Audit log

Every state-changing event for Veil Cash: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-29 15:59:53Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 422,970,375

   sig

   2xYzi8CbBCMb…5sesFLVHcopyexplorer ↗

   hash

   FYiVNJqQoVU6…CZEdmwkvcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (5751 B) ▸

   {"actor":"system:backfill","investigation_id":"40f1c3c2-cf2a-4640-9d3a-3f0a5165f29d","kind":"publish","page_slug":"veil-cash","published_at":"2026-05-29T15:59:53.679Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Veil Cash","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/veil-cash","type":"other","url":""},{"credibility":3,"name":"https://docs.veil.cash/","type":"other","url":""},{"credibility":3,"name":"https://www.bankless.com/read/getting-started-with-veils-privacy-protocol-on-base","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://github.com/DK27ss/VeilCash-5K-PoC","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/the-unfinished-proof","type":"other","url":""},{"credibility":3,"name":"https://coinsbench.com/forging-zksnark-proofs-via-misconfigured-verification-keys-the-veil-01-eth-exploit-2a6bb7d0078b","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-february-2026","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://x.com/PashovAuditGrp/status/2025598503255167195","type":"other","url":""},{"credibility":3,"name":"https://skynet.certik.com/projects/veil-cash","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.cryptotimes.io/2026/02/26/foomcash-loses-2-26m-in-copycat-zksnark-exploit/","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/the-unfinished-proof","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-february-2026","type":"other","url":""},{"credibility":3,"name":"https://dev.to/ohmygod/when-zero-knowledge-proofs-break-how-groth16-verification-key-misconfigs-drained-3m-from-defi-47i9","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.veil.cash/intro/verified-users/coinbase-onchain-verification","type":"other","url":""},{"credibility":3,"name":"https://www.bankless.com/read/getting-started-with-veils-privacy-protocol-on-base","type":"other","url":""},{"credibility":3,"name":"https://0xbow.io/","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/348959/0xbow-privacy-pools-new-cypherpunk-tool-inspired-research-ethereum-founder-vitalik-buterin","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/veil-cash","type":"other","url":""},{"credibility":3,"name":"https://www.coingecko.com/en/coins/veil-token","type":"other","url":""},{"credibility":3,"name":"https://cryptorank.io/price/veil-cash","type":"other","url":""},{"credibility":3,"name":"https://skynet.certik.com/projects/veil-cash","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://skynet.certik.com/projects/veil-cash","type":"other","url":""},{"credibility":3,"name":"https://github.com/veildotcash","type":"other","url":""},{"credibility":3,"name":"https://www.veil.cash/","type":"other","url":""}]}],"sources_used":[],"summary":"Veil Cash is a zero-knowledge privacy protocol deployed on Coinbase's Base L2 network, enabling anonymous ETH and USDC transfers via zk-SNARK proofs and a UTXO model. In February 2026 the protocol's legacy pools were exploited due to an incomplete Groth16 trusted-setup ceremony, resulting in 2.9 ETH being drained before funds were returned by the exploiter. The incident attracted industry attention because the same misconfiguration pattern was subsequently replicated in a larger $2.26 million exploit of FoomCash, raising broader questions about cryptographic setup hygiene across ZK DeFi protocols.","timeline":[{"date":"2024-01-01","event":"Veil Cash protocol launches on Base L2 with zk-SNARK privacy pools for ETH and USDC.","source":""},{"date":"2024-06-01","event":"Coinbase EAS (Ethereum Attestation Service) integration introduced, allowing Coinbase-verified users auto-approval into verified pools.","source":""},{"date":"2025-01-01","event":"Pashov Audit Group completes a security review of Veil Cash smart contracts; the Groth16 verifier contract is explicitly listed out of scope.","source":""},{"date":"2026-02-21","event":"Attacker exploits the Groth16 verifier misconfiguration (delta == gamma) in Veil Cash's legacy Base pool, executing 29 fraudulent withdrawals and draining 2.9 ETH in a single transaction.","source":""},{"date":"2026-02-21","event":"DefimonAlerts (Decurity security firm) intervenes and rescues remaining pool funds from the legacy pools.","source":""},{"date":"2026-02-21","event":"Exploiter returns all drained funds unprompted at approximately 22:05 UTC; 100% of Veil Cash user funds recovered.","source":""},{"date":"2026-02-22","event":"Public proof-of-concept for the Veil Cash Groth16 exploit published on GitHub by researcher DK27ss. Rekt.news covers incident as 'The Unfinished Proof'.","source":""},{"date":"2026-02-22","event":"Pashov Audit Group publicly confirms on X that the verifier was out of scope for their audit engagement.","source":""},{"date":"2026-02-26","event":"FoomCash suffers a $2.26 million exploit using the identical Groth16 misconfiguration pattern first publicly documented in the Veil Cash incident.","source":""},{"date":"2026-03-01","event":"CryptoTimes and Halborn publish post-mortems linking the FoomCash exploit directly to the Veil Cash incident as the originating template.","source":""}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 883d8694-9ea2-4677-a412-ca1dd25d8c84copy
2. #2reviewby reviewerreviewer

   2026-06-03 03:18:31Z
   Score: 48 → 48 (no score change)
   The core narrative — Veil Cash as a Base L2 ZK privacy protocol, the February 2026 Groth16 exploit of legacy pools draining 2.9 ETH, and the $2.26M FoomCash copycat — is well-supported across multiple independent sources. However, the investigation contains several unverified or incorrect specific details: the Pashov audit is dated January 2025 but the actual report date is February 12, 2025; the protocol launch date (January 2024) and Coinbase EAS integration date (June 2024) have no evidentiary basis; the CryptoTimes and Halborn publication dates in the timeline are wrong (February 26 and March 2 respectively, not March 1); one cited source (dev.to) returns 404; and the specific 22:05 UTC timestamp for fund return is unverifiable. The Halborn source contains a likely-erroneous $427k figure for the Veil Cash loss that contradicts the 2.9 ETH consensus.
   anchoranchored

   chain

   ●mainnet-betaslot 423,943,770

   sig

   a1Jw3Qc32nWq…Zieh65fzcopyexplorer ↗

   hash

   848Fxaa1iBMT…Z3qfmqCtcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (1210 B) ▸

   {"actor":"reviewer","decided_at":"2026-06-03T03:18:30.955Z","decision":"review","investigation_id":"40f1c3c2-cf2a-4640-9d3a-3f0a5165f29d","new_score":48,"page_slug":"veil-cash","prev_score":48,"reason":"The core narrative — Veil Cash as a Base L2 ZK privacy protocol, the February 2026 Groth16 exploit of legacy pools draining 2.9 ETH, and the $2.26M FoomCash copycat — is well-supported across multiple independent sources. However, the investigation contains several unverified or incorrect specific details: the Pashov audit is dated January 2025 but the actual report date is February 12, 2025; the protocol launch date (January 2024) and Coinbase EAS integration date (June 2024) have no evidentiary basis; the CryptoTimes and Halborn publication dates in the timeline are wrong (February 26 and March 2 respectively, not March 1); one cited source (dev.to) returns 404; and the specific 22:05 UTC timestamp for fund return is unverifiable. The Halborn source contains a likely-erroneous $427k figure for the Veil Cash loss that contradicts the 2.9 ETH consensus.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision fce4e441-6d96-4ad8-9991-c96ab7ece082copy
3. #3review reviseby judgejudge

   2026-06-03 03:18:31Z
   Score: 48 → 38 (-10)
   The core narrative — Veil Cash as a Base L2 ZK privacy protocol, the February 2026 Groth16 exploit draining 2.9 ETH from legacy pools, funds returned by the exploiter, and the subsequent $2.26M FoomCash copycat — is well-confirmed by multiple independent Tier 1 sources. However, the review found 18.75% of claims disputed or unverifiable. Two claims are disputed: the Pashov audit completion date (page states January 2025; Pashov's public audit index shows February 12, 2025 per claim_findings[7]) and a conflict with the Halborn source, which attributes $427k to the Veil Cash hack — an apparent error by Halborn that contradicts the consensus 2.9 ETH figure confirmed across four independent sources (claim_findings[15]). Two additional timeline dates (protocol launch January 2024; Coinbase EAS June 2024) are unverifiable and likely inaccurate given GitHub org history (claim_findings[5], [6]). One cited source returns 404 (claim_findings[16]). Two high-priority coverage gaps — on-chain transaction anchors and the protocol launch date — remain unaddressed and should be resolved before the page is considered authoritative.
   anchoranchored

   chain

   ●mainnet-betaslot 423,943,776

   sig

   4LNym5FUdtoS…kLK4d7uJcopyexplorer ↗

   hash

   6UbtxyB86cqg…aH1iwxZzcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (1483 B) ▸

   {"actor":"judge","decided_at":"2026-06-03T03:18:30.955Z","decision":"review_revise","investigation_id":"40f1c3c2-cf2a-4640-9d3a-3f0a5165f29d","new_score":38,"page_slug":"veil-cash","prev_score":48,"reason":"The core narrative — Veil Cash as a Base L2 ZK privacy protocol, the February 2026 Groth16 exploit draining 2.9 ETH from legacy pools, funds returned by the exploiter, and the subsequent $2.26M FoomCash copycat — is well-confirmed by multiple independent Tier 1 sources. However, the review found 18.75% of claims disputed or unverifiable. Two claims are disputed: the Pashov audit completion date (page states January 2025; Pashov's public audit index shows February 12, 2025 per claim_findings[7]) and a conflict with the Halborn source, which attributes $427k to the Veil Cash hack — an apparent error by Halborn that contradicts the consensus 2.9 ETH figure confirmed across four independent sources (claim_findings[15]). Two additional timeline dates (protocol launch January 2024; Coinbase EAS June 2024) are unverifiable and likely inaccurate given GitHub org history (claim_findings[5], [6]). One cited source returns 404 (claim_findings[16]). Two high-priority coverage gaps — on-chain transaction anchors and the protocol launch date — remain unaddressed and should be resolved before the page is considered authoritative.","score_delta":-10,"sequence_num":3,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 5ad04abc-3bea-421c-a2f8-b718de0fd87ecopy