← PeopleDAO1 decision on this page

Audit log

Every state-changing event for PeopleDAO: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

#1publishby system:backfill
2026-05-30 05:05:38Z
Score: ? → ? (no score change)
anchoranchored
chain
●mainnet-betaslot 423,089,312
sig
4oPutJTPw4gG…rPGXK8zPexplorer ↗
hash
3KeJEGawKarC…yDjH9vFZsha256 → base58
verifying row…full verify ↗
canonical bytes (5420 B) ▸
{"actor":"system:backfill","investigation_id":"28b0aaa9-98f7-4552-b0ea-b8e96024fc77","kind":"publish","page_slug":"peopledao","published_at":"2026-05-30T05:05:38.598Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"PeopleDAO","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.gate.com/learn/articles/what-is-constitutiondao/672","type":"other","url":""},{"credibility":3,"name":"https://people-dao.com/governance/people-token","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/currencies/constitutiondao/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.theblock.co/post/219214/peopledao-hacked-via-google-sheets","type":"other","url":""},{"credibility":3,"name":"https://www.oodaloop.com/technology/2023/03/13/peopledao-hacked-via-google-sheets-120000-worth-of-ether-stolen/","type":"other","url":""},{"credibility":3,"name":"https://dexenetwork.medium.com/peopledao-hacked-for-76-5eth-in-the-most-comically-bad-way-f369ca12f4ea","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.theblock.co/post/219214/peopledao-hacked-via-google-sheets","type":"other","url":""},{"credibility":3,"name":"https://www.request.finance/post/peopledaos-crypto-payroll-hacked-for-76-5-eth-prevention-tips","type":"other","url":""},{"credibility":3,"name":"https://dexenetwork.medium.com/peopledao-hacked-for-76-5eth-in-the-most-comically-bad-way-f369ca12f4ea","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.oodaloop.com/technology/2023/03/13/peopledao-hacked-via-google-sheets-120000-worth-of-ether-stolen/","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/219214/peopledao-hacked-via-google-sheets","type":"other","url":""},{"credibility":3,"name":"https://en.wikipedia.org/wiki/ZachXBT","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coingecko.com/en/coins/constitutiondao","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/currencies/constitutiondao/","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/cmc-ai/constitutiondao/price-prediction/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://peopledao.mirror.xyz/nPEAVJ7NPKwrFKwNQ1A960LyrU_Nh2etT02lLvORCcg","type":"other","url":""},{"credibility":3,"name":"https://people-dao.com/","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/219214/peopledao-hacked-via-google-sheets","type":"other","url":""}]}],"sources_used":[],"summary":"PeopleDAO is a community-governed decentralized autonomous organization that emerged from ConstitutionDAO in late 2021, adopting the PEOPLE token as its governance instrument and operating as a meta-DAO incubator for social-good subDAOs. In March 2023, the organization suffered a significant treasury exploit in which an attacker stole 76.5 ETH (approximately $120,000) by exploiting a publicly shared Google Sheets payroll form with edit access — a failure of basic operational security controls. The stolen funds were moved to centralized exchanges and no recovery has been confirmed; the incident drew engagement from on-chain investigator ZachXBT and blockchain security firm SlowMist.","timeline":[{"date":"2021-11-01","event":"ConstitutionDAO forms with the goal of purchasing a copy of the U.S. Constitution at Sotheby's auction, raising over $47 million in ETH from 17,000+ contributors and issuing the PEOPLE ERC-20 token.","source":""},{"date":"2021-11-18","event":"ConstitutionDAO is outbid at the Sotheby's auction by hedge fund manager Ken Griffin, whose bid of approximately $43.2 million wins. The DAO announces dissolution and opens redemptions.","source":""},{"date":"2021-12-06","event":"Community members vote via Snapshot to form PeopleDAO, adopting the PEOPLE token as the governance instrument for a new meta-DAO structure focused on social good and Web3 coordination.","source":""},{"date":"2022-06-01","event":"PeopleDAO has incubated two subDAOs (PandaDAO and LanguageDAO) and one community project (Constitution Fractionalized), establishing its operational model as a subDAO accelerator.","source":""},{"date":"2023-03-06","event":"PeopleDAO's accounting lead accidentally posts a Google Sheets payroll form with edit access to a public Discord channel. An attacker inserts a fraudulent payment row for 76.5 ETH, conceals it, and the entry passes multi-sig review. The attacker receives 76.5 ETH (~$120,000) from the Gnosis Safe treasury.","source":""},{"date":"2023-03-06","event":"The attacker transfers stolen funds: 69.2 ETH ($110,000) to HitBTC and 7.3 ETH to Binance.","source":""},{"date":"2023-03-13","event":"PeopleDAO publicly discloses the exploit. The organization announces it is working with ZachXBT and SlowMist to trace the attacker and has reported the incident to U.S. law enforcement and the exchanges involved. A 10% white hat bounty is offered.","source":""},{"date":"2025-11-01","event":"KuCoin delists PEOPLE from Spot Margin Trading services, reducing leveraged trading access to the token.","source":""}]},"v":1}
Verify offline (run on your own machine)
python -m src.verify_decision e975c4ec-34c9-4699-8b57-bd1c9c7668b5

How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.