Skip to main content
Sign in
Polter Finance1 decision on this page

Audit log

Every state-changing event for Polter Finance: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-20 04:09:18Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 420,910,754
    sig
    MQq4w2d8J8x1…pLgkfmGuexplorer ↗
    hash
    6mYdyNXWMnXZ…MczNcr7nsha256 → base58
    verifying row…full verify ↗
    canonical bytes (4542 B) ▸
    {"actor":"system:backfill","investigation_id":"97695430-7780-46fe-8666-3ea820e2f317","kind":"publish","page_slug":"polter-finance","published_at":"2026-05-20T04:09:18.931Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Polter Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://threesigma.xyz/blog/exploit/polter-finance-exploit-explained-usd12m-loss"},{"credibility":3,"name":"","type":"other","url":"https://rekt.news/polter-finance-rekt"},{"credibility":3,"name":"","type":"other","url":"https://polter.gitbook.io/polter/security/audit"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://threesigma.xyz/blog/exploit/polter-finance-exploit-explained-usd12m-loss"},{"credibility":3,"name":"","type":"other","url":"https://www.certik.com/blog/polter-finance-incident-analysis"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-polter-finance-hack-november-2024"},{"credibility":3,"name":"","type":"other","url":"https://www.quillaudits.com/blog/hack-analysis/polter-finance-12m-hack-analysis"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.certik.com/blog/polter-finance-incident-analysis"},{"credibility":3,"name":"","type":"other","url":"https://threesigma.xyz/blog/exploit/polter-finance-exploit-explained-usd12m-loss"},{"credibility":3,"name":"","type":"other","url":"https://rekt.news/polter-finance-rekt"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://decrypt.co/292080/crypto-lender-polter-finance-hack-drains-funds"},{"credibility":3,"name":"","type":"other","url":"https://crypto.news/polter-finance-kicks-off-recovery-efforts-following-12m-flash-loan-attack/"},{"credibility":3,"name":"","type":"other","url":"https://www.certik.com/blog/polter-finance-incident-analysis"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://threesigma.xyz/blog/exploit/polter-finance-exploit-explained-usd12m-loss"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-polter-finance-hack-november-2024"},{"credibility":3,"name":"","type":"other","url":"https://rekt.news/polter-finance-rekt"},{"credibility":3,"name":"","type":"other","url":"https://www.auditone.io/blog-posts/the-12m-polter-finance-hack-a-comprehensive-analysis"}]}],"sources_used":[],"summary":"Polter Finance was a decentralized lending protocol on the Fantom blockchain that suffered a critical oracle price manipulation exploit on November 16, 2024, resulting in losses estimated between $8.7 million and $12 million. The protocol was an unaudited fork of Geist Finance that relied on spot prices from SpookySwap liquidity pools as its oracle, a fundamental design flaw that allowed an attacker using funds originating from Tornado Cash to drain nearly all protocol TVL. The platform ceased operations following the hack, with no confirmed recovery of stolen assets as of mid-2026.","timeline":[{"date":"2024-11-16","event":"Attacker, using funds sourced from Tornado Cash on Ethereum bridged to Fantom, exploits the BOO lending market oracle via flash loan price manipulation, draining an estimated $8.7M–$12M from Polter Finance.","source":""},{"date":"2024-11-17","event":"Polter Finance pauses platform, issues public disclosure on X, notifies bridge operators, and traces alleged fund movement to Binance wallets.","source":""},{"date":"2024-11-17","event":"Pseudonymous founder Whichghost files a police report with Singapore authorities via Singpass, recording losses of SGD 16.1M (~$12M USD).","source":""},{"date":"2024-11-17","event":"Polter Finance sends on-chain message to exploiter offering no-prosecution negotiation; attacker does not respond.","source":""},{"date":"2024-11-18","event":"Polter Finance announces partnership with SEAL-ISAC to assist in attacker identification and fund tracing.","source":""},{"date":"2024-11-18","event":"On-chain forensics confirm attacker split ~10M FTM across 11 wallets, bridged to Ethereum via SquidRouter/Li.fi, and laundered at least 220 ETH through Tornado Cash.","source":""},{"date":"2024-11-20","event":"Polter Finance ceases operations. No user compensation mechanism is announced. Protocol remains offline.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision d702beec-28ec-4875-a792-ea1a6a739cbf
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.