← Raydium Protocol7 decisions on this page
Audit log
Every state-changing event for Raydium Protocol: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.
- #1publishby system:backfill2026-06-01 17:49:01ZScore: ? → ? (no score change)anchoranchored
- chain
- ●mainnet-betaslot 423,640,416
- sig
2NwXqZ8FqkSX…yqCvBAmJexplorer ↗- hash
7H4WHJrkyGkq…ox6kHNx8sha256 → base58
verifying row…full verify ↗canonical bytes (20048 B) ▸
{"actor":"system:backfill","investigation_id":"ef74b3d0-4fed-4f79-a9d6-19255b26afae","kind":"publish","page_slug":"raydium","published_at":"2026-06-01T17:49:01.750Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Raydium Protocol","sections":[{"content":"Raydium launched in February 2021 as the first automated market maker on Solana, integrating with the Serum central limit order book to route liquidity. As of Q3 2025, the protocol held approximately $2.5 billion in total value locked (TVL), representing a 35% quarter-over-quarter increase from $1.8 billion at the start of July 2025 and confirming its position as the largest liquidity hub on Solana. The protocol supports token swaps, liquidity provision, staking, and a memecoin launchpad (LaunchLab, launched April 2025). In Q1 2026, Raydium reported net revenue of $5.79 million. The RAY governance and fee-sharing token trades at approximately $0.72 USD as of mid-2026, with a market capitalization near $192 million.","heading":"Protocol Overview","severity":"low","sources":[{"credibility":2,"name":"Raydium Token Holder Report Q3 2025 — Blockworks","type":"news_article","url":"https://blockworks.com/news/raydium-token-holder-report"},{"credibility":2,"name":"Raydium TVL, Fees, Revenue & Volume — DefiLlama","type":"on_chain","url":"https://defillama.com/protocol/raydium"},{"credibility":2,"name":"Raydium Price Today — CoinGecko","type":"other","url":"https://www.coingecko.com/en/coins/raydium"}]},{"content":"On December 16, 2022, at approximately 10:12 UTC, an attacker gained unauthorized access to Raydium's privileged Pool Owner (Admin) account (address HggGrUeg4ReGvpPMLJMFKV69NTXL1r4wQ9Pk9Ljutwyv). Raydium's post-mortem states the compromise is suspected to have occurred via remote access to the virtual machine or internal server on which the key was deployed, with a trojan program identified as the likely vector. Using control of the admin key, the attacker invoked the withdrawPNL instruction after first manipulating pool state via SetParams with the AmmParams::SyncNeedTake parameter. This inflated the recorded fee balances (need_take_pc and need_take_coin) without any corresponding trading activity, allowing the attacker to repeatedly withdraw funds disguised as protocol fees across approximately 1,000 transactions. Eight constant product liquidity pools were affected; concentrated liquidity pools and the RAY staking program were not compromised. Total losses were confirmed by Raydium at approximately $4.4 million, spanning SOL, USDC, USDT, RAY, wSOL, stSOL, whETH, and other tokens. The RAY token price fell roughly 8% and total value locked dropped approximately 27% in the immediate aftermath.","heading":"December 2022 Admin Key Compromise and Exploit","severity":"critical","sources":[{"credibility":1,"name":"Raydium Detailed Post-Mortem and Next Steps — Raydium Medium","type":"official","url":"https://raydium.medium.com/detailed-post-mortem-and-next-steps-d6d6dd461c3e"},{"credibility":2,"name":"Raydium Protocol Exploit Incident Analysis — CertiK","type":"research","url":"https://www.certik.com/resources/blog/raydium-protocol-exploit-incident-analysis"},{"credibility":2,"name":"Raydium Protocol — Hacker Gains God Mode Access to Steal ~$4.4M — HackMD","type":"research","url":"https://hackmd.io/@prastut/BkbKKIll2"},{"credibility":3,"name":"Dec 2022 — Raydium Private Key Compromised — Quadriga Initiative","type":"community_report","url":"https://quadrigainitiative.com/casestudy/raydiumprivatekeycompromised.php"}]},{"content":"Following the exploit, the attacker bridged a significant portion of the stolen assets from Solana to Ethereum, converting them to ETH. On approximately January 19, 2023, roughly 1,774.5 ETH (valued at approximately $2.7 million at the time) was deposited into the Tornado Cash mixing service, substantially hindering on-chain traceability. Approximately 100,000 SOL (worth approximately $1.4 million) remained in the attacker's Solana address as of reporting. Raydium offered a 10% bounty in exchange for the return of funds, but no public record of the attacker responding to or accepting this offer has been identified.","heading":"Attacker Fund Movements","severity":"high","sources":[{"credibility":1,"name":"Raydium Hacker Funnels $2.7 Million Through Tornado Cash — The Block","type":"news_article","url":"https://www.theblock.co/post/203732/raydium-hacker-funnels-2-7-million-through-tornado-cash-mixer"},{"credibility":2,"name":"Raydium Attacker Moves $2.7 Million Stolen ETH to Tornado Cash — CryptoNews","type":"news_article","url":"https://cryptonews.net/news/security/19501485/"}]},{"content":"Within approximately four hours of the exploit beginning, at 14:16 UTC on December 16, 2022, Raydium deployed a hot patch that revoked the authority of the compromised admin account and transferred control to a new account held on a hardware wallet, preventing any further unauthorized pool withdrawals. On December 17, 2022, the team upgraded the AMM V4 program via multisig to remove the dangerous admin parameters that had been exploited, specifically the SyncNeedTake and SetLpSupply parameters. Raydium subsequently disclosed the attack on its public channels and provided a detailed post-mortem on its Medium account describing the technical mechanism.","heading":"Incident Response and Immediate Remediation","severity":"medium","sources":[{"credibility":1,"name":"Raydium Detailed Post-Mortem and Next Steps — Raydium Medium","type":"official","url":"https://raydium.medium.com/detailed-post-mortem-and-next-steps-d6d6dd461c3e"},{"credibility":2,"name":"Solana DEX Raydium Shares Next Steps After $4.4M Exploit — Unchained Crypto","type":"news_article","url":"https://unchainedcrypto.com/solana-dex-raydium-shares-next-steps-after-4-4m-exploit/"}]},{"content":"On December 21, 2022, Raydium developers published a forum post proposing victim compensation and solicited community input. The community voted in favor of the plan, and Raydium announced a two-phase distribution structure. Phase 1 targeted individual liquidity providers and opened via a Claim Portal on January 5, 2023. For RAY-USDC, RAY-SOL, and RAY-USDT pools, affected LPs received 100% of lost principal. For SOL-USDC, SOL-USDT, stSOL-USDC, and whETH-USDC pools, LPs received 90% of principal plus RAY tokens at a 1:1.2 ratio to cover the remaining 10%. Phase 2 addressed third-party protocols, including Francium and Tulip positions. The RAY token valuation used for compensation was set at the 30-day time-weighted average price (TWAP) from CoinMarketCap for December 6, 2022 to January 3, 2023, at $0.1813. Compensation funds were sourced from vested team-held RAY tokens. The Claim Portal was extended multiple times, with a final deadline of May 14, 2023.","heading":"Victim Compensation Plan","severity":"medium","sources":[{"credibility":1,"name":"Compensation Plan and Next Steps — Raydium Medium","type":"official","url":"https://raydium.medium.com/compensation-plan-and-next-steps-367246a62277"},{"credibility":1,"name":"Raydium Announces Details of Hack, Proposes Compensation for Victims — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/raydium-announces-details-of-hack-proposes-compensation-for-victims"},{"credibility":1,"name":"Claim Portal Archive — Raydium Docs","type":"official","url":"https://docs.raydium.io/raydium/updates/archive/claim-portal"},{"credibility":1,"name":"Transparency on Exploit Compensation Funds — Raydium Docs","type":"official","url":"https://docs.raydium.io/raydium/updates/archive/transparency-on-exploit-compensation-funds"}]},{"content":"Following the exploit, Raydium implemented a series of structural security upgrades. All program upgrade and admin authority was placed under a Squads multisig governance structure, requiring multiple signers for any privileged on-chain action. Raydium subsequently updated to Squads V4, adding a 24-hour timelock on program upgrades and enforcing additional safeguards including air-gapped machines, time-based one-time passwords (TOTP), physical security keys, and local transaction simulation before signing. The dangerous admin parameters exploited in the attack (SyncNeedTake, SetLpSupply) were removed from the AMM V4 program entirely. Third-party security audits were conducted by OtterSec across multiple programs in 2022–2023, including a December 2022 AMM V3 audit, a November 2022 AMM V4 audit, and a June 2022 staking program audit. Additional audits by Mad Shield were conducted in June 2023 and March 2024. A bug bounty program is also maintained.","heading":"Post-Exploit Security Improvements","severity":"low","sources":[{"credibility":1,"name":"Raydium Protocol Security — Raydium Docs","type":"official","url":"https://docs.raydium.io/raydium/protocol/security"},{"credibility":2,"name":"Raydium AMM V3 Audit — OtterSec","type":"research","url":"https://resources.cryptocompare.com/asset-management/223/1754648634232.pdf"},{"credibility":1,"name":"Bug Bounty Program — Raydium Docs","type":"official","url":"https://docs.raydium.io/raydium/protocol/bug-bounty-program"}]},{"content":"Raydium was founded by three pseudonymous individuals using the handles AlphaRay (strategy and operations), XRay (technology and infrastructure), and GammaRay (marketing and communications). None of the founders have disclosed their legal identities publicly. The founding team described having backgrounds in algorithmic and high-frequency trading in both traditional and cryptocurrency markets prior to launching the protocol. A pseudonymous or anonymous founding team is generally considered a risk signal in the context of protocol accountability, as it limits the ability to assign legal or reputational responsibility in the event of future incidents. Governance involves the RAY token and community forum discussions, with program upgrades subject to multisig approval.","heading":"Pseudonymous Team and Governance","severity":"medium","sources":[{"credibility":2,"name":"AlphaRay — IQ.wiki","type":"other","url":"https://iq.wiki/wiki/alpharay"},{"credibility":2,"name":"What Is Raydium (RAY)? — BeInCrypto","type":"news_article","url":"https://beincrypto.com/learn/raydium-ray/"},{"credibility":2,"name":"DeFi Project Spotlight: Raydium — Crypto Briefing","type":"news_article","url":"https://cryptobriefing.com/defi-project-spotlight-raydium-solanas-top-automated-market-maker/"}]},{"content":"In March 2025, Pump.fun — previously a significant source of trading volume routed through Raydium — launched its own decentralized exchange, PumpSwap, in direct competition with Raydium. By the end of 2024, nearly half of Raydium's approximately $154 million in annual revenue was attributable to Pump.fun-generated activity. Raydium responded in April 2025 by launching LaunchLab, its own memecoin token launchpad designed to compete with Pump.fun's core business. LaunchLab generated $12.7 million in Q3 2025, rising to 53% of total protocol revenue. Raydium also restricts access from users in the United States, United Kingdom, and 18 other jurisdictions. The protocol's market share within Solana's DEX ecosystem has fluctuated amid intensifying competition, contracting from 23.5% to 10.5% within Q3 2025 as new entrants emerged.","heading":"Competitive Landscape and Ongoing Risks","severity":"medium","sources":[{"credibility":1,"name":"Pump.fun Launches Own DEX, Dropping Raydium — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/pump-fun-launches-own-dex-dropping-raydium"},{"credibility":2,"name":"Raydium's Share of Memecoin Volume Surges in Q1 but Pump.fun's DEX Poses Risk — Crypto.news","type":"news_article","url":"https://crypto.news/raydiums-share-of-memecoin-volume-surges-in-q1-but-pump-funs-dex-poses-risk/"},{"credibility":2,"name":"Raydium Token Holder Report Q3 2025 — Blockworks","type":"news_article","url":"https://blockworks.com/news/raydium-token-holder-report"}]}],"sources_used":[{"name":"Raydium Detailed Post-Mortem and Next Steps — Raydium Medium","type":"official","url":"https://raydium.medium.com/detailed-post-mortem-and-next-steps-d6d6dd461c3e"},{"name":"Compensation Plan and Next Steps — Raydium Medium","type":"official","url":"https://raydium.medium.com/compensation-plan-and-next-steps-367246a62277"},{"name":"Raydium Protocol Exploit Incident Analysis — CertiK","type":"research","url":"https://www.certik.com/resources/blog/raydium-protocol-exploit-incident-analysis"},{"name":"Raydium Hacker Funnels $2.7 Million Through Tornado Cash — The Block","type":"news_article","url":"https://www.theblock.co/post/203732/raydium-hacker-funnels-2-7-million-through-tornado-cash-mixer"},{"name":"Raydium Announces Details of Hack, Proposes Compensation for Victims — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/raydium-announces-details-of-hack-proposes-compensation-for-victims"},{"name":"Solana DEX Raydium Shares Next Steps After $4.4M Exploit — Unchained Crypto","type":"news_article","url":"https://unchainedcrypto.com/solana-dex-raydium-shares-next-steps-after-4-4m-exploit/"},{"name":"Raydium Protocol — Hacker Gains God Mode Access — HackMD","type":"research","url":"https://hackmd.io/@prastut/BkbKKIll2"},{"name":"Raydium Token Holder Report Q3 2025 — Blockworks","type":"news_article","url":"https://blockworks.com/news/raydium-token-holder-report"},{"name":"Pump.fun Launches Own DEX, Dropping Raydium — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/pump-fun-launches-own-dex-dropping-raydium"},{"name":"Raydium TVL, Fees, Revenue & Volume — DefiLlama","type":"on_chain","url":"https://defillama.com/protocol/raydium"},{"name":"Claim Portal Archive — Raydium Docs","type":"official","url":"https://docs.raydium.io/raydium/updates/archive/claim-portal"},{"name":"Transparency on Exploit Compensation Funds — Raydium Docs","type":"official","url":"https://docs.raydium.io/raydium/updates/archive/transparency-on-exploit-compensation-funds"},{"name":"Raydium Protocol Security — Raydium Docs","type":"official","url":"https://docs.raydium.io/raydium/protocol/security"},{"name":"AlphaRay — IQ.wiki","type":"other","url":"https://iq.wiki/wiki/alpharay"},{"name":"Raydium — CertiK Skynet Project Insight","type":"research","url":"https://skynet.certik.com/projects/raydium"},{"name":"Raydium Price Today — CoinGecko","type":"other","url":"https://www.coingecko.com/en/coins/raydium"},{"name":"Raydium Fires Back at Pump.fun With LaunchLab — DeFi Planet","type":"news_article","url":"https://defi-planet.com/2025/04/raydium-fires-back-at-pump-fun-with-launch-of-memecoin-protocol-launchlab/"}],"summary":"Raydium is an automated market maker (AMM) and decentralized exchange built on the Solana blockchain, launched in February 2021 and widely regarded as Solana's primary liquidity hub. On December 16, 2022, the protocol suffered a major security incident in which an attacker compromised an admin private key — suspected to be via a trojan on a team virtual machine — and drained approximately $4.4 million from eight constant product liquidity pools. Raydium responded with a patched program, a community-approved compensation plan funded by team-held RAY tokens, and has since migrated authority to a Squads multisig with hardware wallet and timelock protections.","timeline":[{"date":"2021-02-01","event":"Raydium Protocol launches on Solana as the first AMM integrated with the Serum order book.","source":"Raydium / BeInCrypto","source_url":"https://beincrypto.com/learn/raydium-ray/"},{"date":"2022-06-01","event":"OtterSec conducts a security audit of the Raydium staking program.","source":"OtterSec / Raydium Docs","source_url":"https://docs.raydium.io/raydium/protocol/security"},{"date":"2022-11-01","event":"OtterSec conducts a security audit of the Raydium AMM V4 program.","source":"OtterSec / Raydium Docs","source_url":"https://docs.raydium.io/raydium/protocol/security"},{"date":"2022-12-01","event":"OtterSec conducts a security audit of the Raydium AMM V3 (concentrated liquidity) program.","source":"OtterSec audit report","source_url":"https://resources.cryptocompare.com/asset-management/223/1754648634232.pdf"},{"date":"2022-12-16","event":"Admin key compromise: attacker uses trojan-obtained private key to drain approximately $4.4 million from eight constant product liquidity pools via the withdrawPNL instruction. RAY token drops ~8%; TVL falls ~27%.","source":"Raydium Post-Mortem (Medium)","source_url":"https://raydium.medium.com/detailed-post-mortem-and-next-steps-d6d6dd461c3e"},{"date":"2022-12-16","event":"Raydium deploys hot patch at 14:16 UTC, revoking compromised account authority and transferring control to a hardware wallet.","source":"Raydium Post-Mortem (Medium)","source_url":"https://raydium.medium.com/detailed-post-mortem-and-next-steps-d6d6dd461c3e"},{"date":"2022-12-17","event":"Raydium upgrades the AMM V4 program via multisig, removing the SyncNeedTake and SetLpSupply admin parameters that were exploited.","source":"Raydium Post-Mortem (Medium)","source_url":"https://raydium.medium.com/detailed-post-mortem-and-next-steps-d6d6dd461c3e"},{"date":"2022-12-21","event":"Raydium publishes community forum post proposing a compensation plan for affected liquidity providers, funded by team-held RAY tokens.","source":"CoinTelegraph","source_url":"https://cointelegraph.com/news/raydium-announces-details-of-hack-proposes-compensation-for-victims"},{"date":"2022-12-30","event":"DAO proposal for victim compensation passes community vote.","source":"CertiK Incident Analysis","source_url":"https://www.certik.com/resources/blog/raydium-protocol-exploit-incident-analysis"},{"date":"2023-01-04","event":"Raydium announces final compensation plan details including phase structure and RAY TWAP valuation of $0.1813.","source":"Raydium Medium (Compensation Plan)","source_url":"https://raydium.medium.com/compensation-plan-and-next-steps-367246a62277"},{"date":"2023-01-05","event":"Phase 1 Claim Portal opens for individual LP positions.","source":"Raydium Docs — Claim Portal Archive","source_url":"https://docs.raydium.io/raydium/updates/archive/claim-portal"},{"date":"2023-01-19","event":"Attacker deposits approximately 1,774.5 ETH (~$2.7 million) into Tornado Cash mixer, obscuring on-chain traceability of stolen funds.","source":"The Block","source_url":"https://www.theblock.co/post/203732/raydium-hacker-funnels-2-7-million-through-tornado-cash-mixer"},{"date":"2023-05-14","event":"Raydium Claim Portal closes; unclaimed compensation funds return to the Raydium Treasury.","source":"Raydium Docs — Claim Portal Archive","source_url":"https://docs.raydium.io/raydium/updates/archive/claim-portal"},{"date":"2023-06-01","event":"Mad Shield conducts security audit of Raydium AMM program.","source":"Raydium Docs — Security","source_url":"https://docs.raydium.io/raydium/protocol/security"},{"date":"2024-03-01","event":"Mad Shield conducts security audit of Raydium Constant Product AMM program.","source":"Raydium Docs — Security","source_url":"https://docs.raydium.io/raydium/protocol/security"},{"date":"2025-03-01","event":"Pump.fun launches PumpSwap, a competing DEX on Solana, severing its routing relationship with Raydium and threatening a major share of Raydium's revenue.","source":"CoinTelegraph","source_url":"https://cointelegraph.com/news/pump-fun-launches-own-dex-dropping-raydium"},{"date":"2025-04-01","event":"Raydium launches LaunchLab, a competing memecoin launchpad, in response to PumpSwap.","source":"DeFi Planet","source_url":"https://defi-planet.com/2025/04/raydium-fires-back-at-pump-fun-with-launch-of-memecoin-protocol-launchlab/"},{"date":"2025-09-30","event":"Raydium reports $2.5 billion TVL at end of Q3 2025, up 35% quarter-over-quarter. LaunchLab accounts for 53% of total revenue at $12.7 million for the quarter.","source":"Blockworks — Raydium Token Holder Report Q3 2025","source_url":"https://blockworks.com/news/raydium-token-holder-report"}]},"v":1}Verify offline (run on your own machine)python -m src.verify_decision 087c7185-8479-4501-86f0-8857d90c7b26 - #2reviewby reviewerreviewer2026-06-04 04:13:47ZScore: 62 → 62 (no score change)The Raydium investigation page is substantially accurate. Core claims about the December 2022 exploit — attack time, method, admin account address, exploit mechanism, loss amount, response timeline, and compensation plan details — are all confirmed by primary sources. Key partially-supported issues include: the 'nearly half' Pump.fun revenue attribution overstates the full-year 2024 figure (which was approximately 36%); the UK geo-restriction is not clearly confirmed for the main protocol interface; and the CertiK source reports $5.5M stolen versus the page's official $4.4M figure. Two cited URLs are confirmed dead (CoinTelegraph compensation article at docs.raydium.io/claim-portal; Raydium Docs security page), though their substantive claims are confirmed by other sources.anchoranchored
- chain
- ●mainnet-betaslot 424,169,112
- sig
3VWYYzdrjLvW…GBUqz9hEexplorer ↗- hash
HRodbF2oviPB…BUmQgx1Csha256 → base58
verifying row…full verify ↗canonical bytes (1127 B) ▸
{"actor":"reviewer","decided_at":"2026-06-04T04:13:47.885Z","decision":"review","investigation_id":"ef74b3d0-4fed-4f79-a9d6-19255b26afae","new_score":62,"page_slug":"raydium","prev_score":62,"reason":"The Raydium investigation page is substantially accurate. Core claims about the December 2022 exploit — attack time, method, admin account address, exploit mechanism, loss amount, response timeline, and compensation plan details — are all confirmed by primary sources. Key partially-supported issues include: the 'nearly half' Pump.fun revenue attribution overstates the full-year 2024 figure (which was approximately 36%); the UK geo-restriction is not clearly confirmed for the main protocol interface; and the CertiK source reports $5.5M stolen versus the page's official $4.4M figure. Two cited URLs are confirmed dead (CoinTelegraph compensation article at docs.raydium.io/claim-portal; Raydium Docs security page), though their substantive claims are confirmed by other sources.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}Verify offline (run on your own machine)python -m src.verify_decision 4a373559-546b-4943-b2b2-9b109e4d2cd5 - #3review reviseby judgejudge2026-06-04 04:13:48ZScore: 62 → 55 (-7)The reviewer assessed 31 claims with 24 confirmed and 5 partially supported, yielding a 16.1% disputed rate that falls in the minor-issues band. All critical claims covering the December 2022 exploit mechanism, compensation plan structure, and remediation timeline are confirmed by primary sources. The partially-supported findings are limited to peripheral characterizations: claim_findings[27] overstates Pump.fun's 2024 revenue share as 'nearly half' when the full-year figure was approximately 36%; claim_findings[30] includes the UK among restricted jurisdictions without confirmation for the main protocol interface; claim_findings[3] and [10] reflect stale live-price data and an unverified TVL drop percentage. Two cited official documentation URLs are confirmed dead (docs.raydium.io claim portal and security pages), though their substance is corroborated by other live sources. No findings were outright disputed. Revisions should correct the Pump.fun revenue attribution, remove or qualify the UK geo-restriction claim, and replace or annotate the dead documentation links.anchoranchored
- chain
- ●mainnet-betaslot 424,169,115
- sig
42KvTLpULSgT…bxT4yrUQexplorer ↗- hash
CmtuAAJJ1uZQ…QBGJLGETsha256 → base58
verifying row…full verify ↗canonical bytes (1433 B) ▸
{"actor":"judge","decided_at":"2026-06-04T04:13:47.885Z","decision":"review_revise","investigation_id":"ef74b3d0-4fed-4f79-a9d6-19255b26afae","new_score":55,"page_slug":"raydium","prev_score":62,"reason":"The reviewer assessed 31 claims with 24 confirmed and 5 partially supported, yielding a 16.1% disputed rate that falls in the minor-issues band. All critical claims covering the December 2022 exploit mechanism, compensation plan structure, and remediation timeline are confirmed by primary sources. The partially-supported findings are limited to peripheral characterizations: claim_findings[27] overstates Pump.fun's 2024 revenue share as 'nearly half' when the full-year figure was approximately 36%; claim_findings[30] includes the UK among restricted jurisdictions without confirmation for the main protocol interface; claim_findings[3] and [10] reflect stale live-price data and an unverified TVL drop percentage. Two cited official documentation URLs are confirmed dead (docs.raydium.io claim portal and security pages), though their substance is corroborated by other live sources. No findings were outright disputed. Revisions should correct the Pump.fun revenue attribution, remove or qualify the UK geo-restriction claim, and replace or annotate the dead documentation links.","score_delta":-7,"sequence_num":3,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}Verify offline (run on your own machine)python -m src.verify_decision d7255e3a-4068-4dba-8641-1b05d59b4c4f - #4reviewby reviewerreviewer2026-06-08 21:13:58ZScore: 55 → 55 (no score change)The Raydium investigation page is well-sourced and substantially accurate on core claims about the December 2022 exploit, compensation plan, and protocol history. The most significant factual issue is the Q3 2025 market share contraction claim (23.5% to 10.5%), which is contradicted by multiple sources showing a net quarterly increase. Secondary concerns include: the UK being incorrectly listed as a restricted jurisdiction, RAY price and market cap figures that are ~20% above current June 2026 market data, and the 'nearly half' characterization of Pump.fun's revenue contribution (actual figure is 36–41%). The $4.4M loss figure is Raydium's own self-reported number; third-party analyses cite $5.5M, a discrepancy the page does not acknowledge. Two key cited URLs (Raydium Docs security page and claim-portal archive) returned 404 during this review.anchoranchored
- chain
- ●mainnet-betaslot 425,189,973
- sig
2iicXccwAm8b…VbRgJmw7explorer ↗- hash
2bpyFpK8g5hW…Ym7qhKFxsha256 → base58
verifying row…full verify ↗canonical bytes (1200 B) ▸
{"actor":"reviewer","decided_at":"2026-06-08T21:13:58.147Z","decision":"review","investigation_id":"ef74b3d0-4fed-4f79-a9d6-19255b26afae","new_score":55,"page_slug":"raydium","prev_score":55,"reason":"The Raydium investigation page is well-sourced and substantially accurate on core claims about the December 2022 exploit, compensation plan, and protocol history. The most significant factual issue is the Q3 2025 market share contraction claim (23.5% to 10.5%), which is contradicted by multiple sources showing a net quarterly increase. Secondary concerns include: the UK being incorrectly listed as a restricted jurisdiction, RAY price and market cap figures that are ~20% above current June 2026 market data, and the 'nearly half' characterization of Pump.fun's revenue contribution (actual figure is 36–41%). The $4.4M loss figure is Raydium's own self-reported number; third-party analyses cite $5.5M, a discrepancy the page does not acknowledge. Two key cited URLs (Raydium Docs security page and claim-portal archive) returned 404 during this review.","score_delta":0,"sequence_num":4,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}Verify offline (run on your own machine)python -m src.verify_decision 9af8c719-3e84-4aab-855c-bc766f5fbcc8 - #5review reviseby judgejudge2026-06-08 21:13:58ZScore: 55 → 47 (-8)The page is well-sourced on core historical claims — the December 2022 exploit mechanics, compensation plan, and incident response are confirmed across Tier 1 and Tier 2 sources. However, four factual issues require correction before the page can be approved. First, claim_findings[32] (market share contraction from 23.5% to 10.5% in Q3 2025) is directly disputed by two independent sources that show a net quarterly increase rather than a contraction — this is the most significant error. Second, claim_findings[3] (RAY price ~$0.72, market cap ~$192M) is stale by approximately 20% relative to June 2026 market data. Third, claim_findings[30] incorrectly identifies the United Kingdom as a restricted jurisdiction when Raydium's official disclaimer does not list it. Fourth, claim_findings[26] overstates Pump.fun's revenue contribution as 'nearly half' when independent sources place it at 36-41%. A minor unacknowledged discrepancy between Raydium's self-reported $4.4M loss (claim_findings[8]) and third-party estimates of $5.5M also warrants a disclosure note. All corrections are factual updates to existing content; the underlying page structure and sourcing quality remain strong.anchoranchored
- chain
- ●mainnet-betaslot 425,189,976
- sig
4WLZGeFcNVRY…6WYx33XKexplorer ↗- hash
4wfsvZdTjaWT…42Liqoazsha256 → base58
verifying row…full verify ↗canonical bytes (1538 B) ▸
{"actor":"judge","decided_at":"2026-06-08T21:13:58.147Z","decision":"review_revise","investigation_id":"ef74b3d0-4fed-4f79-a9d6-19255b26afae","new_score":47,"page_slug":"raydium","prev_score":55,"reason":"The page is well-sourced on core historical claims — the December 2022 exploit mechanics, compensation plan, and incident response are confirmed across Tier 1 and Tier 2 sources. However, four factual issues require correction before the page can be approved. First, claim_findings[32] (market share contraction from 23.5% to 10.5% in Q3 2025) is directly disputed by two independent sources that show a net quarterly increase rather than a contraction — this is the most significant error. Second, claim_findings[3] (RAY price ~$0.72, market cap ~$192M) is stale by approximately 20% relative to June 2026 market data. Third, claim_findings[30] incorrectly identifies the United Kingdom as a restricted jurisdiction when Raydium's official disclaimer does not list it. Fourth, claim_findings[26] overstates Pump.fun's revenue contribution as 'nearly half' when independent sources place it at 36-41%. A minor unacknowledged discrepancy between Raydium's self-reported $4.4M loss (claim_findings[8]) and third-party estimates of $5.5M also warrants a disclosure note. All corrections are factual updates to existing content; the underlying page structure and sourcing quality remain strong.","score_delta":-8,"sequence_num":5,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}Verify offline (run on your own machine)python -m src.verify_decision d708641d-030e-46cb-8293-dc6bdb4ceeb5 - #6reviewby reviewerreviewer2026-06-14 23:16:12ZScore: 47 → 47 (no score change)Blue-chip calibration review (Prompt A). Verdict: over-penalized. Page content is treated as accurate; the trust_score band is miscalibrated. Raydium is a well-established, operational Solana DEX/AMM — the dominant protocol on its chain by volume — that suffered a single external hack in December 2022 resulting in $4.4M stolen via a compromised admin private key (suspected trojan on a team VM). The incident was not caused by protocol fraud, intentional negligence, or design manipulation: Raydium's own post-mortem notes the intrusion vector was unconfirmed but suspected to be external malware. The team responded rapidly (hotfix in ~4 hours), completed four additional security audits, fully compensated victims via a community DAO vote, and has since grown to $2.5B TVL and $24.3M quarterly revenue as of Q3 2025. Under the band semantics, 20-49 WARNING is reserved for "elevated fraud/loss risk or unresolved severe incident"; neither condition applies here — the incident is fully resolved, no ongoing risk is elevated above baseline DeFi operational risk, and there is no fraud attribution to the entity. A score of 62 and CAUTIONARY band is appropriate, reflecting the legitimate operation with material historical caveats (one significant past hack, pseudonymous team, presence of third-party impersonation scams in the ecosystem) that an informed user should know about, without misclassifying a hack victim as a fraud risk.anchoranchored
- chain
- ●mainnet-betaslot 426,514,745
- sig
4wqRVVnciwfc…5zewfPZ5explorer ↗- hash
FRpk3vasw83L…GK3n5bqdsha256 → base58
verifying row…full verify ↗canonical bytes (1782 B) ▸
{"actor":"reviewer","decided_at":"2026-06-14T23:16:12.062Z","decision":"review","investigation_id":"ef74b3d0-4fed-4f79-a9d6-19255b26afae","new_score":47,"page_slug":"raydium","prev_score":47,"reason":"Blue-chip calibration review (Prompt A). Verdict: over-penalized. Page content is treated as accurate; the trust_score band is miscalibrated. Raydium is a well-established, operational Solana DEX/AMM — the dominant protocol on its chain by volume — that suffered a single external hack in December 2022 resulting in $4.4M stolen via a compromised admin private key (suspected trojan on a team VM). The incident was not caused by protocol fraud, intentional negligence, or design manipulation: Raydium's own post-mortem notes the intrusion vector was unconfirmed but suspected to be external malware. The team responded rapidly (hotfix in ~4 hours), completed four additional security audits, fully compensated victims via a community DAO vote, and has since grown to $2.5B TVL and $24.3M quarterly revenue as of Q3 2025. Under the band semantics, 20-49 WARNING is reserved for \"elevated fraud/loss risk or unresolved severe incident\"; neither condition applies here — the incident is fully resolved, no ongoing risk is elevated above baseline DeFi operational risk, and there is no fraud attribution to the entity. A score of 62 and CAUTIONARY band is appropriate, reflecting the legitimate operation with material historical caveats (one significant past hack, pseudonymous team, presence of third-party impersonation scams in the ecosystem) that an informed user should know about, without misclassifying a hack victim as a fraud risk.","score_delta":0,"sequence_num":6,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}Verify offline (run on your own machine)python -m src.verify_decision 4992c2da-1572-4670-9edf-d9a9e22a5157 - #7review approveby judgejudge2026-06-14 23:16:12ZScore: 47 → 62 (+15)All six claim findings (claim_findings[0]–[5]) are supported with no disputed claims across the review (disputed_pct = 0%). The reviewer's calibration assessment is well-grounded: Raydium suffered a single external admin key compromise in December 2022 (claim_findings[0]), responded within four hours, fully compensated victims via a community DAO vote (claim_findings[1]), completed multiple post-exploit security audits (claim_findings[2]), and has since grown to $2.5B TVL with $24.3M quarterly revenue (claim_findings[3]). No fraud, regulatory action, or unresolved risk is attributable to the entity itself (claim_findings[4]). The current WARNING band (score 47) misclassifies a remediated hack victim as an elevated ongoing risk; a CAUTIONARY band (score 62) accurately reflects a legitimate, operational protocol with material but resolved historical caveats. A positive score_modifier_delta of +15 is warranted to correct the miscalibration. Page content stands as published.anchoranchored
- chain
- ●mainnet-betaslot 426,514,748
- sig
4HkxLk5bDRMe…i17YHXYQexplorer ↗- hash
3bHYo4rbALT4…PzcoeM4Msha256 → base58
verifying row…full verify ↗canonical bytes (1334 B) ▸
{"actor":"judge","decided_at":"2026-06-14T23:16:12.062Z","decision":"review_approve","investigation_id":"ef74b3d0-4fed-4f79-a9d6-19255b26afae","new_score":62,"page_slug":"raydium","prev_score":47,"reason":"All six claim findings (claim_findings[0]–[5]) are supported with no disputed claims across the review (disputed_pct = 0%). The reviewer's calibration assessment is well-grounded: Raydium suffered a single external admin key compromise in December 2022 (claim_findings[0]), responded within four hours, fully compensated victims via a community DAO vote (claim_findings[1]), completed multiple post-exploit security audits (claim_findings[2]), and has since grown to $2.5B TVL with $24.3M quarterly revenue (claim_findings[3]). No fraud, regulatory action, or unresolved risk is attributable to the entity itself (claim_findings[4]). The current WARNING band (score 47) misclassifies a remediated hack victim as an elevated ongoing risk; a CAUTIONARY band (score 62) accurately reflects a legitimate, operational protocol with material but resolved historical caveats. A positive score_modifier_delta of +15 is warranted to correct the miscalibration. Page content stands as published.","score_delta":15,"sequence_num":7,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}Verify offline (run on your own machine)python -m src.verify_decision 27df8ea6-16a3-44b0-b928-07e850d054b5
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine —
python -m src.verify_decision <event_id>.