Skip to main content
Sign in
Cypher Protocol1 decision on this page

Audit log

Every state-changing event for Cypher Protocol: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-28 15:02:32Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,743,569
    sig
    3jdJUTiE5sF3…jTamqc47explorer ↗
    hash
    BGNwefam51VJ…vyTwzQuRsha256 → base58
    verifying row…full verify ↗
    canonical bytes (6248 B) ▸
    {"actor":"system:backfill","investigation_id":"9cbcb3e6-020e-41d7-9222-e8dcd77d99cf","kind":"publish","page_slug":"cypher","published_at":"2026-05-28T15:02:32.014Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Cypher Protocol","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/business/2023/08/07/solana-based-cypher-protocol-experiences-exploit-freezes-smart-contract","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-cypher-protocol-hack-august-2023","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/cypher-protocol-solana-hack-exploited-smart-contract","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/solana-dex-cypher-protocol-loses-exploit/","type":"other","url":""},{"credibility":3,"name":"https://unchainedcrypto.com/solana-based-cypher-protocol-loses-1-million-in-exploit/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/business/2024/05/14/insider-at-solanas-cypher-protocol-admits-to-stealing-300k","type":"other","url":""},{"credibility":3,"name":"https://decrypt.co/230757/solana-developer-confession-theft-cypher-protocol","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/294459/cypher-protocol-contributor-admits-to-taking-and-gambling-funds-recovered-from-exploit","type":"other","url":""},{"credibility":3,"name":"https://bitcoinist.com/gambled-away-solanas-cypher-protocol-dev-confesses-stealing-300000/","type":"other","url":""},{"credibility":3,"name":"https://cryptonews.com/news/cypher-protocol-developer-confesses-to-stealing-300000-in-user-funds-and-gambling-away/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://decrypt.co/230757/solana-developer-confession-theft-cypher-protocol","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/business/2024/05/14/insider-at-solanas-cypher-protocol-admits-to-stealing-300k","type":"other","url":""},{"credibility":3,"name":"https://bitcoinist.com/gambled-away-solanas-cypher-protocol-dev-confesses-stealing-300000/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/business/2023/08/23/hacked-crypto-exchange-cypher-plans-to-hold-public-token-sale","type":"other","url":""},{"credibility":3,"name":"https://www.banklesstimes.com/news/2023/08/24/solanas-cypher-refunds-under-a-third-of-user-funds-after-debilitating-hack/","type":"other","url":""},{"credibility":3,"name":"https://bitcoinist.com/cypher-protocol-freezes-600000-stolen-funds-on-cexs/","type":"other","url":""},{"credibility":3,"name":"https://cryptopotato.com/cypher-protocol-will-pass-exploit-losses-off-to-its-community/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/business/2023/08/07/solana-based-cypher-protocol-experiences-exploit-freezes-smart-contract","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-cypher-protocol-hack-august-2023","type":"other","url":""},{"credibility":3,"name":"https://solanafloor.com/news/cypher-protocol-exploit-a-blow-to-solanas-emerging-defi-scene","type":"other","url":""},{"credibility":3,"name":"https://dailycoin.com/inside-solana-cypher-protocol-exploit-how-did-it-happen/","type":"other","url":""}]}],"sources_used":[],"summary":"Cypher Protocol was a Solana-based cross-margin decentralized exchange (DEX) and perpetuals trading platform that suffered a critical smart contract exploit in August 2023 resulting in approximately $1 million in losses. Following the exploit, an insider contributor known as 'Hoak' systematically drained over $314,000 from the community redemption fund established to reimburse hack victims, admitting publicly to gambling the funds away. The protocol appears effectively defunct, having failed to deliver meaningful restitution to users who received roughly 31 cents on the dollar from the original exploit fund before that fund itself was embezzled.","timeline":[{"date":"2023-08-07","event":"Cypher Protocol smart contract exploited; approximately $1,035,203 in SOL and USDC stolen via margin-check and isolated sub-account vulnerabilities.","source":""},{"date":"2023-08-07","event":"Cypher Protocol freezes smart contract and publicly announces the exploit, contacts the hacker, and initiates investigation with Chainalysis, TRM Labs, and ZachXBT.","source":""},{"date":"2023-08-07","event":"Attacker transfers 30,000 USDC to Binance Solana address 'kiing.sol' in apparent attempt to cash out stolen funds.","source":""},{"date":"2023-08-10","event":"Cypher Protocol announces approximately $600,000 of stolen funds have been frozen across centralized exchanges.","source":""},{"date":"2023-08-16","event":"Cypher Protocol announces 'socialized losses policy' redemption plan; affected users to receive approximately 31 cents on the dollar based on snapshot balances.","source":""},{"date":"2023-08-23","event":"Cypher Protocol announces plans for a public token sale as an additional user restitution mechanism; 50 million tokens airdropped to affected depositors.","source":""},{"date":"2023-12-01","event":"Core contributor 'Hoak' allegedly begins systematic withdrawals from the Cypher redemption contract, per his later public admission.","source":""},{"date":"2024-05-14","event":"Hoak publicly confesses on Twitter/X to stealing $314,674 from the Cypher redemption contract over 36 transactions and gambling the funds away, citing a 'crippling gambling addiction.'","source":""},{"date":"2024-05-14","event":"Cypher founder Barrett confirms the theft, states he has submitted Hoak's identity and evidence to law enforcement, and is following their lead on next steps.","source":""},{"date":"2024-05-14","event":"ZachXBT publicly confirms he has Hoak's personal identifying information from the 2023 exploit investigation and will share with law enforcement as needed.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision cc1e8818-745e-4996-ad21-1c149c0c9f14
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.