Skip to main content
Sign in
Hyperdrive HL1 decision on this page

Audit log

Every state-changing event for Hyperdrive HL: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-29 16:12:55Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,972,345
    sig
    5p64ueVh4gJH…y2neBt87explorer ↗
    hash
    GSXxkG9FUkWf…SRRGjA2Vsha256 → base58
    verifying row…full verify ↗
    canonical bytes (6218 B) ▸
    {"actor":"system:backfill","investigation_id":"dd592b49-5cdd-4dcf-b6aa-39f2c6ac9a89","kind":"publish","page_slug":"hyperdrive-hl","published_at":"2026-05-29T16:12:55.106Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Hyperdrive HL","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.cmointern.com/2025/05/hyperdrive-secures-6m-series-led-by.html","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/hyperdrive-hl","type":"other","url":""},{"credibility":3,"name":"https://x.com/hyperdrivedefi/status/1925944813427302528","type":"other","url":""},{"credibility":3,"name":"https://hyperdrive-2.gitbook.io/hyperdrive/for-developers/security-audits","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://x.com/CertiKAlert/status/1972117426893738341","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/372662/hyperliquid-based-hyperdrive-loses-782000-after-smart-contract-exploit","type":"other","url":""},{"credibility":3,"name":"https://crypto.news/hyperliquid-hyperdrive-resumes-services-700k-hack-2025/","type":"other","url":""},{"credibility":3,"name":"https://www.web3isgoinggreat.com/single/hyperdrive-exploit","type":"other","url":""},{"credibility":3,"name":"https://coincentral.com/hyperdrive-loses-782000-in-tokens-after-smart-contract-exploit-attack/","type":"other","url":""},{"credibility":3,"name":"https://cryptonews.com.au/news/hyperdrive-exploit-drains-us782k-in-third-major-hyperliquid-security-breach-131037/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.ainvest.com/news/exploit-days-exposes-hyperliquid-security-weaknesses-2509/","type":"other","url":""},{"credibility":3,"name":"https://cryptonews.com.au/news/hyperdrive-exploit-drains-us782k-in-third-major-hyperliquid-security-breach-131037/","type":"other","url":""},{"credibility":3,"name":"https://www.ccn.com/news/crypto/hackers-hit-hyperliquid-twice-stolen-hyperdrive-exploit/","type":"other","url":""},{"credibility":3,"name":"https://www.arringtoncapital.com/blog/hyperliquids-tipping-point-three-things-they-must-do-now/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://hyperdrive-2.gitbook.io/hyperdrive/for-developers/security-audits","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/372662/hyperliquid-based-hyperdrive-loses-782000-after-smart-contract-exploit","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://crypto.news/hyperliquid-hyperdrive-resumes-services-700k-hack-2025/","type":"other","url":""},{"credibility":3,"name":"https://www.mitrade.com/insights/news/live-news/article-3-1155419-20250929","type":"other","url":""},{"credibility":3,"name":"https://x.com/hyperdrivedefi/status/1972095669403111519","type":"other","url":""},{"credibility":3,"name":"https://coincentral.com/hyperdrive-loses-782000-in-tokens-after-smart-contract-exploit-attack/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://x.com/CertiKAlert/status/1972117426893738341","type":"other","url":""},{"credibility":3,"name":"https://www.web3isgoinggreat.com/single/hyperdrive-exploit","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/372662/hyperliquid-based-hyperdrive-loses-782000-after-smart-contract-exploit","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/@hyperdrive_fi/hyperdrive-token-airdrop-miles-hlp-and-hype-lst-5417f1d78544","type":"other","url":""},{"credibility":3,"name":"https://airdrops.io/hyperdrive/","type":"other","url":""},{"credibility":3,"name":"https://markets.coinpedia.org/hyperdrive/","type":"other","url":""},{"credibility":3,"name":"https://www.cmointern.com/2025/05/hyperdrive-secures-6m-series-led-by.html","type":"other","url":""}]}],"sources_used":[],"summary":"Hyperdrive HL (formerly Ambit Finance) is a stablecoin lending and liquid-staking protocol deployed on Hyperliquid EVM, which raised a $6 million Series A in May 2025 led by Hack VC and Arrington Capital. On September 27, 2025, an attacker exploited an arbitrary-call vulnerability in the protocol's router contract, draining approximately $782,000 in USDT0 and thBILL tokens across two markets. The team paused operations, patched the vulnerability, and compensated affected users before resuming, though the incident occurred within a broader wave of security breaches across the Hyperliquid ecosystem.","timeline":[{"date":"2025-05-24","event":"Hyperdrive HL (formerly Ambit Finance) closes $6 million Series A funding round led by Hack VC and Arrington Capital.","source":""},{"date":"2025-05-27","event":"Hyperdrive HL officially launches on Hyperliquid EVM with stablecoin lending, HYPED liquid staking, and HLP vault tokenization products.","source":""},{"date":"2025-09-26","event":"HyperVault, a separate Hyperliquid-based protocol, suffers an alleged $3.6 million loss in a suspected rug pull, with project social media disappearing.","source":""},{"date":"2025-09-27","event":"Attacker exploits an arbitrary-call vulnerability in Hyperdrive HL's router contract, draining 672,934 USDT0 and 110,244 thBILL tokens (~$782,000) from two markets. Stolen funds are bridged to Ethereum and BNB Chain via deBridge.","source":""},{"date":"2025-09-27","event":"CertiK publishes on-chain alert identifying the arbitrary call vulnerability in Hyperdrive's router contract. Hyperdrive team announces market pause and ongoing investigation on X.","source":""},{"date":"2025-09-27","event":"Hyperdrive team reports identifying the root cause and fixing the vulnerability. Team announces compensation plan for affected accounts.","source":""},{"date":"2025-09-29","event":"Hyperdrive team confirms all affected accounts have been remediated and market functions have been restored. Post-mortem report promised.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 1c9e3511-5fb1-44eb-8147-18030c377cfb
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.