Audit log

Every state-changing event for Odin.fun: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-06-01 17:48:28Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 423,640,331

   sig

   3ciEHH8cuU32…vSyZrLNocopyexplorer ↗

   hash

   CfwPiVma6M5X…SSnP8FfBcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (21281 B) ▸

   {"actor":"system:backfill","investigation_id":"9cdb1d45-3ea8-4949-ae90-7c7d1b57f54d","kind":"publish","page_slug":"odin-fun","published_at":"2026-06-01T17:48:28.747Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Odin.fun","sections":[{"content":"Odin.fun is a Runes marketplace and memecoin launchpad founded by Bob Bodily and the team behind the Bitcoin Ordinals marketplace Bioniq. Launched in January 2025, it is modeled on Solana's Pump.fun, allowing users to create and trade Runes-based meme tokens on a bonding curve that migrates to an internal automated market maker (AMM) once a one-Bitcoin market cap threshold is reached. The platform uses a custom application chain called Valhalla, built on the Dfinity Internet Computer (ICP) network, to achieve approximately two-second transaction finality and zero gas costs — a significant improvement over Bitcoin's native block times. By March 2025 the platform had recorded $30 million in trading volumes and roughly 20,000 users across nearly 4,000 created tokens. The platform received a strategic investment from Taproot Wizards in March 2025; deal terms were not publicly disclosed.","heading":"Platform Overview","severity":"low","sources":[{"credibility":2,"name":"Bitcoin Gets a Meme Coin Launchpad Like Pump.fun—Can It Boost Runes? — Decrypt","type":"news","url":"https://decrypt.co/303687/bitcoin-meme-coin-launchpad-odin-fun-runes"},{"credibility":2,"name":"Team behind Ordinals project Taproot Wizards leads 'strategic' raise for Bitcoin's version of Pump.fun — The Block","type":"news","url":"https://www.theblock.co/post/346438/ordinals-taproot-wizards-strategic-raise-bitcoin-pump-fun-runes-icp-odin"},{"credibility":2,"name":"Odin.fun Launches Fast-Transaction Platform for Bitcoin Meme Coins — Blockonomi","type":"news","url":"https://blockonomi.com/odin-fun-launches-fast-transaction-platform-for-bitcoin-meme-coins/"}]},{"content":"On August 12, 2025, Odin.fun suffered a critical liquidity manipulation exploit resulting in the theft of 58.2 BTC, valued at approximately $7 million. Attackers exploited a fundamental design flaw in the platform's AMM, which used its own internal token-price logic rather than any external price oracle. By depositing worthless Runes tokens — specifically SATOSHI and ODINPEPE — alongside BTC, and then conducting self-trades to artificially inflate the perceived value of those tokens within the AMM, attackers were able to withdraw a disproportionately large amount of BTC. The platform's total BTC deposits fell from 291 BTC to approximately 232.8 BTC in under two hours. Security firm Halborn noted that the vulnerable AMM code was introduced in a recent protocol update and showed 'no sign that the code was audited before release,' describing the flaws as 'trivial, well-known vulnerabilities.' Co-founder Bob Bodily publicly acknowledged that the platform's treasury was insufficient to cover the full losses. The incident involved multiple threat actors, reportedly with ties to Chinese groups operating in coordination. Odin.fun halted all trading and withdrawals and stated it was working with U.S. law enforcement, Chinese regulators, and major exchanges OKX and Binance to trace stolen funds. As of late August 2025, the platform had not committed to a timeline for resuming trading.","heading":"August 2025 AMM Exploit — $7 Million Lost","severity":"critical","sources":[{"credibility":1,"name":"Bitcoin Hack News: Attackers Drain $7M Bitcoin From Odin.fun in Liquidity Exploit — CoinDesk","type":"news","url":"https://www.coindesk.com/markets/2025/08/13/memecoin-launchpad-odin-fun-suffers-usd7m-liquidity-exploit"},{"credibility":2,"name":"Explained: The Odin.fun Hack (August 2025) — Halborn Security","type":"news","url":"https://www.halborn.com/blog/post/explained-the-odin-fun-hack-august-2025"},{"credibility":2,"name":"Bitcoin-based memecoin launchpad Odin.fun exploited for over $7 million — The Block","type":"news","url":"https://www.theblock.co/post/366704/bitcoin-launchpad-odin-fun-exploit"},{"credibility":2,"name":"How Odin.fun Lost 58.2 BTC in a Liquidity Manipulation Exploit — QuillAudits","type":"news","url":"https://www.quillaudits.com/blog/hack-analysis/how-odinfun-lost-58-3BTC-to-worthless-liquidity"},{"credibility":2,"name":"Bitcoin Meme Coin Launchpad Odin.fun Loses $7 Million in Liquidity Exploit — Decrypt","type":"news","url":"https://decrypt.co/334986/bitcoin-meme-coin-launchpad-7-million-liqudity-attack"},{"credibility":2,"name":"Odin.fun blames faulty liquidity AMM, China exploiters for uncoverable 58.2 BTC loss — Cryptopolitan","type":"news","url":"https://www.cryptopolitan.com/odin-fun-blames-liquidity-amm-china-exploit/"}]},{"content":"On April 14, 2025, Odin.fun paused trading and withdrawals after an attacker exploited a critical vulnerability in the Sign-In With Bitcoin (SIWB) authentication canister, developed by AstroX and deployed by Odin.fun on the Internet Computer. The flaw allowed attackers to impersonate users by providing a signed message with a victim's Bitcoin address but signed using an attacker-generated key, because the canister failed to validate that the public key used to verify the signature was actually associated with the stated wallet address. DFINITY's security team investigated and developed a proof-of-concept demonstrating the vulnerability. User funds were confirmed stolen, though the specific amount was not publicly disclosed in DFINITY's security advisory; third-party reporting estimated losses of approximately $178,000. The AstroX team quickly developed and released a patch, which Odin.fun deployed. The exploit also allegedly compromised co-founder Bob Bodily's own account. The incident was notable for originating in a third-party authentication library rather than Odin.fun's own code.","heading":"April 2025 Authentication Vulnerability — Sign-In With Bitcoin Exploit","severity":"high","sources":[{"credibility":2,"name":"Critical Vulnerability in Sign-In With Bitcoin (SIWB) used to Attack Odin.fun — DFINITY Developer Forum","type":"official","url":"https://forum.dfinity.org/t/critical-vulnerability-in-sign-in-with-bitcoin-siwb-used-to-attack-odin-fun-learnings-and-discussion/44721"},{"credibility":3,"name":"Odin.fun pauses trading, withdrawals after founder reported account breach — Mitrade","type":"news","url":"https://www.mitrade.com/insights/news/live-news/article-3-758872-20250414"},{"credibility":2,"name":"Bitcoin-based memecoin launchpad Odin.fun exploited for $7M — Crypto.news","type":"news","url":"https://crypto.news/bitcoin-memecoin-launchpad-odin-fun-exploited-2025/"}]},{"content":"Independent security analysis of the August 2025 exploit found that the vulnerable AMM code had not been audited prior to deployment. Security firm Halborn characterized the flaws as 'trivial, well-known vulnerabilities' that would likely have been caught by a standard audit. Industry analysts have noted that the platform lacked external price oracle validation in its AMM — a basic DeFi security primitive — and had no real-time transaction monitoring or deposit slippage limits to prevent manipulation. The April 2025 SIWB exploit also arose from a third-party library that had not been independently reviewed by the Odin.fun team before deployment. The pattern of two distinct exploits within four months — one targeting authentication infrastructure and one targeting core AMM logic — suggests systemic deficiencies in the platform's security review processes. Following the August 2025 hack, the team engaged a third-party security firm for a full code audit. As of late August 2025, the team reported being 'really close to finishing audit fixes' before resubmission.","heading":"Security Practices and Audit Failures","severity":"critical","sources":[{"credibility":2,"name":"Explained: The Odin.fun Hack (August 2025) — Halborn Security","type":"news","url":"https://www.halborn.com/blog/post/explained-the-odin-fun-hack-august-2025"},{"credibility":2,"name":"How Odin.fun Lost 58.2 BTC in a $7M Liquidity Exploit — QuillAudits","type":"news","url":"https://www.quillaudits.com/blog/hack-analysis/how-odinfun-lost-58-3BTC-to-worthless-liquidity"},{"credibility":3,"name":"Odin.fun CEO blames breach on faulty AMM — Bitcoin Ethereum News","type":"news","url":"https://bitcoinethereumnews.com/finance/odin-fun-ceo-blames-breach-on-faulty-amm/"}]},{"content":"Following the August 2025 exploit, co-founder Bob Bodily publicly stated that the platform's treasury was not large enough to cover the full 58.2 BTC loss. Bodily acknowledged the situation and called on the attackers to return funds, warning that they had 'a short window to return the funds before it is too late.' The team stated it was working on a 'concrete plan' to compensate affected users, but as of late August 2025 had not committed to a specific timeline or compensation structure. The team noted it had succeeded in having some funds frozen at centralized exchanges. Odin.fun's inability to self-insure losses from a $7 million exploit raises questions about the adequacy of the platform's risk reserves relative to its total value locked. No third-party insurance or formal compensation fund has been publicly announced.","heading":"User Compensation and Treasury Shortfall","severity":"high","sources":[{"credibility":2,"name":"Odin.fun Exploited for $7 Million as 58.2 BTC Stolen in Security Breach — CoinCentral","type":"news","url":"https://coincentral.com/odin-fun-exploited-for-7-million-as-58-2-btc-stolen-in-security-breach/"},{"credibility":2,"name":"Odin.fun not committed to timeline to resume trading in post-hack update — Cryptopolitan","type":"news","url":"https://www.cryptopolitan.com/odin-fun-not-committed-to-trading-timeline/"},{"credibility":2,"name":"Bitcoin Hack: How Odin.fun Lost 58.2 BTC in a Sophisticated Price Manipulation Attack — OKX","type":"news","url":"https://www.okx.com/en-eu/learn/bitcoin-hack-odin-fun-price-manipulation"}]},{"content":"Odin.fun's architecture relies on the Internet Computer (ICP) blockchain as a settlement and execution layer via its Valhalla application chain. User funds are held in ckBTC — a wrapped, ICRC-standard Bitcoin twin on ICP — rather than in direct self-custody on the Bitcoin base layer. This design introduces a dependency on ICP's security model and Dfinity's infrastructure in addition to Bitcoin itself. The use of session keys, while improving user experience by eliminating per-transaction signing, concentrates signing authority in the platform layer, creating a custodial-adjacent risk surface. The April 2025 SIWB exploit directly abused this session-key delegation model. Community members raised questions about the transparency of the platform's TVL accounting following the August 2025 hack, with some alleging the stated deposits were overstated; the team did not address these allegations publicly.","heading":"Infrastructure and Custodial Risk","severity":"high","sources":[{"credibility":2,"name":"Odin.fun challenges Pump.fun as Bitcoin's first meme coin launchpad — Crypto Briefing","type":"news","url":"https://cryptobriefing.com/bitcoin-meme-coin-launchpad/"},{"credibility":2,"name":"Let's Learn from the Odin.fun Hack — Preventing Attack Vectors — DFINITY Developer Forum","type":"official","url":"https://forum.dfinity.org/t/lets-learn-from-the-odin-fun-hack-preventing-attack-vectors/43848"},{"credibility":2,"name":"Odin.fun users panic as suspicious withdrawals drain deposits — Cryptopolitan","type":"news","url":"https://www.cryptopolitan.com/odin-fun-panic-withdrawals-drain-deposits/"}]},{"content":"Odin.fun is led by Bob Bodily, who also co-founded Bioniq, a Bitcoin Ordinals marketplace, and has prior involvement with Toniq Labs, the studio behind the Entrepot NFT marketplace and Stoic Wallet on the Internet Computer. Bodily holds a doctoral degree and maintains a public LinkedIn and professional presence. The team's identity is publicly disclosed and Bodily has communicated directly with the community through X during both the April and August 2025 incidents. Taproot Wizards, a prominent Bitcoin Ordinals project, led a strategic investment round in March 2025, providing some institutional credibility. However, the terms of this investment were not publicly disclosed, and no independent audit of the platform's tokenomics or treasury management has been published. The platform has not published a formal security policy, bug bounty program, or insurance fund details.","heading":"Team Background and Transparency","severity":"medium","sources":[{"credibility":2,"name":"Bob Bodily — Co-founder & CEO at Bioniq — CryptoSlate","type":"news","url":"https://cryptoslate.com/people/bob-bodily/"},{"credibility":2,"name":"Taproot Wizard Bankrolls Odin.fun a Bitcoin trading platform — Crypto Times","type":"news","url":"https://www.cryptotimes.io/2025/03/16/taproot-wizard-bankrolls-odin-fun-a-bitcoin-trading-platform/"},{"credibility":3,"name":"Odin.Fun Project Introduction, Team, Financing and News — RootData","type":"other","url":"https://www.rootdata.com/Projects/detail/Odin.Fun?k=MTYxMzU%3D"}]},{"content":"No regulatory actions by the SEC, CFTC, DOJ, or equivalent bodies against Odin.fun or its operators have been identified in publicly available records as of the date of this investigation. Following the August 2025 exploit, the team stated it was cooperating with U.S. law enforcement and working through OKX and Binance to engage Chinese regulatory authorities in tracking the alleged perpetrators. The platform facilitates the creation and trading of speculative meme tokens on Bitcoin, an activity that has attracted regulatory scrutiny in various jurisdictions. The use of the ICP blockchain and ckBTC introduces cross-jurisdictional considerations given Dfinity's Swiss-based foundation. No formal regulatory warnings or sanctions have been publicly issued against the platform.","heading":"Regulatory and Legal Considerations","severity":"medium","sources":[{"credibility":2,"name":"Odin.fun blames faulty liquidity AMM, China exploiters for uncoverable 58.2 BTC loss — Cryptopolitan","type":"news","url":"https://www.cryptopolitan.com/odin-fun-blames-liquidity-amm-china-exploit/"},{"credibility":2,"name":"Bitcoin-based memecoin launchpad Odin.fun exploited for over $7 million — The Block","type":"news","url":"https://www.theblock.co/post/366704/bitcoin-launchpad-odin-fun-exploit"}]}],"sources_used":[{"name":"Bitcoin Hack News: Attackers Drain $7M Bitcoin From Odin.fun in Liquidity Exploit — CoinDesk","type":"news","url":"https://www.coindesk.com/markets/2025/08/13/memecoin-launchpad-odin-fun-suffers-usd7m-liquidity-exploit"},{"name":"Explained: The Odin.fun Hack (August 2025) — Halborn Security","type":"news","url":"https://www.halborn.com/blog/post/explained-the-odin-fun-hack-august-2025"},{"name":"Bitcoin-based memecoin launchpad Odin.fun exploited for over $7 million — The Block","type":"news","url":"https://www.theblock.co/post/366704/bitcoin-launchpad-odin-fun-exploit"},{"name":"How Odin.fun Lost 58.2 BTC in a $7M Liquidity Exploit — QuillAudits","type":"news","url":"https://www.quillaudits.com/blog/hack-analysis/how-odinfun-lost-58-3BTC-to-worthless-liquidity"},{"name":"Bitcoin Meme Coin Launchpad Odin.fun Loses $7 Million in Liquidity Exploit — Decrypt","type":"news","url":"https://decrypt.co/334986/bitcoin-meme-coin-launchpad-7-million-liqudity-attack"},{"name":"Critical Vulnerability in Sign-In With Bitcoin (SIWB) used to Attack Odin.fun — DFINITY Developer Forum","type":"official","url":"https://forum.dfinity.org/t/critical-vulnerability-in-sign-in-with-bitcoin-siwb-used-to-attack-odin-fun-learnings-and-discussion/44721"},{"name":"Odin.fun blames faulty liquidity AMM, China exploiters for uncoverable 58.2 BTC loss — Cryptopolitan","type":"news","url":"https://www.cryptopolitan.com/odin-fun-blames-liquidity-amm-china-exploit/"},{"name":"Odin.fun not committed to timeline to resume trading in post-hack update — Cryptopolitan","type":"news","url":"https://www.cryptopolitan.com/odin-fun-not-committed-to-trading-timeline/"},{"name":"Team behind Ordinals project Taproot Wizards leads 'strategic' raise for Bitcoin's version of Pump.fun — The Block","type":"news","url":"https://www.theblock.co/post/346438/ordinals-taproot-wizards-strategic-raise-bitcoin-pump-fun-runes-icp-odin"},{"name":"Bitcoin Gets a Meme Coin Launchpad Like Pump.fun — Decrypt","type":"news","url":"https://decrypt.co/303687/bitcoin-meme-coin-launchpad-odin-fun-runes"},{"name":"Odin.fun challenges Pump.fun as Bitcoin's first meme coin launchpad — Crypto Briefing","type":"news","url":"https://cryptobriefing.com/bitcoin-meme-coin-launchpad/"},{"name":"Odin.fun Exploited for $7 Million as 58.2 BTC Stolen in Security Breach — CoinCentral","type":"news","url":"https://coincentral.com/odin-fun-exploited-for-7-million-as-58-2-btc-stolen-in-security-breach/"},{"name":"Odin.fun users panic as suspicious withdrawals drain deposits — Cryptopolitan","type":"news","url":"https://www.cryptopolitan.com/odin-fun-panic-withdrawals-drain-deposits/"},{"name":"Odin.Fun Hack (2025) — $7.0M Lost — Smart Contract Hacking","type":"news","url":"https://smartcontractshacking.com/hacks/odin-fun-hack-2025"},{"name":"Bitcoin Hack: How Odin.fun Lost 58.2 BTC in a Sophisticated Price Manipulation Attack — OKX","type":"news","url":"https://www.okx.com/en-eu/learn/bitcoin-hack-odin-fun-price-manipulation"},{"name":"Let's Learn from the Odin.fun Hack — Preventing Attack Vectors — DFINITY Developer Forum","type":"official","url":"https://forum.dfinity.org/t/lets-learn-from-the-odin-fun-hack-preventing-attack-vectors/43848"},{"name":"Taproot Wizard Bankrolls Odin.fun a Bitcoin trading platform — Crypto Times","type":"news","url":"https://www.cryptotimes.io/2025/03/16/taproot-wizard-bankrolls-odin-fun-a-bitcoin-trading-platform/"},{"name":"Bob Bodily — Co-founder & CEO at Bioniq — CryptoSlate","type":"news","url":"https://cryptoslate.com/people/bob-bodily/"}],"summary":"Odin.fun is a Bitcoin-native memecoin launchpad built on the Runes protocol, using the Internet Computer (ICP) blockchain as a settlement layer for fast, low-cost trading. The platform launched in early 2025 and attracted backing from the Taproot Wizards Ordinals project, but has suffered at least two confirmed security exploits — a $178,000 authentication vulnerability in April 2025 and a $7 million liquidity manipulation attack in August 2025 — with the latter draining user funds that the team has acknowledged it cannot fully repay from its own treasury.","timeline":[{"date":"2025-01-01","event":"Odin.fun launches as a Runes/BTC memecoin launchpad built on the Internet Computer's Valhalla application chain, founded by the Bioniq team.","source":"Blockonomi","source_url":"https://blockonomi.com/odin-fun-launches-fast-transaction-platform-for-bitcoin-meme-coins/"},{"date":"2025-03-14","event":"Taproot Wizards leads a strategic investment round in Odin.fun; financial terms are not disclosed. Platform reports $30M in trading volume and 20,000 users.","source":"The Block","source_url":"https://www.theblock.co/post/346438/ordinals-taproot-wizards-strategic-raise-bitcoin-pump-fun-runes-icp-odin"},{"date":"2025-04-14","event":"Odin.fun pauses all trading and withdrawals after attackers exploit a critical authentication vulnerability in the Sign-In With Bitcoin (SIWB) canister, allowing user impersonation. Estimated $178,000 in user funds stolen. Co-founder Bob Bodily's account is also allegedly compromised.","source":"DFINITY Developer Forum","source_url":"https://forum.dfinity.org/t/critical-vulnerability-in-sign-in-with-bitcoin-siwb-used-to-attack-odin-fun-learnings-and-discussion/44721"},{"date":"2025-04-15","event":"AstroX releases a patch for the SIWB vulnerability; Odin.fun deploys the patch and resumes operations.","source":"DFINITY Developer Forum","source_url":"https://forum.dfinity.org/t/critical-vulnerability-in-sign-in-with-bitcoin-siwb-used-to-attack-odin-fun-learnings-and-discussion/44721"},{"date":"2025-08-12","event":"Odin.fun suffers a $7 million liquidity manipulation exploit. Attackers deposit worthless Runes tokens (SATOSHI, ODINPEPE) alongside BTC into the AMM, conduct self-trades to inflate token prices, then withdraw disproportionately large BTC amounts. 58.2 BTC drained in under two hours. Trading and withdrawals halted immediately.","source":"CoinDesk","source_url":"https://www.coindesk.com/markets/2025/08/13/memecoin-launchpad-odin-fun-suffers-usd7m-liquidity-exploit"},{"date":"2025-08-13","event":"Bob Bodily publicly acknowledges the treasury is insufficient to cover losses and issues an on-chain message calling on attackers to return funds. Platform engages U.S. law enforcement and Chinese regulators via OKX and Binance.","source":"CoinCentral","source_url":"https://coincentral.com/odin-fun-exploited-for-7-million-as-58-2-btc-stolen-in-security-breach/"},{"date":"2025-08-19","event":"Bodily posts update stating 'really good' progress: some stolen funds frozen at CEXs, external audit ongoing, no trading resumption date committed.","source":"Cryptopolitan","source_url":"https://www.cryptopolitan.com/odin-fun-not-committed-to-trading-timeline/"}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 7b3a15fd-3b31-412e-a2d5-60373079ec44copy