← PolyNetwork1 decision on this page

Audit log

Every state-changing event for PolyNetwork: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

#1publishby system:backfill
2026-05-28 03:28:48Z
Score: ? → ? (no score change)
anchoranchored
chain
●mainnet-betaslot 422,638,479
sig
2epGdRjbteZb…wrrJ5BADexplorer ↗
hash
uUyQ9LjodCEZ…TZweQrZHsha256 → base58
verifying row…full verify ↗
canonical bytes (7405 B) ▸
{"actor":"system:backfill","investigation_id":"48747a0a-a4d2-4bb3-90d7-033e2dc76a7f","kind":"publish","page_slug":"polynetwork","published_at":"2026-05-28T03:28:48.086Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"PolyNetwork","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://neo.org/blog/details/4207","type":"other","url":""},{"credibility":3,"name":"https://neonewstoday.com/general/neo-collaborates-with-switcheo-and-ontology-to-launch-poly-network-a-new-tokenless-and-heterogeneous-interoperability-protocol/","type":"other","url":""},{"credibility":3,"name":"https://phemex.com/academy/what-is-poly-network","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://en.wikipedia.org/wiki/Poly_Network_exploit","type":"other","url":""},{"credibility":3,"name":"https://research.kudelskisecurity.com/2021/08/12/the-poly-network-hack-explained/","type":"other","url":""},{"credibility":3,"name":"https://halborn.com/explained-the-poly-network-hack-august-2021/","type":"other","url":""},{"credibility":3,"name":"https://slowmist.medium.com/the-root-cause-of-poly-network-being-hacked-ec2ee1b0c68f","type":"other","url":""},{"credibility":3,"name":"https://slowmist.medium.com/the-analysis-and-q-a-of-poly-network-being-hacked-8112a35beb39","type":"other","url":""},{"credibility":3,"name":"https://www.chainalysis.com/blog/poly-network-hack-august-2021/","type":"other","url":""},{"credibility":3,"name":"https://www.elliptic.co/blog/the-poly-network-hack-600-million-in-crypto-stolen-and-returned-in-24-hours","type":"other","url":""},{"credibility":3,"name":"https://www.cnbc.com/2021/08/23/poly-network-hacker-returns-remaining-cryptocurrency.html","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/poly-network-hacker-returns-nearly-all-funds-refuses-500k-white-hat-bounty","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://therecord.media/crypto-platform-poly-network-suspends-service-after-hack","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-poly-network-hack-july-2023","type":"other","url":""},{"credibility":3,"name":"https://dedaub.com/blog/poly-network-hack/","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/tech/2023/07/02/polynetwork-attacker-issues-worthless-billions-in-shib-bnb-busd-in-latest-crypto-hack","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/poly-network-exploit-hackers/","type":"other","url":""},{"credibility":3,"name":"https://polynetwork.medium.com/the-poly-network-exploit-analysis-b0a77aff6078","type":"other","url":""},{"credibility":3,"name":"https://crypto.news/polynetwork-remains-suspended-24-hours-after-5m-hack/","type":"other","url":""},{"credibility":3,"name":"https://www.quillaudits.com/blog/hack-analysis/poly-network-hack","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://polynetwork.medium.com/notice-of-complete-termination-of-poly-network-services-3470ef78d9d9","type":"other","url":""},{"credibility":3,"name":"https://neonewstoday.com/development/poly-network-announces-complete-termination-of-all-services/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://halborn.com/explained-the-poly-network-hack-august-2021/","type":"other","url":""},{"credibility":3,"name":"https://research.kudelskisecurity.com/2021/08/12/the-poly-network-hack-explained/","type":"other","url":""},{"credibility":3,"name":"https://dedaub.com/blog/poly-network-hack/","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-poly-network-hack-july-2023","type":"other","url":""},{"credibility":3,"name":"https://en.wikipedia.org/wiki/Poly_Network_exploit","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://en.wikipedia.org/wiki/Poly_Network_exploit","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/tech/2021/12/07/most-influential-40-polynetwork-hacker","type":"other","url":""},{"credibility":3,"name":"https://therecord.media/crypto-platform-poly-network-suspends-service-after-hack","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://decrypt.co/147059/poly-network-attack-conjures-billions-of-dollars-in-tokens-that-did-not-exist","type":"other","url":""}]}],"sources_used":[],"summary":"Poly Network was a cross-chain interoperability protocol launched in August 2020 by Neo, Ontology, and Switcheo. It suffered two major security breaches: a $610 million exploit in August 2021 (the largest DeFi hack at the time, with funds ultimately returned) and a second exploit in July 2023 in which attackers minted billions in notional value of tokens, extracting an estimated $10–20 million in real assets. The protocol permanently terminated all services on September 30, 2024.","timeline":[{"date":"2020-08-18","event":"Poly Network launched by founding members Neo, Ontology, and Switcheo as a tokenless heterogeneous cross-chain interoperability protocol.","source":""},{"date":"2021-08-10","event":"Attacker exploits access control vulnerability in EthCrossChainManager and EthCrossChainData smart contracts, draining approximately $610 million across Ethereum, Binance Smart Chain, and Polygon — the largest DeFi hack at the time.","source":""},{"date":"2021-08-11","event":"Attacker begins returning stolen funds and claims via embedded on-chain messages that the theft was intended to expose the vulnerability. Poly Network refers to the attacker as 'Mr. White Hat.'","source":""},{"date":"2021-08-13","event":"Approximately $340 million in funds returned; remaining assets moved to a multi-signature address requiring Poly Network cooperation for transfer.","source":""},{"date":"2021-08-25","event":"Final tranche of stolen funds returned. Poly Network confirms all assets recovered. The hacker declines the $500,000 bug bounty.","source":""},{"date":"2021-09-01","event":"Poly Network launches a bug bounty program on Immunefi offering up to $100,000 for critical vulnerabilities.","source":""},{"date":"2023-07-02","event":"Second major exploit: attackers allegedly compromise 3 of 4 Relay Chain keeper private keys via Trojan virus or insider action, minting billions in notional-value tokens across 11 chains. Actual realized losses estimated at $10–20 million. Services immediately suspended.","source":""},{"date":"2023-07-04","event":"Poly Network publishes post-mortem attributing the 2023 exploit to Trojan-implanted malware in the compilation environment used to generate consensus node keys.","source":""},{"date":"2024-04-01","event":"Poly Network announces it will cease new deployments and transition to support-only mode for existing partners.","source":""},{"date":"2024-09-11","event":"Poly Network publishes notice of complete termination of all services effective September 30, 2024, citing 'changing market landscape.'","source":""},{"date":"2024-09-30","event":"All Poly Network services, including Poly Bridge, permanently shut down.","source":""}]},"v":1}
Verify offline (run on your own machine)
python -m src.verify_decision d481635b-272e-4a32-9c91-ec19d7e6f2e9

How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.