Audit log

Every state-changing event for Harmony Bridge: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-20 18:58:58Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 421,044,385

   sig

   3paRYJJ8KXvT…Nm8SUf9wcopyexplorer ↗

   hash

   GBd8GQLVZxVS…7pVomBsMcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (7138 B) ▸

   {"actor":"system:backfill","investigation_id":"79936410-60d3-4110-99c0-307d46ae1983","kind":"publish","page_slug":"harmony-bridge","published_at":"2026-05-20T18:58:58.078Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Harmony Bridge","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://open.harmony.one/horizon-a-gas-efficient-trustless-bridge-for-cross-chain-transactions"},{"credibility":3,"name":"","type":"other","url":"https://blockworks.com/news/defi-cross-chain-horizon-bridge-hacked-for-100m"},{"credibility":3,"name":"","type":"other","url":"https://www.benzinga.com/pressreleases/22/10/n29443202/resuming-harmony-cross-chain-bridge-with-layerzero"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.fbi.gov/news/press-releases/fbi-confirms-lazarus-group-cyber-actors-responsible-for-harmonys-horizon-bridge-currency-theft"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-harmony-horizon-bridge-hack"},{"credibility":3,"name":"","type":"other","url":"https://www.merklescience.com/blog/hack-track-analysis-of-harmonys-horizon-bridge-exploit"},{"credibility":3,"name":"","type":"other","url":"https://techcrunch.com/2022/06/24/harmony-blockchain-crypto-hack/"},{"credibility":3,"name":"","type":"other","url":"https://techcrunch.com/2023/01/24/north-korea-fbi-harmony-horizon-crypto/"},{"credibility":3,"name":"","type":"other","url":"https://www.elliptic.co/blog/analysis/over-1-billion-stolen-from-bridges-so-far-in-2022-as-harmony-s-horizon-bridge-becomes-latest-victim-in-100-million-hack"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.elliptic.co/blog/analysis/fbi-confirms-north-korea-s-lazarus-group-as-hackers-behind-100-million-harmony-horizon-bridge-theft"},{"credibility":3,"name":"","type":"other","url":"https://www.merklescience.com/blog/hack-track-analysis-of-harmonys-horizon-bridge-exploit"},{"credibility":3,"name":"","type":"other","url":"https://home.treasury.gov/news/press-releases/jy0916"},{"credibility":3,"name":"","type":"other","url":"https://www.bleepingcomputer.com/news/security/fbi-north-korean-hackers-stole-100-million-in-harmony-crypto-hack/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/tech/2022/07/27/harmony-proposes-issuing-one-tokens-to-reimburse-victims-of-100m-hack"},{"credibility":3,"name":"","type":"other","url":"https://cointelegraph.com/news/backlash-as-harmony-proposes-minting-4-97b-tokens-to-reimburse-victims"},{"credibility":3,"name":"","type":"other","url":"https://decrypt.co/110379/harmony-publishes-revamped-horizon-bridge-recovery-plan"},{"credibility":3,"name":"","type":"other","url":"https://recoveryonefoundation.medium.com/harmony-recovery-round-10-b6a0bbaa9cd8"},{"credibility":3,"name":"","type":"other","url":"https://www.benzinga.com/pressreleases/22/10/n29443202/resuming-harmony-cross-chain-bridge-with-layerzero"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://bridge.harmony.one/faq"},{"credibility":3,"name":"","type":"other","url":"https://www.theblock.co/post/172364/harmony-announces-update-on-horizon-bridge-attack-recovery-plan"},{"credibility":3,"name":"","type":"other","url":"https://home.treasury.gov/news/press-releases/jy0916"},{"credibility":3,"name":"","type":"other","url":"https://www.fbi.gov/news/press-releases/fbi-confirms-lazarus-group-cyber-actors-responsible-for-harmonys-horizon-bridge-currency-theft"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-harmony-horizon-bridge-hack"},{"credibility":3,"name":"","type":"other","url":"https://www.elliptic.co/resources/harmony-horizon-bridge-hack"},{"credibility":3,"name":"","type":"other","url":"https://techcrunch.com/2023/01/24/north-korea-fbi-harmony-horizon-crypto/"},{"credibility":3,"name":"","type":"other","url":"https://securityaffairs.com/141266/apt/harmony-horizon-bridge-lazarus-apt.html"}]}],"sources_used":[],"summary":"Harmony's Horizon Bridge is a cross-chain bridge connecting the Harmony (ONE) blockchain to Ethereum and Binance Smart Chain, launched in October 2020. In June 2022, it was exploited for approximately $100 million by the Lazarus Group, a North Korea-affiliated state-sponsored hacking collective, through compromise of a 2-of-5 multisig scheme controlling bridge funds. The FBI formally confirmed Lazarus Group attribution in January 2023; as of 2025, full victim restitution has not been achieved.","timeline":[{"date":"2020-10-01","event":"Harmony Horizon Bridge launched, enabling cross-chain transfers between Harmony, Ethereum, and Binance Smart Chain","source":""},{"date":"2022-06-23","event":"Harmony Protocol team notified of a malicious attack on the Horizon Ethereum Bridge","source":""},{"date":"2022-06-24","event":"Approximately $99.6 million stolen from the Horizon Bridge across 11-14 transactions via compromised 2-of-5 multisig keys; attacker address 0x0d043128146654c7683fbf30ac98d7b2285ded00 identified","source":""},{"date":"2022-06-24","event":"Harmony offered a $1 million bounty for return of stolen funds; no response received","source":""},{"date":"2022-06-27","event":"Attackers begin 857-transaction series of Tornado Cash deposits totaling 85,700 ETH, continuing through July 2, 2022","source":""},{"date":"2022-07-27","event":"Harmony proposes two reimbursement options: minting 4.97 billion or 2.48 billion ONE tokens to compensate hack victims","source":""},{"date":"2022-08-08","event":"OFAC sanctions Tornado Cash, citing its use by the Lazarus Group to launder funds from Harmony and other hacks","source":""},{"date":"2022-09-23","event":"Harmony reverses token-minting reimbursement plan following community backlash; commits to treasury-funded recovery with 0% new minting","source":""},{"date":"2022-10-01","event":"Harmony relaunches cross-chain bridge using LayerZero validation layer, replacing the compromised multisig infrastructure","source":""},{"date":"2023-01-13","event":"North Korean-attributed actors resume laundering, depositing approximately $60 million in ETH into Railgun privacy protocol; 99.9% of Railgun deposits during this window traced to Harmony hack proceeds","source":""},{"date":"2023-01-14","event":"Binance and Huobi identify, block, and freeze approximately 124 BTC (~$2.5 million) deposited from the laundering addresses","source":""},{"date":"2023-01-23","event":"FBI formally confirms Lazarus Group (APT38) was responsible for the June 2022 Harmony Horizon Bridge theft; publishes 11 associated Bitcoin wallet addresses","source":""},{"date":"2025-03-01","event":"U.S. Treasury removes Tornado Cash from OFAC SDN list following Fifth Circuit Court of Appeals decision overturning sanctions","source":""}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision a9ebf1b8-8e3a-4cc1-96bd-26fe3c5e94aacopy