Audit log

Every state-changing event for DEUS DAO: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-31 06:59:15Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 423,324,515

   sig

   4Y9X9qeJkZ82…2S4xwuracopyexplorer ↗

   hash

   CGZh4pS3oLuw…R1cp6qYPcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (18453 B) ▸

   {"actor":"system:backfill","investigation_id":"f69442ca-729b-4289-895a-d1250fc44dcd","kind":"publish","page_slug":"deus-dao","published_at":"2026-05-31T06:59:15.861Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"DEUS DAO","sections":[{"content":"On March 15, 2022, DEUS Finance suffered its first major security exploit when an attacker used a flash loan to manipulate the protocol's price oracle on the Fantom network. The attacker borrowed funds via Tornado Cash, bridged them to Fantom through the Multichain protocol, and manipulated prices within the StableV1 AMM USDC/DEI liquidity pool — the same pool used as an on-chain oracle source for DEUS's lending contracts. By artificially deflating the DEI token's value, the attacker triggered a cascade of liquidations in the protocol's sAMM borrowing contract. Security firm PeckShield estimated the direct theft at approximately $3 million (200,000 DAI and 1,101.8 ETH), though noted total protocol losses could be larger. Stolen funds were routed back through Tornado Cash to obscure their trail. DEUS Finance founder Lafayette Tabor confirmed affected user balances would be reimbursed 1:1 from personal and DAO treasury funds, and announced plans to upgrade to VWAP oracles to prevent recurrence.","heading":"March 2022 Flash Loan Oracle Exploit (~$3 Million)","severity":"critical","sources":[{"credibility":1,"name":"Derivatives Platform Deus Finance Exploited for $3M on Fantom Network — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2022/03/15/derivatives-platform-deus-finance-exploited-for-3m-on-fantom-network"},{"credibility":1,"name":"Deus Finance exploit: Hackers get away with $3M worth of DAI and Ether — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/deus-finance-exploit-hackers-get-away-with-3m-worth-of-dai-and-ether"},{"credibility":2,"name":"As The Dust Settles, Deus Finance Releases Statement, Outlines The Way Forward — Crypto Daily","type":"news_article","url":"https://cryptodaily.co.uk/2022/03/as-the-dust-settles-deus-finance-releases-statement-outlines-the-way-forward"}]},{"content":"On April 28, 2022 — fewer than 45 days after the March exploit — DEUS Finance was attacked a second time using a nearly identical technique on the Fantom network. The attacker withdrew 800 ETH (approximately $2.2 million) from Tornado Cash and bridged the funds to Fantom via Multichain. The attacker then obtained a $143 million USDC flash loan and used it to purchase 9.5 million DEI tokens, artificially inflating DEI's price well above its $1 peg. With the oracle price manipulated, the attacker used just 71,000 DEI as collateral to borrow over 17.2 million DEI from the lending pool, repaid the flash loan, and retained approximately $13.4 million in profit. Security firm PeckShield confirmed the loss amount; CertiK estimated the figure at $15.7 million. The development team stated that no end-user accounts were liquidated, framing the losses as protocol-level. Stolen funds were again routed through Tornado Cash. The DEUS team had committed to upgrading their oracle after the March attack but the same price-oracle attack vector remained exploitable.","heading":"April 2022 Flash Loan Price Manipulation (~$13.4 Million)","severity":"critical","sources":[{"credibility":1,"name":"How Deus Finance Was Exploited for $13.4M on Fantom — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2022/04/28/how-deus-finance-was-exploited-for-134m-on-fantom"},{"credibility":1,"name":"More than $13 million stolen from DeFi platform Deus Finance — The Record (Recorded Future)","type":"news_article","url":"https://therecord.media/more-than-13-million-stolen-from-defi-platform-deus-finance"},{"credibility":1,"name":"Deus Finance flash loan exploit nets hacker $13 million — The Block","type":"news_article","url":"https://www.theblock.co/linked/143969/deus-finance-flash-loan-exploit-nets-hacker-13-million"},{"credibility":2,"name":"Deus Finance DAO Suffers Second Exploit in Less Than 60 Days — BeInCrypto","type":"news_article","url":"https://beincrypto.com/deus-finance-dao-hack-13-million-less-than-60-days/"}]},{"content":"On May 5–6, 2023, DEUS Finance suffered a third major exploit targeting the DEI stablecoin contract across the BNB Smart Chain and Arbitrum networks, with reported losses of approximately $6–7 million. The root cause was a basic implementation error introduced during a recent contract upgrade: the burnFrom function in the DEI token contract had its _allowances parameters (msgSender and account) written in reverse order. This misconfiguration created a public burn vulnerability whereby an attacker could use their own token allowance to approve victim addresses, then call burnFrom with a victim's address to drain that victim's holdings. Losses were distributed as approximately $1.3 million on BSC and over $5 million on Arbitrum. Notably, some participants appear to have been whitehat actors who executed the exploit to recover and safeguard funds; by May 8, 2023, approximately $5.5 million of the total stolen had been returned. The DEUS team paused all contracts and burned DEI tokens to prevent further damage. DEI's price dropped approximately 30% within 24 hours and was trading near $0.20. The team announced a recovery and redemption plan but details of user compensation remained unclear at publication.","heading":"May 2023 DEI Contract Implementation Bug (~$6–7 Million)","severity":"critical","sources":[{"credibility":1,"name":"Deus Finance loses $6M following stablecoin hack — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/deus-finance-loses-6m-following-stablecoin-hack"},{"credibility":2,"name":"Deus Finance suffers third hack — Web3 Is Going Great","type":"news_article","url":"https://www.web3isgoinggreat.com/?id=deus-finance-suffers-third-hack"},{"credibility":2,"name":"Deus Finance Stablecoin Contract Exploited For $6 million — Crypto Daily","type":"news_article","url":"https://cryptodaily.co.uk/2023/05/deus-finance-stablecoin-contract-exploited-for-6-million"},{"credibility":2,"name":"DEUS Finance hacked, over $6M DEI stablecoin stolen — Crypto.news","type":"news_article","url":"https://crypto.news/deus-finance-hacked-over-6m-dei-stablecoin-stolen/"}]},{"content":"DEI was DEUS Finance's hybrid algorithmic stablecoin, partially collateralized and partially algorithmic in design, forked from Frax Finance. Following the April 2022 exploit, reduced liquidity and market confidence contributed to instability. In May 2022, amid the broader collapse of the Terra/UST ecosystem, DEI lost its $1 peg and fell as low as $0.52, a decline of roughly 48% from parity. The DEUS team temporarily halted DEI redemptions to stabilize the coin and announced a plan to make DEI fully collateralized, but the peg was not sustainably restored. The May 2023 contract exploit further damaged the DEI price to approximately $0.20. DEI is broadly considered a failed stablecoin. The stablecoin's collapse erased substantial user value, though precise aggregate user losses across all three exploits and the depeg are not publicly verified in a single authoritative source.","heading":"DEI Stablecoin Depeg and Collapse","severity":"critical","sources":[{"credibility":2,"name":"Algorithmic Stablecoin From DEUS Finance Loses Dollar Peg, Plunging 30% — Decrypt","type":"news_article","url":"https://decrypt.co/100499/algorithmic-stablecoin-from-deus-finance-loses-dollar-peg-plunging-30"},{"credibility":1,"name":"Deus Finance's dollar-pegged stablecoin DEI falls below 60 cents — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/deus-finance-s-dollar-pegged-stablecoin-dei-falls-below-60-cents"},{"credibility":2,"name":"Another algorithmic stablecoin, DEI, loses peg — CryptoSlate","type":"news_article","url":"https://cryptoslate.com/another-algorithmic-stablecoin-dei-loses-peg/"}]},{"content":"A recurring theme across DEUS Finance's exploit history is the reuse of the same attack vector. The March 2022 exploit relied on flash loan manipulation of the USDC/DEI price oracle. After this incident, the DEUS team publicly committed to upgrading to VWAP oracles via their Muon network integration. The April 2022 exploit, occurring fewer than 45 days later, exploited the same oracle manipulation pathway on the same network. The May 2023 exploit was caused by a trivial parameter-ordering bug introduced during a routine contract upgrade — a class of error typically caught by standard pre-deployment audits. No public record of a third-party audit was cited in coverage of any of the three exploits. The pattern of recurring exploits across different vulnerability classes, combined with the absence of publicly referenced audit reports, represents a significant protocol security concern.","heading":"Protocol Security Practices and Repeated Vulnerability","severity":"high","sources":[{"credibility":2,"name":"Deus Finance DAO Suffers Second Exploit in Less Than 60 Days — BeInCrypto","type":"news_article","url":"https://beincrypto.com/deus-finance-dao-hack-13-million-less-than-60-days/"},{"credibility":1,"name":"How Deus Finance Was Exploited for $13.4M on Fantom — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2022/04/28/how-deus-finance-was-exploited-for-134m-on-fantom"}]},{"content":"Following the March 2022 exploit, DEUS Finance announced a 1:1 reimbursement of affected users, funded from personal and DAO treasury reserves accumulated since 2020. The team stated that no reimbursement token would be issued and that user balances in the sAMM borrowing contract would be restored to pre-exploit values. Users could also swap DEI holdings against a MUON token allocation from the team's personal allocation. The April 2022 attack's compensation arrangements were less clearly documented in public sources, with the team stating that protocol-level losses occurred but no user accounts were liquidated. Following the May 2023 exploit, the team announced it would prepare a comprehensive recovery and redemption plan, though specifics had not been published at the time of available sources. Overall, full restitution to users across all three events has not been independently verified.","heading":"Compensation and User Remediation","severity":"high","sources":[{"credibility":2,"name":"As The Dust Settles, Deus Finance Releases Statement, Outlines The Way Forward — Crypto Daily","type":"news_article","url":"https://cryptodaily.co.uk/2022/03/as-the-dust-settles-deus-finance-releases-statement-outlines-the-way-forward"},{"credibility":1,"name":"More than $13 million stolen from DeFi platform Deus Finance — The Record","type":"news_article","url":"https://therecord.media/more-than-13-million-stolen-from-defi-platform-deus-finance"}]},{"content":"As of available data through mid-2025, the DEUS token continues to trade on secondary markets at a small fraction of its all-time high of approximately $1,128. The protocol's total value locked has declined substantially from peak levels. The DEI stablecoin has not recovered its peg and is broadly considered defunct. The protocol maintains a website and GitHub presence, and DEUS tokens remain listed on exchanges, but no evidence of significant new protocol activity or user growth following the 2022–2023 incidents has been identified in available sources. No regulatory or law enforcement actions against DEUS DAO, DEUS Finance, or any named team members have been publicly identified.","heading":"Current Protocol Status","severity":"medium","sources":[{"credibility":2,"name":"DEUS Finance Price: DEUS/USD Live Price Chart — CoinGecko","type":"other","url":"https://www.coingecko.com/en/coins/deus-finance"},{"credibility":2,"name":"DEUS Finance TVL Stats & Charts — DefiLlama","type":"on_chain","url":"https://defillama.com/protocol/deus-finance"}]}],"sources_used":[{"name":"Derivatives Platform Deus Finance Exploited for $3M on Fantom Network — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2022/03/15/derivatives-platform-deus-finance-exploited-for-3m-on-fantom-network"},{"name":"How Deus Finance Was Exploited for $13.4M on Fantom — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2022/04/28/how-deus-finance-was-exploited-for-134m-on-fantom"},{"name":"More than $13 million stolen from DeFi platform Deus Finance — The Record","type":"news_article","url":"https://therecord.media/more-than-13-million-stolen-from-defi-platform-deus-finance"},{"name":"Deus Finance flash loan exploit nets hacker $13 million — The Block","type":"news_article","url":"https://www.theblock.co/linked/143969/deus-finance-flash-loan-exploit-nets-hacker-13-million"},{"name":"Deus Finance DAO Suffers Second Exploit in Less Than 60 Days — BeInCrypto","type":"news_article","url":"https://beincrypto.com/deus-finance-dao-hack-13-million-less-than-60-days/"},{"name":"Deus Finance exploit: Hackers get away with $3M worth of DAI and Ether — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/deus-finance-exploit-hackers-get-away-with-3m-worth-of-dai-and-ether"},{"name":"As The Dust Settles, Deus Finance Releases Statement, Outlines The Way Forward — Crypto Daily","type":"news_article","url":"https://cryptodaily.co.uk/2022/03/as-the-dust-settles-deus-finance-releases-statement-outlines-the-way-forward"},{"name":"Deus Finance loses $6M following stablecoin hack — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/deus-finance-loses-6m-following-stablecoin-hack"},{"name":"Deus Finance Stablecoin Contract Exploited For $6 million — Crypto Daily","type":"news_article","url":"https://cryptodaily.co.uk/2023/05/deus-finance-stablecoin-contract-exploited-for-6-million"},{"name":"Deus Finance suffers third hack — Web3 Is Going Great","type":"news_article","url":"https://www.web3isgoinggreat.com/?id=deus-finance-suffers-third-hack"},{"name":"DEUS Finance hacked, over $6M DEI stablecoin stolen — Crypto.news","type":"news_article","url":"https://crypto.news/deus-finance-hacked-over-6m-dei-stablecoin-stolen/"},{"name":"Deus Finance's dollar-pegged stablecoin DEI falls below 60 cents — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/deus-finance-s-dollar-pegged-stablecoin-dei-falls-below-60-cents"},{"name":"Algorithmic Stablecoin From DEUS Finance Loses Dollar Peg, Plunging 30% — Decrypt","type":"news_article","url":"https://decrypt.co/100499/algorithmic-stablecoin-from-deus-finance-loses-dollar-peg-plunging-30"},{"name":"Another algorithmic stablecoin, DEI, loses peg — CryptoSlate","type":"news_article","url":"https://cryptoslate.com/another-algorithmic-stablecoin-dei-loses-peg/"},{"name":"Lafayette Tabor — Founder and Project Lead @ DEUS Finance — Crunchbase","type":"other","url":"https://www.crunchbase.com/person/lafayette-tabor"},{"name":"DEUS Finance TVL Stats & Charts — DefiLlama","type":"on_chain","url":"https://defillama.com/protocol/deus-finance"},{"name":"DEUS Finance Price: DEUS/USD Live Price Chart — CoinGecko","type":"other","url":"https://www.coingecko.com/en/coins/deus-finance"}],"summary":"DEUS DAO (also known as DEUS Finance) is a Fantom-based decentralized derivatives and lending protocol that suffered three major security exploits between March 2022 and May 2023, resulting in cumulative losses of approximately $22–23 million. The protocol's algorithmic stablecoin DEI permanently lost its dollar peg in 2022 and was never restored to stability. No regulatory or law enforcement actions against the protocol have been publicly identified.","timeline":[{"date":"2022-03-15","event":"First exploit: attacker uses flash loan to manipulate the USDC/DEI price oracle on Fantom, stealing approximately $3 million in DAI and ETH. Stolen funds routed through Tornado Cash.","source":"CoinDesk","source_url":"https://www.coindesk.com/tech/2022/03/15/derivatives-platform-deus-finance-exploited-for-3m-on-fantom-network"},{"date":"2022-03-15","event":"DEUS Finance closes affected lending contracts and announces 1:1 user reimbursement plan funded by DAO treasury. Team commits to upgrading to VWAP oracles.","source":"Crypto Daily","source_url":"https://cryptodaily.co.uk/2022/03/as-the-dust-settles-deus-finance-releases-statement-outlines-the-way-forward"},{"date":"2022-04-28","event":"Second exploit: attacker takes $143 million USDC flash loan, purchases 9.5 million DEI to manipulate oracle price on Fantom, drains ~$13.4 million from lending pool. Same oracle-manipulation vector as March attack.","source":"CoinDesk","source_url":"https://www.coindesk.com/tech/2022/04/28/how-deus-finance-was-exploited-for-134m-on-fantom"},{"date":"2022-04-28","event":"DEUS team states no user accounts were liquidated, frames losses as protocol-level. Stolen funds routed through Tornado Cash.","source":"The Record (Recorded Future)","source_url":"https://therecord.media/more-than-13-million-stolen-from-defi-platform-deus-finance"},{"date":"2022-05-01","event":"DEI stablecoin begins sustained depeg. Reduced liquidity following the April exploit, combined with fallout from the Terra/UST collapse, causes DEI to fall to $0.52 — a loss of approximately 48% from its $1 peg.","source":"CoinTelegraph","source_url":"https://cointelegraph.com/news/deus-finance-s-dollar-pegged-stablecoin-dei-falls-below-60-cents"},{"date":"2022-05-12","event":"DEUS Finance halts DEI redemptions to attempt stabilization amid Terra ecosystem collapse contagion. Team announces plan to make DEI fully collateralized.","source":"Decrypt","source_url":"https://decrypt.co/100499/algorithmic-stablecoin-from-deus-finance-loses-dollar-peg-plunging-30"},{"date":"2023-05-05","event":"Third exploit: a parameter-ordering bug in the DEI token contract's burnFrom function is exploited across BNB Smart Chain and Arbitrum. Approximately $6–7 million stolen. Some funds recovered by alleged whitehat actors.","source":"Web3 Is Going Great","source_url":"https://www.web3isgoinggreat.com/?id=deus-finance-suffers-third-hack"},{"date":"2023-05-08","event":"Approximately $5.5 million of the May 2023 exploit's $7 million in stolen funds recovered and returned by alleged whitehat participants. DEUS team pauses all contracts and burns DEI tokens.","source":"Web3 Is Going Great","source_url":"https://www.web3isgoinggreat.com/?id=deus-finance-suffers-third-hack"}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 41a383ed-f8e4-438c-9f18-fa213946b160copy