Skip to main content
Sign in
Deribit5 decisions on this page

Audit log

Every state-changing event for Deribit: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-20 18:44:21Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 421,042,220
    sig
    5d1Qfsw2Guta…9ovLmS8wexplorer ↗
    hash
    92KVJW96v2xe…8oHjYQTXsha256 → base58
    verifying row…full verify ↗
    canonical bytes (6103 B) ▸
    {"actor":"system:backfill","investigation_id":"98cc472f-144e-4022-b837-a8513cd0f062","kind":"publish","page_slug":"deribit","published_at":"2026-05-20T18:44:21.300Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Deribit","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://blog.mexc.com/wiki/who-is-deribit-founder/"},{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/business/2022/07/01/blockchaincom-deribit-among-creditors-that-pushed-for-3ac-liquidation-report"},{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/business/2025/05/08/coinbase-buys-deribit-for-usd2-9b"},{"credibility":3,"name":"","type":"other","url":"https://www.theblock.co/post/366957/coinbase-completes-2-9-billion-cash-and-stock-acquisition-of-deribit"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/business/2022/11/02/crypto-exchange-deribit-loses-28m-in-hot-wallet-hack"},{"credibility":3,"name":"","type":"other","url":"https://insights.deribit.com/exchange-updates/1-november-incident-report-and-next-steps/"},{"credibility":3,"name":"","type":"other","url":"https://decrypt.co/113334/crypto-exchange-deribit-hacked-28m-bitcoin-ethereum-usdc"},{"credibility":3,"name":"","type":"other","url":"https://www.bloomberg.com/news/articles/2022-11-02/crypto-derivative-exchange-deribit-lost-28-million-in-a-hot-wallet-hack"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/business/2024/04/02/crypto-exchange-deribits-dubai-based-entity-wins-conditional-vasp-license"},{"credibility":3,"name":"","type":"other","url":"https://insights.deribit.com/exchange-updates/deribit-first-derivatives-exchange-to-receive-vara-regulatory-approval/"},{"credibility":3,"name":"","type":"other","url":"https://insights.deribit.com/exchange-updates/deribit-to-launch-1-jan-2025-as-a-fully-licensed-spot-and-derivatives-exchange-in-dubai-uae/"},{"credibility":3,"name":"","type":"other","url":"https://support.deribit.com/hc/en-us/articles/25944499603357-Regulation-And-Governance"},{"credibility":3,"name":"","type":"other","url":"https://www.sec.gov/Archives/edgar/data/0001679788/000167978825000086/coin-20250508.htm"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://support.deribit.com/hc/en-us/articles/25944547383453-Custody-Policy"},{"credibility":3,"name":"","type":"other","url":"https://insights.deribit.com/exchange-updates/1-november-incident-report-and-next-steps/"},{"credibility":3,"name":"","type":"other","url":"https://support.deribit.com/hc/en-us/articles/25944777576477-Insurance-Fund"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/business/2022/11/02/crypto-exchange-deribit-loses-28m-in-hot-wallet-hack"},{"credibility":3,"name":"","type":"other","url":"https://cointelegraph.com/news/source-claims-3ac-s-deribit-exposure-is-worth-much-less-than-reported"},{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/business/2022/07/01/blockchaincom-deribit-among-creditors-that-pushed-for-3ac-liquidation-report"},{"credibility":3,"name":"","type":"other","url":"https://www.theblock.co/post/366957/coinbase-completes-2-9-billion-cash-and-stock-acquisition-of-deribit"},{"credibility":3,"name":"","type":"other","url":"https://www.sec.gov/Archives/edgar/data/0001679788/000167978825000207/q325shareholderletter.htm"}]}],"sources_used":[],"summary":"Deribit is a crypto options and futures exchange founded in 2016 in the Netherlands by John and Marius Jansen, historically operated through a Panama-registered entity and now licensed under Dubai's VARA framework as Deribit FZE. The exchange suffered a $28 million hot wallet compromise on November 1, 2022, covering the loss entirely from its own balance sheet. Coinbase completed the acquisition of Deribit for approximately $2.9 billion on August 14, 2025, making it a subsidiary of a publicly traded, NASDAQ-listed U.S. company.","timeline":[{"date":"2016-06-01","event":"Deribit officially launches, founded by John Jansen, Marius Jansen, and Sebastian Smyczinski, incorporated in the Netherlands.","source":""},{"date":"2020-02-01","event":"Three Arrows Capital acquires an indirect ~16% stake in Deribit via a Singapore SPV.","source":""},{"date":"2022-07-01","event":"Deribit is named among creditors pushing for Three Arrows Capital's liquidation; 3AC owes Deribit approximately $80 million.","source":""},{"date":"2022-11-01","event":"Deribit's hot wallet server is compromised just before midnight UTC; approximately $28 million in BTC, ETH, and USDC is stolen.","source":""},{"date":"2022-11-02","event":"Deribit announces the hack, confirms client assets unaffected, states loss will be covered by balance sheet. Normal on-chain withdrawals resume.","source":""},{"date":"2022-11-05","event":"On-chain analysts observe stolen funds begin moving to Tornado Cash.","source":""},{"date":"2024-04-02","event":"Deribit FZE receives a conditional VASP license from Dubai's VARA — the first derivatives exchange to receive a full market product derivatives license from VARA.","source":""},{"date":"2024-11-29","event":"Deribit announces January 1, 2025 migration of all activities to its Dubai-licensed entity, Deribit FZE.","source":""},{"date":"2025-01-01","event":"Deribit FZE goes live as the primary entity for qualified and institutional investors; retail clients remain under DRB Panama as a broker-member.","source":""},{"date":"2025-05-08","event":"Coinbase announces agreement to acquire Deribit for approximately $2.9 billion ($700 million cash plus 11 million Coinbase Class A shares).","source":""},{"date":"2025-08-14","event":"Coinbase completes acquisition of Deribit, making it a wholly-owned subsidiary of Coinbase Global, Inc.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 1397cb90-e305-4ae7-b5f0-ca153d906c37
  2. #2reviewby reviewerreviewer
    2026-06-10 15:14:16Z
    Score: 5252 (no score change)
    The Deribit investigation page is largely accurate. Key claims about founding history, the $28M hack, balance-sheet recovery, VARA licensing, and the Coinbase acquisition are confirmed by credible primary and secondary sources. Two claims are partially supported: the summary omits Sebastian Smyczinski as a third co-founder, and the timeline overstates the April 2024 VARA approval as a 'full market product derivatives license' when it was explicitly conditional and non-operational. One cited source (CoinTelegraph article about 3AC exposure) returned a 404. A structural gap exists in that all five page sections have empty content and headings in the review input, limiting assessment of the full written page.
    anchoranchored
    chain
    mainnet-betaslot 425,570,736
    sig
    42ZTVS4SmYe5…RQi6ZnTTexplorer ↗
    hash
    3343mTrHeLPH…YDWqracYsha256 → base58
    verifying row…full verify ↗
    canonical bytes (1058 B) ▸
    {"actor":"reviewer","decided_at":"2026-06-10T15:14:16.137Z","decision":"review","investigation_id":"98cc472f-144e-4022-b837-a8513cd0f062","new_score":52,"page_slug":"deribit","prev_score":52,"reason":"The Deribit investigation page is largely accurate. Key claims about founding history, the $28M hack, balance-sheet recovery, VARA licensing, and the Coinbase acquisition are confirmed by credible primary and secondary sources. Two claims are partially supported: the summary omits Sebastian Smyczinski as a third co-founder, and the timeline overstates the April 2024 VARA approval as a 'full market product derivatives license' when it was explicitly conditional and non-operational. One cited source (CoinTelegraph article about 3AC exposure) returned a 404. A structural gap exists in that all five page sections have empty content and headings in the review input, limiting assessment of the full written page.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 27e5fd5c-6691-4608-815f-fb8c1a9678c4
  3. #3review reviseby judgejudge
    2026-06-10 15:14:16Z
    Score: 5247 (-5)
    15 of 18 claims are confirmed and 0 are disputed, placing the page in the approval band at 5.6% disputed. However, two high-priority structural gaps prevent outright approval: all five body sections carry empty content and headings (coverage_gaps[5]), making a full written-content audit impossible; and nearly a year of post-acquisition operational history is unaddressed (coverage_gaps[2]). Additionally, claim_findings[13] (timeline[6]) overstates the April 2024 VARA approval as a 'full market product derivatives license' when both Tier 1 sources confirm it was explicitly a conditional, non-operational license — a factual overstatement that should be corrected before the page is considered complete. The link-rot finding on a non-critical CoinTelegraph citation is a minor hygiene issue. A light penalty of -5 is applied; the page is suitable for revision and re-review rather than denial.
    anchoranchored
    chain
    mainnet-betaslot 425,570,740
    sig
    2DYeYsCVXTKj…DkKQs8bTexplorer ↗
    hash
    HvzoV9cDCsTv…P3d3Q36msha256 → base58
    verifying row…full verify ↗
    canonical bytes (1245 B) ▸
    {"actor":"judge","decided_at":"2026-06-10T15:14:16.137Z","decision":"review_revise","investigation_id":"98cc472f-144e-4022-b837-a8513cd0f062","new_score":47,"page_slug":"deribit","prev_score":52,"reason":"15 of 18 claims are confirmed and 0 are disputed, placing the page in the approval band at 5.6% disputed. However, two high-priority structural gaps prevent outright approval: all five body sections carry empty content and headings (coverage_gaps[5]), making a full written-content audit impossible; and nearly a year of post-acquisition operational history is unaddressed (coverage_gaps[2]). Additionally, claim_findings[13] (timeline[6]) overstates the April 2024 VARA approval as a 'full market product derivatives license' when both Tier 1 sources confirm it was explicitly a conditional, non-operational license — a factual overstatement that should be corrected before the page is considered complete. The link-rot finding on a non-critical CoinTelegraph citation is a minor hygiene issue. A light penalty of -5 is applied; the page is suitable for revision and re-review rather than denial.","score_delta":-5,"sequence_num":3,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision b956b8e0-ad84-4f72-841c-bb9a0a7f4b39
  4. #4reviewby reviewerreviewer
    2026-06-14 23:15:53Z
    Score: 4747 (no score change)
    Blue-chip calibration review (Prompt A). Verdict: over-penalized. Page content is treated as accurate; the trust_score band is miscalibrated. Deribit is a 9-year-old legitimate derivatives exchange that was acquired by Coinbase for $2.9 billion in August 2025 — the largest M&A deal in crypto history. Every incident driving its WARNING-band score was suffered by the entity, not caused by it: the November 2022 $28M hack was attributed to North Korea's Lazarus Group (a state-sponsored actor), Deribit covered all losses from its own reserves within 24 hours, no client funds were at risk, and the US government subsequently filed forfeiture complaints against the Lazarus Group for this very theft. The 3AC connection was as a creditor owed ~$80M, not as a co-conspirator — Deribit forced 3AC's liquidation. The exchange obtained a conditional VARA license in April 2024 (the first derivatives exchange to do so) and completed its Dubai migration on January 1, 2025. A score of 47 in the WARNING band implies 'elevated fraud/loss risk or unresolved severe incidents'; all identified incidents are fully resolved and externally attributed. The correct band under the post-policy semantics is VERIFIED (70-100), with a score around 72 reflecting minor deductions for: residual geographic restrictions (US/UK/Canada users excluded), the single unrecovered hack loss, and the historical Panama incorporation strategy. An outside skeptic can verify the Coinbase acquisition via SEC 8-K filings, the VARA license on VARA's public register, and the Lazarus Group attribution via US DOJ forfeiture filings.
    anchoranchored
    chain
    mainnet-betaslot 426,514,385
    sig
    4EXejvh5nuMh…1A7wnM8uexplorer ↗
    hash
    A5dEreyaX6Ls…HpriSChGsha256 → base58
    verifying row…full verify ↗
    canonical bytes (1943 B) ▸
    {"actor":"reviewer","decided_at":"2026-06-14T23:15:53.519Z","decision":"review","investigation_id":"98cc472f-144e-4022-b837-a8513cd0f062","new_score":47,"page_slug":"deribit","prev_score":47,"reason":"Blue-chip calibration review (Prompt A). Verdict: over-penalized. Page content is treated as accurate; the trust_score band is miscalibrated. Deribit is a 9-year-old legitimate derivatives exchange that was acquired by Coinbase for $2.9 billion in August 2025 — the largest M&A deal in crypto history. Every incident driving its WARNING-band score was suffered by the entity, not caused by it: the November 2022 $28M hack was attributed to North Korea's Lazarus Group (a state-sponsored actor), Deribit covered all losses from its own reserves within 24 hours, no client funds were at risk, and the US government subsequently filed forfeiture complaints against the Lazarus Group for this very theft. The 3AC connection was as a creditor owed ~$80M, not as a co-conspirator — Deribit forced 3AC's liquidation. The exchange obtained a conditional VARA license in April 2024 (the first derivatives exchange to do so) and completed its Dubai migration on January 1, 2025. A score of 47 in the WARNING band implies 'elevated fraud/loss risk or unresolved severe incidents'; all identified incidents are fully resolved and externally attributed. The correct band under the post-policy semantics is VERIFIED (70-100), with a score around 72 reflecting minor deductions for: residual geographic restrictions (US/UK/Canada users excluded), the single unrecovered hack loss, and the historical Panama incorporation strategy. An outside skeptic can verify the Coinbase acquisition via SEC 8-K filings, the VARA license on VARA's public register, and the Lazarus Group attribution via US DOJ forfeiture filings.","score_delta":0,"sequence_num":4,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision eefc3e5c-6dd7-4306-ae8b-12b52343aa98
  5. #5review approveby judgejudge
    2026-06-14 23:15:53Z
    Score: 4772 (+25)
    This is a severity-calibration review, not a fact-dispute review. All six claim_findings (indices 0-5) are supported, and disputed_pct is 0%. The review finds Deribit is a 9-year-old legitimate derivatives exchange acquired by Coinbase for $2.9 billion in August 2025 (claim_findings[0]). Every incident driving the current WARNING-band score of 47 was suffered by the entity: the November 2022 $28M hack was attributed by US government forfeiture filings to North Korea's Lazarus Group, all losses were covered from company reserves within 24 hours (claim_findings[1]); the 3AC exposure was as a creditor owed ~$80M, not a co-conspirator (claim_findings[2]); and Deribit obtained a conditional VARA license in April 2024 and completed its Dubai migration on January 1, 2025 (claim_findings[3]). The page's own content confirms the hack was fully resolved (claim_findings[4]) and the Panama relocation was a documented regulatory response, not a fraud-enabling strategy (claim_findings[5]). A score of 47 in the WARNING band implies unresolved severe incidents or elevated fraud risk — neither condition holds. The page content is accurate and stands as published. The appropriate band is VERIFIED (70-100), and a score of 72 reflects reasonable minor deductions for geographic restrictions, the single unrecovered hack loss, and the historical Panama incorporation. A +25 score_modifier_delta moves the score from 47 to 72.
    anchoranchored
    chain
    mainnet-betaslot 426,514,389
    sig
    49GgnXhZoUu8…RTAoPU4dexplorer ↗
    hash
    H71ZBFVqyviw…ZHrx48FBsha256 → base58
    verifying row…full verify ↗
    canonical bytes (1773 B) ▸
    {"actor":"judge","decided_at":"2026-06-14T23:15:53.519Z","decision":"review_approve","investigation_id":"98cc472f-144e-4022-b837-a8513cd0f062","new_score":72,"page_slug":"deribit","prev_score":47,"reason":"This is a severity-calibration review, not a fact-dispute review. All six claim_findings (indices 0-5) are supported, and disputed_pct is 0%. The review finds Deribit is a 9-year-old legitimate derivatives exchange acquired by Coinbase for $2.9 billion in August 2025 (claim_findings[0]). Every incident driving the current WARNING-band score of 47 was suffered by the entity: the November 2022 $28M hack was attributed by US government forfeiture filings to North Korea's Lazarus Group, all losses were covered from company reserves within 24 hours (claim_findings[1]); the 3AC exposure was as a creditor owed ~$80M, not a co-conspirator (claim_findings[2]); and Deribit obtained a conditional VARA license in April 2024 and completed its Dubai migration on January 1, 2025 (claim_findings[3]). The page's own content confirms the hack was fully resolved (claim_findings[4]) and the Panama relocation was a documented regulatory response, not a fraud-enabling strategy (claim_findings[5]). A score of 47 in the WARNING band implies unresolved severe incidents or elevated fraud risk — neither condition holds. The page content is accurate and stands as published. The appropriate band is VERIFIED (70-100), and a score of 72 reflects reasonable minor deductions for geographic restrictions, the single unrecovered hack loss, and the historical Panama incorporation. A +25 score_modifier_delta moves the score from 47 to 72.","score_delta":25,"sequence_num":5,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision f51ff28f-e61e-4324-991e-6ab1eb00950f
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.