Skip to main content
Sign in
Drift Trade2 decisions on this page

Audit log

Every state-changing event for Drift Trade: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1reviewby reviewerreviewer
    2026-05-10 04:40:46Z
    Score: 1010 (no score change)
    The core factual record — two incidents, $14.5M in May 2022 and approximately $285M on April 1, 2026, both on Solana — is substantiated by multiple Tier 1 sources. The primary weaknesses are: (1) the entity name 'Drift Trade' is a sub-brand slug used by DeFiLlama but not the canonical name ('Drift Protocol') used in all authoritative reporting; (2) the sole cited URL (DeFiLlama's hacks filter page) returns HTTP 403 and cannot be verified as a live citation; and (3) material context is absent, including DPRK attribution for the 2026 hack, the ambiguous (non-malicious) nature of the 2022 incident, and post-hack recovery and legal developments.
    anchoranchored
    chain
    mainnet-betaslot 418,756,680
    sig
    4sXES6isbNZ6…FqhNSrgPexplorer ↗
    hash
    CnTSrvaRyN74…c5AjoSC3sha256 → base58
    verifying row…full verify ↗
    canonical bytes (996 B) ▸
    {"actor":"reviewer","decided_at":"2026-05-10T04:40:46.125Z","decision":"review","investigation_id":"6c0e3163-225d-4120-a3c9-f112d15456a4","new_score":10,"page_slug":"drift-trade","prev_score":10,"reason":"The core factual record — two incidents, $14.5M in May 2022 and approximately $285M on April 1, 2026, both on Solana — is substantiated by multiple Tier 1 sources. The primary weaknesses are: (1) the entity name 'Drift Trade' is a sub-brand slug used by DeFiLlama but not the canonical name ('Drift Protocol') used in all authoritative reporting; (2) the sole cited URL (DeFiLlama's hacks filter page) returns HTTP 403 and cannot be verified as a live citation; and (3) material context is absent, including DPRK attribution for the 2026 hack, the ambiguous (non-malicious) nature of the 2022 incident, and post-hack recovery and legal developments.","score_delta":0,"sequence_num":1,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 13bf9430-165a-40fa-b57e-e0686103bd0d
  2. #2review reviseby judgejudge
    2026-05-10 04:40:46Z
    Score: 100 (-12)
    The core factual record — two incidents on Solana, $14.5M in May 2022 and approximately $285M on April 1, 2026 — is substantiated by multiple Tier 1 sources including Chainalysis, TRM Labs, and Elliptic, so the page is not denied. However, three structural issues require revision before the page is in good standing. First, the entity name 'Drift Trade' used throughout the page (including the slug and all headings) is a DeFiLlama sub-brand label, not the canonical name — every authoritative source including the protocol's own incident reports uses 'Drift Protocol' (claim_findings[0], claim_findings[4]). Second, the sole cited source URL returns HTTP 403 across all sections, the timeline, and sources_used, meaning no live citation is currently resolvable on the page (claim_findings[6]). Third, the DPRK/Lazarus Group (UNC4736) attribution for the 2026 incident — confirmed by three Tier 1 blockchain analytics firms — is entirely absent, a high-priority omission that materially understates the risk profile (coverage_gaps[1]).
    anchoranchored
    chain
    mainnet-betaslot 418,756,683
    sig
    5jAwFKhJTHmu…fk16qov5explorer ↗
    hash
    EYo3gMhW8TCg…zJXcgMPvsha256 → base58
    verifying row…full verify ↗
    canonical bytes (1388 B) ▸
    {"actor":"judge","decided_at":"2026-05-10T04:40:46.125Z","decision":"review_revise","investigation_id":"6c0e3163-225d-4120-a3c9-f112d15456a4","new_score":0,"page_slug":"drift-trade","prev_score":10,"reason":"The core factual record — two incidents on Solana, $14.5M in May 2022 and approximately $285M on April 1, 2026 — is substantiated by multiple Tier 1 sources including Chainalysis, TRM Labs, and Elliptic, so the page is not denied. However, three structural issues require revision before the page is in good standing. First, the entity name 'Drift Trade' used throughout the page (including the slug and all headings) is a DeFiLlama sub-brand label, not the canonical name — every authoritative source including the protocol's own incident reports uses 'Drift Protocol' (claim_findings[0], claim_findings[4]). Second, the sole cited source URL returns HTTP 403 across all sections, the timeline, and sources_used, meaning no live citation is currently resolvable on the page (claim_findings[6]). Third, the DPRK/Lazarus Group (UNC4736) attribution for the 2026 incident — confirmed by three Tier 1 blockchain analytics firms — is entirely absent, a high-priority omission that materially understates the risk profile (coverage_gaps[1]).","score_delta":-12,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 90147276-c703-420d-9332-e40b91e4d85f
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.