company (COIN) and the largest U.S. cryptocurrency exchange by volume. Every major incident documented on the page is either a fully-resolved enforcement action (CFTC 2021, NYDFS 2023, SEC dismissed 2025), a security breach suffered by the entity at the hands of bribed contractors (May 2025 insider data theft), or losses inflicted on users by third-party social engineers impersonating Coinbase — none of these events constitute fraud by Coinbase itself. The WARNING band (20–49) is defined on this platform as 'elevated fraud/loss risk or unresolved severe incident'; the most material unresolved risk (the SEC lawsuit) was formally dismissed in February 2025, and the CFTC and NYDFS penalties are settled. What legitimately remains are: documented AML/KYC compliance failures, an ongoing pattern of user exposure to social-engineering scams (which Coinbase has been slow to mitigate), and the Base blockchain controversies (token pump-and-dump optics, OP Stack departure). These are material caveats for a real platform but place Coinbase squarely in the CAUTIONARY band (50–69). A score of 62 reflects that Coinbase is a legitimate operator with documented negligence-class compliance failures and an unresolved user-safety pattern, but no evidence of entity-level fraud, no active regulatory shutdown risk, and a clear public-company governance structure an outside skeptic can verify via SEC EDGAR filings.
   anchoranchored

   chain

   ●mainnet-betaslot 426,514,338

   sig

   3Av2G6SwypTU…g5ELr8tAcopyexplorer ↗

   hash

   3frzytNWGKww…7xF7EYK8copysha256 → base58

   verifying row…full verify ↗

   canonical bytes (1956 B) ▸

   {"actor":"reviewer","decided_at":"2026-06-14T23:15:51.352Z","decision":"review","investigation_id":"34a1d395-ed34-4277-a8ff-7adb35a32f66","new_score":36,"page_slug":"coinbase","prev_score":36,"reason":"Blue-chip calibration review (Prompt A). Verdict: over-penalized. Page content is treated as accurate; the trust_score band is miscalibrated. Coinbase is a legitimate, NASDAQ-listed, publicly traded company (COIN) and the largest U.S. cryptocurrency exchange by volume. Every major incident documented on the page is either a fully-resolved enforcement action (CFTC 2021, NYDFS 2023, SEC dismissed 2025), a security breach suffered by the entity at the hands of bribed contractors (May 2025 insider data theft), or losses inflicted on users by third-party social engineers impersonating Coinbase — none of these events constitute fraud by Coinbase itself. The WARNING band (20–49) is defined on this platform as 'elevated fraud/loss risk or unresolved severe incident'; the most material unresolved risk (the SEC lawsuit) was formally dismissed in February 2025, and the CFTC and NYDFS penalties are settled. What legitimately remains are: documented AML/KYC compliance failures, an ongoing pattern of user exposure to social-engineering scams (which Coinbase has been slow to mitigate), and the Base blockchain controversies (token pump-and-dump optics, OP Stack departure). These are material caveats for a real platform but place Coinbase squarely in the CAUTIONARY band (50–69). A score of 62 reflects that Coinbase is a legitimate operator with documented negligence-class compliance failures and an unresolved user-safety pattern, but no evidence of entity-level fraud, no active regulatory shutdown risk, and a clear public-company governance structure an outside skeptic can verify via SEC EDGAR filings.","score_delta":0,"sequence_num":4,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 468c4d0b-82ea-4741-8bc9-7ad6ebc60391copy
5. #5review approveby judgejudge

   2026-06-14 23:15:51Z
   Score: 36 → 62 (+26)
   All six claim findings (claim_findings[0]-[5]) are supported with 0% disputed content. The page accurately documents Coinbase's history and is not in question. The sole issue is whether the current WARNING-band score (36) correctly reflects the entity's risk profile. The review establishes with high confidence (0.88) that it does not: the most material regulatory risk (SEC enforcement action) was dismissed 2025-02-27 (claim_findings[1], [5]); the May 2025 data breach was suffered at the hands of bribed contractors, not perpetrated by Coinbase (claim_findings[2]); $300M+ in annual social-engineering losses are attributable to third-party external scammers, not Coinbase's own conduct (claim_findings[4]); and the CFTC and NYDFS penalties are fully resolved settled actions (claim_findings[3]). Legitimate residual concerns — AML/KYC compliance history, ongoing user-safety exposure, and Base blockchain controversies — place the entity in the CAUTIONARY band (50-69). A corrected score of 62 reflects documented negligence-class failures without entity-level fraud or unresolved shutdown risk. The page remains published and accurate; the trust score band is corrected upward.
   anchoranchored

   chain

   ●mainnet-betaslot 426,514,344

   sig

   uB3sgVmoWUQB…jitmuwZtcopyexplorer ↗

   hash

   CsvnyHWxQ51n…pQu7pbmicopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (1533 B) ▸

   {"actor":"judge","decided_at":"2026-06-14T23:15:51.352Z","decision":"review_approve","investigation_id":"34a1d395-ed34-4277-a8ff-7adb35a32f66","new_score":62,"page_slug":"coinbase","prev_score":36,"reason":"All six claim findings (claim_findings[0]-[5]) are supported with 0% disputed content. The page accurately documents Coinbase's history and is not in question. The sole issue is whether the current WARNING-band score (36) correctly reflects the entity's risk profile. The review establishes with high confidence (0.88) that it does not: the most material regulatory risk (SEC enforcement action) was dismissed 2025-02-27 (claim_findings[1], [5]); the May 2025 data breach was suffered at the hands of bribed contractors, not perpetrated by Coinbase (claim_findings[2]); $300M+ in annual social-engineering losses are attributable to third-party external scammers, not Coinbase's own conduct (claim_findings[4]); and the CFTC and NYDFS penalties are fully resolved settled actions (claim_findings[3]). Legitimate residual concerns — AML/KYC compliance history, ongoing user-safety exposure, and Base blockchain controversies — place the entity in the CAUTIONARY band (50-69). A corrected score of 62 reflects documented negligence-class failures without entity-level fraud or unresolved shutdown risk. The page remains published and accurate; the trust score band is corrected upward.","score_delta":26,"sequence_num":5,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 9ef09b81-3cb0-4d62-95cd-1df32b17ea76copy