Skip to main content
Sign in
PrismaFi1 decision on this page

Audit log

Every state-changing event for PrismaFi: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-30 18:33:20Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 423,211,619
    sig
    4P4P3PZs14sr…USD2pehPexplorer ↗
    hash
    A8VXWppSepmd…7g4eVLRgsha256 → base58
    verifying row…full verify ↗
    canonical bytes (7839 B) ▸
    {"actor":"system:backfill","investigation_id":"661d5ad6-dffe-4aee-8e80-6c3992a1e1ac","kind":"publish","page_slug":"prisma-fi","published_at":"2026-05-30T18:33:20.521Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"PrismaFi","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://thedefiant.io/news/defi/prisma-finance-suffers-usd12-million-exploit","type":"other","url":""},{"credibility":3,"name":"https://cryptoslate.com/prisma-finances-11-6-million-exploit-leads-to-asset-value-plummet-mkusd-stablecoin-instability/","type":"other","url":""},{"credibility":3,"name":"https://www.cypherhunter.com/en/p/prisma-finance/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://hackmd.io/@PrismaRisk/PostMortem0328","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/prisma-finance-incident-analysis","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/prismafi-rekt","type":"other","url":""},{"credibility":3,"name":"https://immunebytes.com/blog/prisma-finance-exploit-march-28-2024-detailed-analysis/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.theblock.co/post/285776/prisma-finance-hacker-defends-exploit-demands-public-apology","type":"other","url":""},{"credibility":3,"name":"https://cryptobriefing.com/prisma-finance-hacker-apology-demand/","type":"other","url":""},{"credibility":3,"name":"https://cryptopotato.com/prisma-finance-hacker-claims-whitehat-rescue-after-11-6-million-exploit/","type":"other","url":""},{"credibility":3,"name":"https://coingape.com/prisma-finance-hacker-moves-funds-to-tornado-cash/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cryptoslate.com/prisma-finances-11-6-million-exploit-leads-to-asset-value-plummet-mkusd-stablecoin-instability/","type":"other","url":""},{"credibility":3,"name":"https://cryptodaily.co.uk/news-in-crypto/thecryptotimes:prisma-finances-540k-still-at-risk-hacker-demands-apology","type":"other","url":""},{"credibility":3,"name":"https://thedefiant.io/news/defi/prisma-finance-suffers-usd12-million-exploit","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.cryptotimes.io/2024/04/05/prisma-finance-plans-to-safely-restart-the-protocol-post-hack/","type":"other","url":""},{"credibility":3,"name":"https://cryptonews.com/news/prisma-finance-gains-strong-community-support-for-protocol-restart-with-dao-approval/","type":"other","url":""},{"credibility":3,"name":"https://wavey.info/posts/2025/decomissioning-prisma-finance/","type":"other","url":""},{"credibility":3,"name":"https://gov.prismafinance.com/t/pip-035-a-path-forward-after-the-security-incident/157","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://gov.prismafinance.com/t/pip-46-shutdown-prisma-finance-introduce-resupply/232","type":"other","url":""},{"credibility":3,"name":"https://mirror.xyz/0x521CB9b35514E9c8a8a929C890bf1489F63B2C84/cAkCxXs0wF0feUz29E6CvF_7v3b9ghSLgf7_EkDfmn0","type":"other","url":""},{"credibility":3,"name":"https://wavey.info/posts/2025/decomissioning-prisma-finance/","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/prisma-finance-protocol-restart-dao-vote","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://github.com/prisma-fi/audits","type":"other","url":""},{"credibility":3,"name":"https://docs.prismafinance.com/external-audits-and-security/audits","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/prisma-finance-incident-analysis","type":"other","url":""},{"credibility":3,"name":"https://hackmd.io/@PrismaRisk/PostMortem0328","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cryptobriefing.com/prisma-finance-hacker-apology-demand/","type":"other","url":""},{"credibility":3,"name":"https://wavey.info/posts/2025/decomissioning-prisma-finance/","type":"other","url":""},{"credibility":3,"name":"https://www.cypherhunter.com/en/p/prisma-finance/","type":"other","url":""}]}],"sources_used":[],"summary":"Prisma Finance was an Ethereum-based collateralized debt position (CDP) protocol that issued stablecoins (mkUSD and ULTRA) backed by liquid staking and restaking tokens (LRTs/LSTs). On March 28, 2024, a critical input validation flaw in the MigrateTroveZap contract was exploited via flash loan, resulting in the theft of approximately 3,479 ETH (~$12 million) from user vaults. Following the exploit, the core team effectively abandoned the protocol, which was subsequently shut down via DAO governance (PIP-46) and succeeded by Resupply Finance.","timeline":[{"date":"2023-01-01","event":"Prisma Finance launched on Ethereum mainnet as an LRT/LST-backed CDP stablecoin protocol, issuing mkUSD and ULTRA.","source":""},{"date":"2024-03-01","event":"Prisma Finance announced a system upgrade requiring users to migrate Trove positions to new TroveManager contracts; MigrateTroveZap contract deployed.","source":""},{"date":"2024-03-28","event":"At approximately 11:25 UTC, the primary attacker exploited a critical input validation flaw in the MigrateTroveZap contract using a flash loan, stealing approximately 3,479 ETH (~$12 million) from 25 victim wallets across three exploiter addresses.","source":""},{"date":"2024-03-28","event":"At 12:51 UTC, Prisma Finance's emergency multisig paused the protocol. TVL dropped ~40% from $236 million to $143 million. PRISMA token fell over 25%.","source":""},{"date":"2024-03-28","event":"The primary attacker posted an on-chain message claiming 'this is a white hat rescue' and requested contact information to arrange a refund.","source":""},{"date":"2024-03-28","event":"Prisma Finance directed the attacker to negotiations@prismafinance.com via on-chain message.","source":""},{"date":"2024-03-29","event":"The attacker publicly demanded a live public apology from the development team and insisted developers reveal their real identities as conditions for fund return discussions.","source":""},{"date":"2024-03-29","event":"Blockchain security firm Cyvers observed the attacker beginning to swap stolen funds to ETH; PeckShield reported approximately 200 ETH transferred to OFAC-sanctioned mixer Tornado Cash.","source":""},{"date":"2024-03-29","event":"A further 740 ETH reportedly transferred to a Tornado Cash-associated address, bringing total funds sent to mixers to over $2.5 million.","source":""},{"date":"2024-04-03","event":"Core contributor Frank Olson published a proposal (later PIP-035) to safely restart the Prisma protocol, including re-enabling LST/LRT deposits and stablecoin borrowing.","source":""},{"date":"2024-04-05","event":"The DAO voted 100% in favor of the protocol restart proposal.","source":""},{"date":"2024-04-07","event":"Prisma Finance announced resumption of operations with limited functionality restored.","source":""},{"date":"2024-12-01","event":"Resupply Finance launched as the successor protocol, issuing reUSD backed by crvUSD and frxUSD, with RSUP as its governance token.","source":""},{"date":"2025-01-02","event":"New PRISMA token emissions ceased. DAO proposal PIP-46 formally confirmed the shutdown of Prisma Finance and transition to Resupply Finance.","source":""},{"date":"2025-01-01","event":"Decommissioning of Prisma Finance completed by the Resupply team; less than $80,000 in debt remained, with mkUSD backed 1:1 by crvUSD via Peg Stability Modules.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 1e69ddd9-a7a7-4397-9bb3-655cca87b52e
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.