Skip to main content
Sign in
MSCST (MSC Protocol)1 decision on this page

Audit log

Every state-changing event for MSCST (MSC Protocol): moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-29 16:07:50Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,971,581
    sig
    cEoqTr1FTkaH…54kqqUztexplorer ↗
    hash
    4RZQkk4ZGrk5…EUVMajh3sha256 → base58
    verifying row…full verify ↗
    canonical bytes (4666 B) ▸
    {"actor":"system:backfill","investigation_id":"ac7c5c18-795a-4f5f-877a-b4802b91f9da","kind":"publish","page_slug":"mscst","published_at":"2026-05-29T16:07:50.382Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"MSCST (MSC Protocol)","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.globenewswire.com/news-release/2022/06/26/2469107/0/en/MSC-Protocol-Redefined-protocol-for-sustainable-digital-asset.html","type":"other","url":""},{"credibility":3,"name":"https://msc-protocol.gitbook.io/msc-protocol-ecology","type":"other","url":""},{"credibility":3,"name":"https://blog.verichains.io/p/mscst-flash-loan-attack-price-manipulation","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.globenewswire.com/news-release/2022/06/26/2469107/0/en/MSC-Protocol-Redefined-protocol-for-sustainable-digital-asset.html","type":"other","url":""},{"credibility":3,"name":"https://msc-protocol.gitbook.io/msc-protocol-ecology","type":"other","url":""},{"credibility":3,"name":"https://www.crypto-reporter.com/newsfeed/msc-protocol-redefined-protocol-for-sustainable-digital-asset-33289/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.verichains.io/p/mscst-flash-loan-attack-price-manipulation","type":"other","url":""},{"credibility":3,"name":"https://www.panewslab.com/en/articles/47855b7f-1a7b-44b2-a938-53c5d168097d","type":"other","url":""},{"credibility":3,"name":"https://www.kucoin.com/news/flash/bsc-chain-mscst-project-hit-by-flash-loan-attack-suffers-130-000-loss","type":"other","url":""},{"credibility":3,"name":"https://www.weex.com/news/detail/bsc-on-chain-mscst-project-suffers-flash-loan-attack-loses-approximately-130000-290212","type":"other","url":""},{"credibility":3,"name":"https://www.rootdata.com/news/484283","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.lookonchain.com/feeds/41934","type":"other","url":""},{"credibility":3,"name":"https://www.ainvest.com/news/traders-spur-volatility-gpc-token-price-manipulation-mscst-flash-loan-exploit-2512/","type":"other","url":""},{"credibility":3,"name":"https://blog.verichains.io/p/mscst-flash-loan-attack-price-manipulation","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.verichains.io/p/mscst-flash-loan-attack-price-manipulation","type":"other","url":""},{"credibility":3,"name":"https://www.bitget.com/news/detail/12560605125098","type":"other","url":""},{"credibility":3,"name":"https://hacked.slowmist.io/en/?c=BSC","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://en.wikipedia.org/wiki/ZachXBT","type":"other","url":""},{"credibility":3,"name":"https://www.panewslab.com/en/articles/47855b7f-1a7b-44b2-a938-53c5d168097d","type":"other","url":""},{"credibility":3,"name":"https://www.weex.com/news/detail/bsc-on-chain-mscst-project-suffers-flash-loan-attack-loses-approximately-130000-290212","type":"other","url":""}]}],"sources_used":[],"summary":"MSCST is a BSC-based DeFi auto-staking token associated with MSC Protocol (MetaSuperCoin), which advertised an implausible fixed APY of 38,585% over 400 days with no public team or audits. On December 29, 2025, a flash loan attacker exploited a missing access control vulnerability in the protocol's releaseReward() function, draining approximately $130,000 (149 BNB) from the GPC/WBNB PancakeSwap liquidity pool. The project has been flagged by ZachXBT and received no recovery response from an identifiable development team.","timeline":[{"date":"2022-06-26","event":"MSC Protocol (MetaSuperCoin / MSCST) publicly announced via GlobeNewswire, advertising 38,585% APY and auto-compounding rewards on BSC.","source":""},{"date":"2025-12-29","event":"MSCST contract exploited via flash loan attack on BSC. Attacker (0xB0720D8541cD2b6fC35cCC39ec84e84383A7000b) borrowed 46.8M GPC tokens, manipulated GPC/WBNB PancakeSwap pool price, and extracted approximately 149 BNB (~$130,000) by calling the unprotected releaseReward() function.","source":""},{"date":"2025-12-29","event":"BlockSec Phalcon monitoring system detects the suspicious transaction on BSC targeting MSCST and issues alert.","source":""},{"date":"2025-12-29","event":"Multiple crypto outlets including PANews, Bitget News, KuCoin, WEEX, and Lookonchain report the exploit. Verichains publishes technical post-mortem.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 7a963ca2-8ffc-4b08-81c5-a59dd1507214
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.