Audit log

Every state-changing event for Punk Protocol: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-27 18:18:17Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 422,555,116

   sig

   5qh7yidBHzAv…qgXhwf6ecopyexplorer ↗

   hash

   7uWx2DEDHSLu…6tpi5x6Wcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (5125 B) ▸

   {"actor":"system:backfill","investigation_id":"8d7e5098-e311-4bbb-803b-61cc218d4811","kind":"publish","page_slug":"punk-protocol","published_at":"2026-05-27T18:18:17.236Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Punk Protocol","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/punkprotocol/introducing-punk-protocol-fair-launch-be46ccbc8700","type":"other","url":""},{"credibility":3,"name":"https://defiprime.com/punk-protocol","type":"other","url":""},{"credibility":3,"name":"https://medium.com/punkprotocol/punk-protocol-ama-recap-with-tehmoonwalker-ee360e72a2d6","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/punkprotocol-rekt","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-punk-protocol-hack-august-2021","type":"other","url":""},{"credibility":3,"name":"https://medium.com/punkprotocol/punk-finance-fair-launch-incident-report-984d9e340eb","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/punkprotocolreinitialized.php","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/punkprotocol/punk-compensation-plan-and-the-path-forward-c86b6143c01e","type":"other","url":""},{"credibility":3,"name":"https://medium.com/punkprotocol/punk-finance-fair-launch-incident-report-984d9e340eb","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/hackfraudscam/punkprotocolreinitialized.php","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-punk-protocol-hack-august-2021","type":"other","url":""},{"credibility":3,"name":"https://docs.punk.finance/security/contract-audit","type":"other","url":""},{"credibility":3,"name":"https://medium.com/punkprotocol/punk-compensation-plan-and-the-path-forward-c86b6143c01e","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://coinmarketcap.com/currencies/punk-protocol/","type":"other","url":""},{"credibility":3,"name":"https://www.binance.com/en/price/punk-protocol","type":"other","url":""},{"credibility":3,"name":"https://github.com/PunkFinance/punk.protocol","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-punk-protocol-hack-august-2021","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/punkprotocol-rekt","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/punkprotocol-rekt","type":"other","url":""}]}],"sources_used":[],"summary":"Punk Protocol was an Ethereum-based DeFi project that positioned itself as a decentralized annuity and pension service. On August 10, 2021, it suffered a critical smart contract exploit due to a missing access-control modifier in its CompoundModel contract, resulting in approximately $8.95 million in stablecoin losses; roughly $5 million was partially recovered via a white-hat frontrunner who retained a $1 million bounty. The project launched without a security audit, has published no meaningful updates since late 2021, and its PUNK token currently trades at effectively zero volume, indicating the project is dormant or abandoned.","timeline":[{"date":"2021-06-01","event":"Punk Protocol announces fair launch; team led by pseudonymous contributors 0xJohnny and 0xMateo; contracts described as pending audit","source":""},{"date":"2021-08-10","event":"Smart contract exploit occurs; attacker uses delegateCall to exploit unprotected initialize() function in CompoundModel, draining approximately $8.95 million in USDC, USDT, and DAI","source":""},{"date":"2021-08-10","event":"White-hat frontrunner bot intercepts approximately $6 million of the drain before the attacker can secure it; stolen USDC routed through 1inch and Tornado Cash","source":""},{"date":"2021-08-11","event":"Punk Protocol publishes incident report; suspends deposits and withdrawals; commits to unconditional compensation of all affected users","source":""},{"date":"2021-08-13","event":"White-hat actor returns approximately $4,954,250 in USDT and DAI after retaining approximately $1 million DAI as a finder's fee","source":""},{"date":"2021-09-01","event":"Punk Protocol publishes compensation plan; issues 4,041,504 peUSD tokens to affected users; freezes 3,150,000 PUNK contributor tokens pending full recovery; announces NFT drop and protocol revenue as funding mechanisms","source":""},{"date":"2022-01-01","event":"Last known substantive public communications from Punk Protocol; Medium blog activity ceases","source":""},{"date":"2026-05-27","event":"PUNK token reports $0 price and zero trading volume; project appears dormant; Recovery Fund completion status unconfirmed","source":""}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 3d46ab6a-fb7e-4bc4-9174-0e774273e105copy