Skip to main content
Sign in
Fantasm Finance1 decision on this page

Audit log

Every state-changing event for Fantasm Finance: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-28 17:31:45Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,766,180
    sig
    31bEqpGBy74N…AwzEjm4bexplorer ↗
    hash
    71kyEym78a5r…AYMchHowsha256 → base58
    verifying row…full verify ↗
    canonical bytes (7597 B) ▸
    {"actor":"system:backfill","investigation_id":"4028405b-748e-4c4a-b07f-c7441153b858","kind":"publish","page_slug":"fantasm-finance","published_at":"2026-05-28T17:31:45.741Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Fantasm Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2022/03/10/fantom-based-algo-protocol-fantasm-exploited-for-26m","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@fantasmfinance/fantasm-finance-post-mortem-exploit-09-march-2022-daf48ead016f","type":"other","url":""},{"credibility":3,"name":"https://github.com/FantasmFinance/fantasm-contracts","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-fantasm-finance-hack-march-2022","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/5p92144WQ44Ytm1AL4Jt9X-fantasm-finance","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@fantasmfinance/fantasm-finance-post-mortem-exploit-09-march-2022-daf48ead016f","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/fantasmfinancecontractvulnerabilities.php","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/tech/2022/03/10/fantom-based-algo-protocol-fantasm-exploited-for-26m","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://u.today/fantoms-defi-fantasm-finance-fsm-exploited-26-million-lost","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/fantasm-finance-loses-2-6-million-defi-exploit/","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/currencies/fantasm-xftm/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/@fantasmfinance/fantasm-finance-post-mortem-exploit-09-march-2022-daf48ead016f","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/fantasmfinancecontractvulnerabilities.php","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/fantasm","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-fantasm-finance-hack-march-2022","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/tech/2022/03/10/fantom-based-algo-protocol-fantasm-exploited-for-26m","type":"other","url":""},{"credibility":3,"name":"https://github.com/FantasmFinance/fantasm-contracts","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.certik.com/resources/blog/5p92144WQ44Ytm1AL4Jt9X-fantasm-finance","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@fantasmfinance/fantasm-finance-post-mortem-exploit-09-march-2022-daf48ead016f","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/fantasmfinancecontractvulnerabilities.php","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/fantasm","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/currencies/fantasm-xftm/","type":"other","url":""},{"credibility":3,"name":"https://x.com/fantasm_finance","type":"other","url":""}]}],"sources_used":[{"credibility":2,"name":"Fantasm Finance Post Mortem: Exploit 09 March 2022 (Medium/Official)","type":"official","url":"https://medium.com/@fantasmfinance/fantasm-finance-post-mortem-exploit-09-march-2022-daf48ead016f"},{"credibility":1,"name":"Fantom-Based Algo Protocol Fantasm Exploited for $2.6M (CoinDesk)","type":"news_article","url":"https://www.coindesk.com/tech/2022/03/10/fantom-based-algo-protocol-fantasm-exploited-for-26m"},{"credibility":2,"name":"Explained: The Fantasm Finance Hack — March 2022 (Halborn)","type":"research","url":"https://www.halborn.com/blog/post/explained-the-fantasm-finance-hack-march-2022"},{"credibility":2,"name":"CertiK — Fantasm Finance Exploit Analysis","type":"research","url":"https://www.certik.com/resources/blog/5p92144WQ44Ytm1AL4Jt9X-fantasm-finance"},{"credibility":2,"name":"Mar 2022 — Fantasm Finance Contract Vulnerabilities $2.626M (Quadriga Initiative)","type":"research","url":"https://www.quadrigainitiative.com/casestudy/fantasmfinancecontractvulnerabilities.php"},{"credibility":2,"name":"Fantasm Finance Loses $2.6 Million in DeFi Exploit (BeInCrypto)","type":"news_article","url":"https://beincrypto.com/fantasm-finance-loses-2-6-million-defi-exploit/"},{"credibility":2,"name":"Fantom's DeFi Fantasm Finance Exploited; $2.6 Million Lost (U.Today)","type":"news_article","url":"https://u.today/fantoms-defi-fantasm-finance-fsm-exploited-26-million-lost"},{"credibility":2,"name":"Fantasm — DefiLlama Protocol Page (TVL data)","type":"on_chain","url":"https://defillama.com/protocol/fantasm"},{"credibility":2,"name":"FantasmFinance/fantasm-contracts — GitHub","type":"official","url":"https://github.com/FantasmFinance/fantasm-contracts"},{"credibility":2,"name":"XFTM Token — CoinMarketCap","type":"other","url":"https://coinmarketcap.com/currencies/fantasm-xftm/"}],"summary":"Fantasm Finance was a fractional-algorithmic synthetic token protocol on the Fantom Opera blockchain, designed to maintain a synthetic FTM token (XFTM) backed partially by FTM collateral and partially by the protocol's native FSM token. On March 9, 2022, within days of its public launch, the protocol suffered a critical smart contract exploit that drained approximately $2.62 million from its collateral reserve pool. The attacker laundered the stolen funds through Tornado Cash and was never publicly identified; the protocol has since ceased operations with zero TVL remaining.","timeline":[{"date":"2022-03-01","event":"Fantasm Finance launches publicly on Fantom Opera, offering XFTM synthetic token minting backed by FTM and FSM collateral.","source":""},{"date":"2022-03-09","event":"Exploit executed at approximately 01:50 PM UTC. Attacker drains approximately $2.62 million (1,008 ETH) from the protocol collateral reserve by exploiting a mint function input validation flaw, allowing XFTM minting with zero FTM collateral.","source":""},{"date":"2022-03-09","event":"Fantasm team announces the breach publicly, urges all users to redeem XFTM and exit liquidity pools immediately. XFTM token falls 98% within 24 hours.","source":""},{"date":"2022-03-09","event":"Team executes a white-hack of remaining protocol reserves, recovering 935,415 FTM for distribution to affected XFTM holders.","source":""},{"date":"2022-03-10","event":"Fantasm Finance publishes official post-mortem detailing the vulnerability, attack flow, attacker addresses, and compensation plan.","source":""},{"date":"2022-03-11","event":"Distribution of 174,327.763 FTM in accumulated protocol fees to FSM stakers and lockers begins at 9:00 AM UTC.","source":""},{"date":"2022-03-18","event":"White-hacked FTM funds distributed to XFTM holders via snapshot at block height 32970600.","source":""},{"date":"2022-03-25","event":"Protocol announces planned collateral ratio adjustments and relaunch plans with new token and DAO governance.","source":""},{"date":"2022-06-01","event":"Protocol activity ceases. No meaningful relaunch occurs. TVL trends to zero.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 8c31a8b0-14c7-4a59-b6d5-4a3cf8397130
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.