Audit log

Every state-changing event for GMX V1 Perps: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-19 21:18:05Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 420,849,019

   sig

   5HMG9RbYLgw7…MVToyRNBcopyexplorer ↗

   hash

   GibJBP9qmtEV…VtKovHfWcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (6984 B) ▸

   {"actor":"system:backfill","investigation_id":"8429673a-c5b0-46af-a885-ca3107e51347","kind":"publish","page_slug":"gmx-v1-perps","published_at":"2026-05-19T21:18:05.535Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"GMX V1 Perps","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://gmx-docs.io/docs/trading/v1/"},{"credibility":3,"name":"","type":"other","url":"https://medium.com/avalancheavax/gmx-deploys-to-avalanche-bringing-low-slippage-spot-and-perpetual-trading-to-defi-users-97f3c9140136"},{"credibility":3,"name":"","type":"other","url":"https://www.binance.com/en/square/post/4025612808434"},{"credibility":3,"name":"","type":"other","url":"https://cryptodaily.co.uk/2025/07/42m-stolen-in-gmx-v1-exploit-as-exchange-shuts-down-trading"},{"credibility":3,"name":"","type":"other","url":"https://docs.gmx.io/docs/providing-liquidity/v1/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-gmx-hack-july-2025"},{"credibility":3,"name":"","type":"other","url":"https://sherlock.xyz/post/gmx-exchange-hack-explained"},{"credibility":3,"name":"","type":"other","url":"https://slowmist.medium.com/inside-the-gmx-hack-42-million-vanishes-in-an-instant-6e42adbdead0"},{"credibility":3,"name":"","type":"other","url":"https://www.okx.com/en-us/learn/gmx-v1-exploit-defi-security-flaws"},{"credibility":3,"name":"","type":"other","url":"https://quillaudits.medium.com/how-gmx-v1-lost-42-million-to-a-reentrancy-attack-60711387c089"},{"credibility":3,"name":"","type":"other","url":"https://www.theblock.co/post/361806/hacker-drains-42-million-from-decentralized-perpetual-exchange-gmx"},{"credibility":3,"name":"","type":"other","url":"https://www.theblock.co/post/362164/gmx-token-surges-14-after-hacker-begins-returning-funds-from-40-million-exploit"},{"credibility":3,"name":"","type":"other","url":"https://cointelegraph.com/news/decentralized-exchange-gmx-suffers-565k-price-manipulation-exploit"},{"credibility":3,"name":"","type":"other","url":"https://finance.yahoo.com/news/abracadabra-drained-13m-exploit-targeting-161442972.html"},{"credibility":3,"name":"","type":"other","url":"https://cryptopotato.com/gmx-defends-contracts-after-13-million-loss-tied-to-abracadabras-cauldron-exploit/"},{"credibility":3,"name":"","type":"other","url":"https://www.certik.com/resources/blog/gmx-incident-analysis"},{"credibility":3,"name":"","type":"other","url":"https://blocksec.com/blog/gmx-incident-cross-contract-reentrancy-bypasses-a-four-year-old-guard"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://cointelegraph.com/news/decentralized-exchange-gmx-suffers-565k-price-manipulation-exploit"},{"credibility":3,"name":"","type":"other","url":"https://medium.com/@thedailychris/technical-analysis-of-gmx-v1s-avax-usd-price-manipulation-exploit-21fbf762fa26"},{"credibility":3,"name":"","type":"other","url":"https://sherlock.xyz/post/gmx-exchange-hack-explained"},{"credibility":3,"name":"","type":"other","url":"https://gmx-docs.io/docs/trading/v1/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://blog.mexc.com/wiki/who-is-gmx-founder/"},{"credibility":3,"name":"","type":"other","url":"https://x.com/xdev_10"},{"credibility":3,"name":"","type":"other","url":"https://gov.gmx.io/t/make-v2-the-most-audited-project-ever/4663"},{"credibility":3,"name":"","type":"other","url":"https://coinmarketcap.com/currencies/gmx/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-gmx-hack-july-2025"},{"credibility":3,"name":"","type":"other","url":"https://github.com/gmx-io/gmx-contracts/blob/master/audits/ABDK_Audit_Review.txt"},{"credibility":3,"name":"","type":"other","url":"https://www.defisafety.com/app/pqrs/427"},{"credibility":3,"name":"","type":"other","url":"https://blocksec.com/blog/gmx-incident-cross-contract-reentrancy-bypasses-a-four-year-old-guard"},{"credibility":3,"name":"","type":"other","url":"https://getfailsafe.com/gmx-hack-42m-drained-what-we-know-so-far"},{"credibility":3,"name":"","type":"other","url":"https://coin360.com/news/gmx-v1-42m-exploit-fund-return-market-impact"}]}],"sources_used":[],"summary":"GMX V1 was a decentralized perpetual exchange on Arbitrum and Avalanche that operated from September 2021 until July 2025, when a reentrancy exploit drained approximately $42 million from its GLP liquidity pool. The protocol has since disabled all V1 trading and GLP minting; it is no longer an active product, with users directed to GMX V2, which was unaffected by the exploit.","timeline":[{"date":"2021-04-01","event":"ABDK Consulting completes audit of early Gambit/GMX contracts prior to launch.","source":""},{"date":"2021-09-06","event":"GMX V1 launches on Arbitrum, evolving from the Gambit Financial protocol on BNB Chain.","source":""},{"date":"2022-01-01","event":"GMX expands to Avalanche C-Chain, enabling GLP liquidity and perpetual trading on a second network.","source":""},{"date":"2022-09-18","event":"Attacker exploits GMX V1's zero-slippage oracle pricing on the AVAX/USD market, extracting approximately $565,000 from GLP liquidity providers by manipulating external AVAX prices.","source":""},{"date":"2022-10-01","event":"GMX caps AVAX open interest (long: $2M, short: $1M) in response to the price manipulation exploit.","source":""},{"date":"2022-01-01","event":"GMX awards a $1 million bug bounty to Collider research for discovering a critical vulnerability in the short position tracking system.","source":""},{"date":"2023-05-01","event":"GMX V1 TVL peaks at approximately $700 million, representing roughly 15% of total Arbitrum TVL.","source":""},{"date":"2024-01-01","event":"Abracadabra.money loses $13 million in an exploit targeting its lending cauldrons that used GMX V2 GM tokens as collateral. GMX's own contracts are not compromised.","source":""},{"date":"2025-07-09","event":"Reentrancy exploit drains approximately $42 million from GMX V1's GLP pool on Arbitrum via a vulnerability in PositionManager.executeDecreaseOrder(). GMX immediately halts V1 trading and GLP minting/redemption on Arbitrum and Avalanche.","source":""},{"date":"2025-07-09","event":"GMX offers a 10% white-hat bounty (~$4.2 million) with a 48-hour deadline for return of 90% of stolen funds.","source":""},{"date":"2025-07-11","event":"Attacker sends an on-chain message accepting the bounty terms and begins returning funds. GMX token price rises approximately 14% on the news.","source":""},{"date":"2025-07-01","event":"Attacker returns approximately $37 million to the GMX multisig, retaining a $5 million bounty. GMX V1 remains permanently disabled.","source":""}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision fdad7108-4d5a-4313-8fa0-485cc7392ec2copy