Skip to main content
Sign in
Pickle Finance1 decision on this page

Audit log

Every state-changing event for Pickle Finance: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-26 03:49:50Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,206,395
    sig
    4UrxGYfqxhnA…vUZ9SAqyexplorer ↗
    hash
    EWLoPrSpYZSU…2gptBCL6sha256 → base58
    verifying row…full verify ↗
    canonical bytes (7618 B) ▸
    {"actor":"system:backfill","investigation_id":"38261708-bdaf-4edf-8589-ff2c92a74fa2","kind":"publish","page_slug":"pickle","published_at":"2026-05-26T03:49:50.642Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Pickle Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cryptotesters.com/review/what-is-pickle-finance","type":"other","url":""},{"credibility":3,"name":"https://chainstack.com/pickle-finance-on-chainstack-accelerating-growth-into-new-networks/","type":"other","url":""},{"credibility":3,"name":"https://docs.pickle.finance","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/pickle-finance-rekt","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-defi-protocol-pickle-finance-hack-nov-2020","type":"other","url":""},{"credibility":3,"name":"https://picklefinance.medium.com/pickle-was-hacked-and-there-has-been-a-loss-of-funds-414b99969c29","type":"other","url":""},{"credibility":3,"name":"https://decrypt.co/49149/pickle-finance-hack","type":"other","url":""},{"credibility":3,"name":"https://www.nasdaq.com/articles/defi-protocol-pickle-finance-token-loses-almost-half-its-value-after-$19.7m-hack-2020-11","type":"other","url":""},{"credibility":3,"name":"https://github.com/banteg/evil-jar","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://github.com/pickle-finance/protocol/blob/master/audits/Haechi_Audit.pdf","type":"other","url":""},{"credibility":3,"name":"https://docs.pickle.finance/security/audits-and-timelock/smart-contract-audits","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/pickle-finance-rekt","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/pickle-finance-postmortem-details-how-19-million-dai-was-pilfered/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://coverprotocol.medium.com/11-21-20-claim-outcome-for-pickle-finance-aa2fcc56cb7c","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/decentralized-insurance-protocol-cover-holds-vote-to-cover-pickle-hack","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/pickle-finance-loses-20-million-in-latest-defi-exploit/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cryptonews.net/news/security/6222707/","type":"other","url":""},{"credibility":3,"name":"https://en.ethereumworldnews.com/2020s-pickle-finance-hackers-launder-1800-ethereum-through-tornado-cash/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://beincrypto.com/yearn-finance-consumes-pickle-without-governance-vote/","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/markets/2020/11/24/yearning-for-pickle-two-defi-protocols-merge","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/yearn-finance-absorbs-pickle-to-boost-defi-rewards","type":"other","url":""},{"credibility":3,"name":"https://gov.yearn.finance/t/retroactive-vote-on-pickle-yearn-ferments/8306","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://coinmarketcap.com/currencies/pickle-finance/","type":"other","url":""},{"credibility":3,"name":"https://www.coingecko.com/en/coins/pickle-finance","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/pickle","type":"other","url":""},{"credibility":3,"name":"https://picklefinance.medium.com/pickle-finance-closing-the-jar-7996fe4ecd94","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://picklefinance.medium.com/pickle-finance-closing-the-jar-7996fe4ecd94","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cryptotesters.com/review/what-is-pickle-finance","type":"other","url":""},{"credibility":3,"name":"https://www.publish0x.com/arkemmus-blog/pickle-finance-defi-with-a-cucumber-flavour-xgpnznp","type":"other","url":""}]}],"sources_used":[],"summary":"Pickle Finance was an Ethereum-based DeFi yield aggregator launched in September 2020 that suffered a critical smart contract exploit on November 21, 2020, resulting in the theft of approximately 19.76 million DAI (roughly $19.7 million) from its pDAI PickleJar. The exploit, known as the 'Evil Jar Attack,' combined three design flaws in unaudited contract code and led to a 50% collapse in the PICKLE token price, with hack proceeds later laundered through Tornado Cash. The protocol subsequently merged with Yearn Finance but never meaningfully recovered; it officially announced its shutdown in 2025 with the UI disabled on October 1, 2025.","timeline":[{"date":"2020-09-01","event":"Pickle Finance launches on Ethereum as a yield aggregator offering Pickle Jars and Pickle Farms.","source":""},{"date":"2020-10-03","event":"MixBytes completes a security audit of Pickle Finance smart contracts (ControllerV3 scope).","source":""},{"date":"2020-10-20","event":"Haechi completes a security audit of Pickle Finance smart contracts (ControllerV3 scope).","source":""},{"date":"2020-10-23","event":"ControllerV4 and the swapExactJarForJar function are deployed to production without undergoing a security audit.","source":""},{"date":"2020-11-21","event":"Attacker exploits three chained vulnerabilities in ControllerV4 and drains 19,759,355 DAI from the pDAI PickleJar in the Evil Jar Attack. PICKLE token falls approximately 50%.","source":""},{"date":"2020-11-22","event":"Pickle Finance executes an emergency timelock transaction at 15:15 UTC to revoke the exploited proxy logic from the Controller. White-hat team secures remaining $50 million in assets. Official postmortem published.","source":""},{"date":"2020-11-24","event":"Yearn Finance announces merger with Pickle Finance, characterized as DeFi's first M&A deal, without a prior community governance vote from either protocol.","source":""},{"date":"2020-11-25","event":"PICKLE token surges to approximately $27 on merger announcement.","source":""},{"date":"2020-12-01","event":"Cover Protocol approves Pickle Finance insurance claim; 282,035 DAI paid out, covering less than 2% of total losses.","source":""},{"date":"2020-12-01","event":"Developers 0xPenguin and BigBrainBriner depart Pickle Finance.","source":""},{"date":"2021-02-09","event":"PICKLE token reaches all-time high of approximately $34.35 before entering a sustained decline.","source":""},{"date":"2021-01-01","event":"Stolen funds from the November 2020 exploit are laundered through Tornado Cash in batches of 100 ETH; total of 1,800 ETH moved through the mixer according to PeckShieldAlert.","source":""},{"date":"2022-01-01","event":"Bear market conditions sharply reduce Pickle Finance TVL and user activity; the protocol struggles to compete in the saturated yield aggregator market.","source":""},{"date":"2025-06-10","event":"Pickle Finance takes a snapshot of PICKLE and DILL holders for treasury distribution eligibility (minimum 300 PICKLE required).","source":""},{"date":"2025-10-01","event":"Pickle Finance UI is disabled. Protocol officially sunsets after approximately five years. Remaining 170,280 USDC treasury distributed to eligible token holders.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 08912c25-413c-40ff-8c85-a53898a6a6a7
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.