Skip to main content
Sign in
Lendf.me1 decision on this page

Audit log

Every state-changing event for Lendf.me: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-28 19:07:01Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,780,604
    sig
    3VQQu8Hj5Du2…XqzAv41Zexplorer ↗
    hash
    2o9JxGhJayJm…7qiiGGi3sha256 → base58
    verifying row…full verify ↗
    canonical bytes (7541 B) ▸
    {"actor":"system:backfill","investigation_id":"83cab2d1-6d9a-46e6-8786-9df49fcc4fe7","kind":"publish","page_slug":"lendfme","published_at":"2026-05-28T19:07:01.812Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Lendf.me","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://decrypt.co/26033/dforce-lendfme-defi-hack-25m","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/tech/2020/04/14/chinese-defi-platform-dforce-raises-15m-from-multicoin-huobi-capital","type":"other","url":""},{"credibility":3,"name":"https://medium.com/dforcenet/a-summary-of-the-attack-on-lendf-me-on-april-19-2020-e2f1c5d96640","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://peckshield.medium.com/uniswap-lendf-me-hacks-root-cause-and-loss-analysis-50f3263dcc09","type":"other","url":""},{"credibility":3,"name":"https://slowmist.medium.com/slowmist-details-of-lendf-me-reentrancy-attack-3e168ab5f2b1","type":"other","url":""},{"credibility":3,"name":"https://quantstamp.com/blog/how-the-dforce-hacker-used-reentrancy-to-steal-25-million","type":"other","url":""},{"credibility":3,"name":"https://valid.network/post/the-reentrancy-strikes-again-the-case-of-lendf-me","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/dforce-hacker-returns-stolen-money-as-criticism-of-the-project-continues","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://slowmist.medium.com/slowmist-details-of-lendf-me-reentrancy-attack-3e168ab5f2b1","type":"other","url":""},{"credibility":3,"name":"https://peckshield.medium.com/uniswap-lendf-me-hacks-root-cause-and-loss-analysis-50f3263dcc09","type":"other","url":""},{"credibility":3,"name":"https://quantstamp.com/blog/how-the-dforce-hacker-used-reentrancy-to-steal-25-million","type":"other","url":""},{"credibility":3,"name":"https://securityaffairs.com/101895/cyber-crime/uniswap-lendf-me-hacked.html","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/dforcenet/lendf-me-hack-resolution-part-i-asset-redistribution-plan-9cefee49f209","type":"other","url":""},{"credibility":3,"name":"https://medium.com/dforcenet/lendf-me-resolution-part-ii-dforce-better-future-proposal-76a07b65ca24","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/63141/defi-dforce-attack-24-million-funds-return","type":"other","url":""},{"credibility":3,"name":"https://coingeek.com/dforce-hacker-returns-25m-stolen-funds/","type":"other","url":""},{"credibility":3,"name":"https://cryptobriefing.com/the-dforce-hacker-is-returning-stolen-funds/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://decrypt.co/26069/exclusive-an-interview-with-dforce-founder-mindao-yang","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/tech/2020/04/14/chinese-defi-platform-dforce-raises-15m-from-multicoin-huobi-capital","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@mindao.yang/update-on-lendf-me-ee83f4380b70","type":"other","url":""},{"credibility":3,"name":"https://medium.com/dforcenet/a-summary-of-the-attack-on-lendf-me-on-april-19-2020-e2f1c5d96640","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cointelegraph.com/news/dforce-hacker-returns-stolen-money-as-criticism-of-the-project-continues","type":"other","url":""},{"credibility":3,"name":"https://quantstamp.com/blog/how-the-dforce-hacker-used-reentrancy-to-steal-25-million","type":"other","url":""},{"credibility":3,"name":"https://valid.network/post/the-reentrancy-strikes-again-the-case-of-lendf-me","type":"other","url":""},{"credibility":3,"name":"https://github.com/dforce-network/documents/blob/master/audit_report/Lending/dForceLending-Audit-Report-TrailofBits-Mar-2021.pdf","type":"other","url":""},{"credibility":3,"name":"https://medium.com/dforcenet/lendf-me-resolution-part-ii-dforce-better-future-proposal-76a07b65ca24","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.americancryptoassociation.com/2020/04/20/dforce-hacker-attempts-to-negotiate-after-allegedly-leaking-his-identity/","type":"other","url":""},{"credibility":3,"name":"https://www.newsbtc.com/2020/04/21/2-reasons-why-ethereum-defi-hacker-returned-25-million-in-hacked-funds/","type":"other","url":""},{"credibility":3,"name":"https://www.bitsofblocks.io/post/theft-and-giving-it-back-25m-stolen-and-returned-in-lendf-me-debacle","type":"other","url":""},{"credibility":3,"name":"https://quadrigainitiative.com/casestudy/dforcelendfmedefiprotocolbreached.php","type":"other","url":""}]}],"sources_used":[],"summary":"Lendf.me was a decentralized lending protocol built by dForce Network and launched in September 2019 as a fork of Compound v1. On April 19, 2020, an attacker exploited a reentrancy vulnerability involving ERC-777 tokens to drain approximately $25.2 million from the protocol — at the time representing 99.95% of its total value locked. The attacker returned nearly all funds within two days after inadvertently exposing identifying metadata, and the original Lendf.me contract was permanently deprecated following the incident.","timeline":[{"date":"2018-01-01","event":"Mindao Yang founds dForce Network in late 2018 as a China-based open finance protocol.","source":""},{"date":"2019-09-01","event":"Lendf.me lending protocol launches as a fork of Compound v1, initially supporting a limited set of Ethereum assets.","source":""},{"date":"2020-04-14","event":"dForce announces a $1.5 million strategic funding round led by Multicoin Capital, with Huobi Capital and CMBI participating.","source":""},{"date":"2020-04-19","event":"At approximately 12:58 AM UTC, attacker (EOA: 0xa9bf70a420d364e923c74448d9d817d3f2a77822) begins exploiting the ERC-777 reentrancy vulnerability. By 9:15 AM UTC+8, dForce discovers the attack. Lendf.me contracts are paused approximately one hour after the exploit begins. Approximately $25.2 million (~99.95% of TVL) is drained across 12 liquidity pools.","source":""},{"date":"2020-04-20","event":"dForce files a police report with Singapore authorities. The attacker's identifying metadata — including IP address and device fingerprint — is obtained from a CDN provider via subpoena. The attacker returns approximately $2.79 million as a first partial repayment.","source":""},{"date":"2020-04-21","event":"The attacker returns the remaining stolen funds, completing near-total restitution. dForce opens its Asset Recovery System for user withdrawals.","source":""},{"date":"2020-04-27","event":"dForce reports that over 90% of recovered assets have been redistributed to users and that 100% of affected users will be made whole.","source":""},{"date":"2020-05-01","event":"dForce publishes the 'Better Future' Proposal announcing 2,000,000 DF token airdrop to hack-affected users, creation of the dSAFU insurance fund with 50,000,000 DF tokens, and security improvement commitments. The original Lendf.me contract is permanently deprecated.","source":""},{"date":"2021-03-01","event":"Trail of Bits publishes a security audit of the redesigned dForce Lending protocol, reflecting post-incident security improvements.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision b14542c3-0861-4eff-bc10-4ea7776e7678
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.