Skip to main content
Sign in
Skyward Finance1 decision on this page

Audit log

Every state-changing event for Skyward Finance: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-28 16:29:19Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,756,746
    sig
    5rGDZuacRvcR…ykeEvgCVexplorer ↗
    hash
    HyhWiDhLNfZz…WAbLP833sha256 → base58
    verifying row…full verify ↗
    canonical bytes (4600 B) ▸
    {"actor":"system:backfill","investigation_id":"6aac9dde-8965-450a-8f68-91a312f1f44a","kind":"publish","page_slug":"skyward-finance","published_at":"2026-05-28T16:29:19.279Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Skyward Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/nearprotocol/everything-you-need-to-know-about-skyward-finance-before-the-first-token-sale-6e82fe305e1a","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/skyward-rekt","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/skyward-rekt","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-skyward-finance-hack-november-2022","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/182495/skyward-finance-exploit-near-protocol","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/skyward-finance-exploit-allegedly-results-in-3-million-loss","type":"other","url":""},{"credibility":3,"name":"https://quillaudits.medium.com/decoding-skywardfinance-3-million-exploit-quillaudits-9725727f94b0","type":"other","url":""},{"credibility":3,"name":"https://medium.com/neptune-mutual/decoding-skyward-finance-smart-contract-vulnerability-3e38c5d0e312","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cryptopotato.com/skyward-token-dumps-95-as-hackers-drain-protocols-treasury/","type":"other","url":""},{"credibility":3,"name":"https://www.web3isgoinggreat.com/?id=skyward-finance-treasury-drained-of-3-2-million","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/currencies/skyward-finance/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-skyward-finance-hack-november-2022","type":"other","url":""},{"credibility":3,"name":"https://quillaudits.medium.com/decoding-skywardfinance-3-million-exploit-quillaudits-9725727f94b0","type":"other","url":""},{"credibility":3,"name":"https://medium.com/neptune-mutual/decoding-skyward-finance-smart-contract-vulnerability-3e38c5d0e312","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/skyward-rekt","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.web3isgoinggreat.com/?id=skyward-finance-treasury-drained-of-3-2-million","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/currencies/skyward-finance/","type":"other","url":""},{"credibility":3,"name":"https://www.vidma.io/blog/skyward-finance-a-3-2m-lesson-in-smart-contract-vulnerabilities","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[]}],"sources_used":[],"summary":"Skyward Finance was a permissionless token launchpad built on the NEAR Protocol, launched in June 2021. On November 2, 2022, a smart contract vulnerability in its treasury redemption function was exploited, resulting in the loss of approximately 1.1 million NEAR tokens (~$3.2 million USD). The exploit rendered the SKYWARD token and protocol treasury effectively worthless, and the team publicly advised users to withdraw all remaining funds and cease interacting with the platform.","timeline":[{"date":"2021-06-24","event":"Skyward Finance launches on NEAR Protocol mainnet following a test sale period.","source":""},{"date":"2022-11-02","event":"Attacker exploits the redeem_skyward smart contract function, draining approximately 1.1 million wNEAR (~$3.2 million USD) from the Skyward Finance treasury in a single transaction.","source":""},{"date":"2022-11-02","event":"Community member Nearscout first identifies and reports the exploit publicly.","source":""},{"date":"2022-11-03","event":"Skyward Finance team issues public statement confirming the exploit rendered 'the Treasury and the $SKYWARD token effectively worthless' and advises users to withdraw all funds and cease platform interaction.","source":""},{"date":"2022-11-03","event":"SKYWARD token price collapses approximately 90–95%. Skyward Finance becomes the first NEAR ecosystem project on the Rekt DeFi exploit leaderboard.","source":""},{"date":"2022-11-03","event":"BlockSec, Halborn, QuillAudits, and Neptune Mutual publish independent analyses identifying the input validation flaw in the redeem_skyward function.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision a2c79a30-36b6-4203-8b64-a3ff1c89ad96
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.