Skip to main content
Sign in
Cozy V21 decision on this page

Audit log

Every state-changing event for Cozy V2: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-29 17:23:35Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,983,056
    sig
    31xUDY9FuRuY…ky2gVoMRexplorer ↗
    hash
    BNmAMBMsxYZx…D91AYoL4sha256 → base58
    verifying row…full verify ↗
    canonical bytes (4564 B) ▸
    {"actor":"system:backfill","investigation_id":"97186db0-8236-479e-9311-19e65b30abae","kind":"publish","page_slug":"cozy-v2","published_at":"2026-05-29T17:23:35.877Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Cozy V2","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://mirror.xyz/cozy.eth/w24TU4ksefu7-jF1AGBrIbfeNKuZAH9v41aJw_VAr4g","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/cozy-v2","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/business/2020/09/03/defi-risk-management-startup-cozy-finance-debuts-with-2m-funding-round","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@cozyfinance/introducing-cozy-protection-markets-fc8f75636085","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.verichains.io/p/cozy-protocol-incident","type":"other","url":""},{"credibility":3,"name":"https://x.com/DecurityHQ/status/1961810726164533602","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/cozy-v2","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://x.com/DecurityHQ/status/1961810726164533602","type":"other","url":""},{"credibility":3,"name":"https://blog.verichains.io/p/cozy-protocol-incident","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.verichains.io/p/cozy-protocol-incident","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/cozy-v2","type":"other","url":""},{"credibility":3,"name":"https://github.com/Cozy-Finance","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/business/2020/09/03/defi-risk-management-startup-cozy-finance-debuts-with-2m-funding-round","type":"other","url":""},{"credibility":3,"name":"https://www.crunchbase.com/organization/cozy-finance","type":"other","url":""},{"credibility":3,"name":"https://www.crunchbase.com/person/payom-dousti","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.verichains.io/p/cozy-protocol-incident","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/cozy-v2","type":"other","url":""},{"credibility":3,"name":"https://v2.cozy.finance/","type":"other","url":""}]}],"sources_used":[],"summary":"Cozy V2 is a DeFi protection marketplace deployed on Optimism that allows users to buy or provide protection against smart contract hacks, depegs, and other on-chain risks. On August 29, 2025, the protocol suffered a $427,000 exploit caused by a missing caller verification check in its withdrawal logic, with funds subsequently bridged to Ethereum mainnet and deposited into Tornado Cash. The incident is notable for its irony: a protocol designed to insure against DeFi hacks was itself hacked through a preventable authorization flaw.","timeline":[{"date":"2020-09-03","event":"Cozy Finance announces $2M seed round led by Electric Capital; founders Tony Sheng and Payom Dousti publicly named.","source":""},{"date":"2021-09-01","event":"Cozy Finance V1 launches on Ethereum mainnet as an open-source protection market protocol.","source":""},{"date":"2023-03-13","event":"Euler Finance hacked for approximately $200M. Cozy V2 early-access Euler Finance market triggers and pays out to Protection Buyers, validating core trigger logic.","source":""},{"date":"2023-01-01","event":"Cozy V2 launches on Optimism (OP Mainnet) with redesigned permissionless protection marketplace architecture; V1 subsequently sunset.","source":""},{"date":"2025-08-28","event":"Victim initiates redemption of approximately $376,661 (redemption ID 6) on Cozy V2 on Optimism.","source":""},{"date":"2025-08-29","event":"Attacker exploits missing caller verification in `completeWithdraw` function, redirecting victim's redemption proceeds to attacker's address. Total loss reaches approximately $427,000.","source":""},{"date":"2025-08-30","event":"Decurity publicly reports the exploit on X, noting attacker bridged funds from Optimism to Ethereum mainnet and deposited into Tornado Cash.","source":""},{"date":"2025-08-30","event":"Verichains publishes detailed technical post-mortem of the Cozy Protocol incident, classifying the root cause as insufficient sender verification.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 4c544921-2823-47bd-ac5e-10990ecd2ca9
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.