Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
publish · MoonHacker
View on Solana ↗
Sequence
#1
Score
Cluster
mainnet-beta
Slot
423086605
Off-chain at
2026-05-30T04:47:49.940Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
B8VmanFxXULbZb5EUfcTY7G9vfs5wJ8Y2tZdXMdaboPa
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (4478 chars)
{"actor":"system:backfill","investigation_id":"0b5775ae-4d7b-40c9-b388-53a4f8c826e1","kind":"publish","page_slug":"moonhacker","published_at":"2026-05-30T04:47:49.855Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"MoonHacker","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.solidityscan.com/moonhacker-vault-hack-analysis-ab122cb226f6","type":"other","url":""},{"credibility":3,"name":"https://blog.verichains.io/p/moonhacker-vault-hack-analysis","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.solidityscan.com/moonhacker-vault-hack-analysis-ab122cb226f6","type":"other","url":""},{"credibility":3,"name":"https://blog.verichains.io/p/moonhacker-vault-hack-analysis","type":"other","url":""},{"credibility":3,"name":"https://x.com/dedaub/status/1874838342485102852","type":"other","url":""},{"credibility":3,"name":"https://coinedition.com/moonwell-defi-hit-by-320k-flash-loan-exploit-security-risks-highlighted/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.verichains.io/p/moonhacker-vault-hack-analysis","type":"other","url":""},{"credibility":3,"name":"https://blog.solidityscan.com/moonhacker-vault-hack-analysis-ab122cb226f6","type":"other","url":""},{"credibility":3,"name":"https://www.chaincatcher.com/en/article/2158930","type":"other","url":""},{"credibility":3,"name":"https://bitcoinethereumnews.com/tech/moonwell-defi-exploited-in-320k-flash-loan-attack/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://x.com/dedaub/status/1874838342485102852","type":"other","url":""},{"credibility":3,"name":"https://blog.solidityscan.com/moonhacker-vault-hack-analysis-ab122cb226f6","type":"other","url":""},{"credibility":3,"name":"https://blog.verichains.io/p/moonhacker-vault-hack-analysis","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.solidityscan.com/moonhacker-vault-hack-analysis-ab122cb226f6","type":"other","url":""},{"credibility":3,"name":"https://coinedition.com/moonwell-defi-hit-by-320k-flash-loan-exploit-security-risks-highlighted/","type":"other","url":""},{"credibility":3,"name":"https://bitcoinethereumnews.com/tech/moonwell-defi-exploited-in-320k-flash-loan-attack/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://newsletter.blockthreat.io/p/blockthreat-week-52-2024","type":"other","url":""},{"credibility":3,"name":"https://www.chaincatcher.com/en/article/2158930","type":"other","url":""},{"credibility":3,"name":"https://blog.solidityscan.com/moonhacker-vault-hack-analysis-ab122cb226f6","type":"other","url":""}]}],"sources_used":[],"summary":"MoonHacker is an independently deployed DeFi vault protocol built on Optimism that was designed to interact with the Moonwell lending protocol. On December 23, 2024, MoonHacker vault contracts suffered a flash loan exploit due to improper input validation and absent access controls in the executeOperation function, resulting in the loss of approximately $320,000 USDC. The Moonwell team confirmed no affiliation with MoonHacker, the vault deployers remain anonymous, and stolen funds were converted to DAI and routed through Tornado Cash, complicating recovery efforts.","timeline":[{"date":"2024-12-23","event":"MoonHacker vault contracts exploited on Optimism via flash loan and unchecked executeOperation callback; approximately $320,000 USDC drained.","source":""},{"date":"2024-12-23","event":"Cyvers Alerts issues real-time alert identifying the attack on Moonwell's USDC lending contract on Optimism involving MoonHacker vault contracts.","source":""},{"date":"2024-12-23","event":"Stolen USDC swapped to DAI and retained in attacker wallet; attacker wallet had been pre-funded via Tornado Cash on Ethereum.","source":""},{"date":"2024-12-24","event":"Moonwell DeFi publicly disavows any affiliation with MoonHacker, confirming core Moonwell lending pools are unaffected.","source":""},{"date":"2025-01-02","event":"Dedaub discloses on X that its monitoring tools had flagged the unchecked flashloan callback and unrestricted approve proxy vulnerabilities in MoonHacker with high confidence prior to the exploit.","source":""}]},"v":1}