Skip to main content
Sign in
Dexible V21 decision on this page

Audit log

Every state-changing event for Dexible V2: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-28 16:12:52Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,754,265
    sig
    3foX9rG2wwn8…ZeGPkiaBexplorer ↗
    hash
    tKMAYqUkjnTp…3986EcuHsha256 → base58
    verifying row…full verify ↗
    canonical bytes (7724 B) ▸
    {"actor":"system:backfill","investigation_id":"3eecc0d3-f580-4e80-90f1-a1e419716f25","kind":"publish","page_slug":"dexible-v2","published_at":"2026-05-28T16:12:52.885Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Dexible V2","sections":[{"content":"","heading":"","severity":"critical","sources":[{"credibility":2,"name":"Dexible - REKT","type":"news_article","url":"https://rekt.news/dexible-rekt"},{"credibility":1,"name":"BlockTower Capital Loses $1.5M in DeFi Market Aggregator Dexible Exploit — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2023/02/17/blocktower-capital-loses-15m-in-defi-market-aggregator-dexible-exploit-blockchain-data"},{"credibility":2,"name":"Dexible Hack Analysis — BlockApex","type":"research","url":"https://blockapex.io/dexible-hack-analysis/"},{"credibility":1,"name":"Dexible aggregator hacked for $2M via 'selfSwap' function — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/dexibleapp-aggregator-hacked-for-2m-via-selfswap-function"}]},{"content":"","heading":"","severity":"high","sources":[{"credibility":2,"name":"Dexible - REKT","type":"news_article","url":"https://rekt.news/dexible-rekt"},{"credibility":2,"name":"Dexible Hack Analysis — Never Blindly Trust Smart Contracts — SolidityScan","type":"research","url":"https://blog.solidityscan.com/dexible-hack-analysis-never-blindly-trust-smart-contracts-c2aee7943c1a"}]},{"content":"","heading":"","severity":"critical","sources":[{"credibility":2,"name":"Dexible - REKT","type":"news_article","url":"https://rekt.news/dexible-rekt"},{"credibility":2,"name":"Feb 2023 - Dexible DEX Aggregator SelfSwap Exploit — Quadriga Initiative","type":"research","url":"https://quadrigainitiative.com/casestudy/dexibledexaggregatorselfswapexploit.php"},{"credibility":1,"name":"U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash","type":"regulatory","url":"https://home.treasury.gov/news/press-releases/jy0916"}]},{"content":"","heading":"","severity":"high","sources":[{"credibility":2,"name":"Dexible - REKT","type":"news_article","url":"https://rekt.news/dexible-rekt"},{"credibility":1,"name":"Dexible aggregator hacked for $2M via 'selfSwap' function — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/dexibleapp-aggregator-hacked-for-2m-via-selfswap-function"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":2,"name":"2023 Dexible Hack: Check If You're Affected — Revoke.cash","type":"research","url":"https://revoke.cash/exploits/dexible"},{"credibility":2,"name":"Dexible — Crunchbase Company Profile","type":"other","url":"https://www.crunchbase.com/organization/dexible"}]},{"content":"","heading":"","severity":"critical","sources":[{"credibility":2,"name":"Dexible Hack Analysis — BlockApex","type":"research","url":"https://blockapex.io/dexible-hack-analysis/"},{"credibility":2,"name":"Dexible Hack Analysis — Never Blindly Trust Smart Contracts — SolidityScan","type":"research","url":"https://blog.solidityscan.com/dexible-hack-analysis-never-blindly-trust-smart-contracts-c2aee7943c1a"},{"credibility":2,"name":"Dexible V2 Hack (2023) — $2.0M Lost — Smart Contract Hacking","type":"research","url":"https://smartcontractshacking.com/hacks/dexible-v2-hack-2023"}]}],"sources_used":[{"credibility":2,"name":"Dexible - REKT","type":"news_article","url":"https://rekt.news/dexible-rekt"},{"credibility":1,"name":"BlockTower Capital Loses $1.5M in DeFi Market Aggregator Dexible Exploit — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2023/02/17/blocktower-capital-loses-15m-in-defi-market-aggregator-dexible-exploit-blockchain-data"},{"credibility":1,"name":"Dexible aggregator hacked for $2M via 'selfSwap' function — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/dexibleapp-aggregator-hacked-for-2m-via-selfswap-function"},{"credibility":2,"name":"Dexible Hack Analysis — BlockApex","type":"research","url":"https://blockapex.io/dexible-hack-analysis/"},{"credibility":2,"name":"Dexible Hack Analysis — Never Blindly Trust Smart Contracts — SolidityScan","type":"research","url":"https://blog.solidityscan.com/dexible-hack-analysis-never-blindly-trust-smart-contracts-c2aee7943c1a"},{"credibility":2,"name":"2023 Dexible Hack: Check If You're Affected — Revoke.cash","type":"research","url":"https://revoke.cash/exploits/dexible"},{"credibility":2,"name":"Feb 2023 - Dexible DEX Aggregator SelfSwap Exploit — Quadriga Initiative","type":"research","url":"https://quadrigainitiative.com/casestudy/dexibledexaggregatorselfswapexploit.php"},{"credibility":2,"name":"Dexible V2 Hack (2023) — $2.0M Lost — Smart Contract Hacking","type":"research","url":"https://smartcontractshacking.com/hacks/dexible-v2-hack-2023"},{"credibility":2,"name":"Dexible — Crunchbase Company Profile","type":"other","url":"https://www.crunchbase.com/organization/dexible"},{"credibility":1,"name":"U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash","type":"regulatory","url":"https://home.treasury.gov/news/press-releases/jy0916"}],"summary":"Dexible V2 is a multichain DEX aggregator that suffered a critical smart contract exploit on February 17, 2023, resulting in approximately $2 million in user funds stolen across Ethereum and Arbitrum. The attack exploited an unvalidated router address in the selfSwap function of the v2 contracts, which had never undergone a formal third-party security audit. Stolen funds were laundered through Tornado Cash and have not been recovered; the protocol has since ceased operations.","timeline":[{"date":"2023-02-17","event":"Attacker (0x684083f312ac50f538cc4b634d85a2feafaab77a) exploits selfSwap vulnerability in Dexible V2 contracts, stealing approximately $2 million across Ethereum and Arbitrum from 17 user accounts.","source":"CoinDesk","source_url":"https://www.coindesk.com/tech/2023/02/17/blocktower-capital-loses-15m-in-defi-market-aggregator-dexible-exploit-blockchain-data"},{"date":"2023-02-17","event":"PeckShield raises public alarm about the exploit on Twitter, approximately five hours before Dexible's official response.","source":"REKT News","source_url":"https://rekt.news/dexible-rekt"},{"date":"2023-02-17","event":"Dexible issues official announcement more than nine hours after the exploit began; CEO Michael Coon states contracts have been paused.","source":"CoinTelegraph","source_url":"https://cointelegraph.com/news/dexibleapp-aggregator-hacked-for-2m-via-selfswap-function"},{"date":"2023-02-17","event":"Attacker converts stolen TRU tokens to ETH via SushiSwap and routes approximately $1.5 million through Tornado Cash on Ethereum; $450,000 from Arbitrum is bridged to BSC and also laundered via Tornado Cash.","source":"Quadriga Initiative","source_url":"https://quadrigainitiative.com/casestudy/dexibledexaggregatorselfswapexploit.php"},{"date":"2023-02-20","event":"Dexible team releases post-mortem report acknowledging no formal audit was performed on the v2 contracts and that internal review failed to identify the vulnerability.","source":"REKT News","source_url":"https://rekt.news/dexible-rekt"},{"date":"2023-02-20","event":"Security researchers publish technical analyses of the selfSwap arbitrary external call vulnerability, identifying the lack of router address validation as the root cause.","source":"BlockApex","source_url":"https://blockapex.io/dexible-hack-analysis/"},{"date":"2023-12-31","event":"Dexible listed as permanently closed on Crunchbase; no victim compensation program was ever established and stolen funds were not recovered.","source":"Crunchbase","source_url":"https://www.crunchbase.com/organization/dexible"}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 8f79dcd6-3d78-4da9-b701-3dd02aaf2dae
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.