Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
review_approve · Trezor
View on Solana ↗
Sequence
#3
Score
6257 (-5)
Cluster
mainnet-beta
Slot
424317591
Off-chain at
2026-06-04T20:39:55.870Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
2YWGBx4evUGDFWa5b9uyLUE36dovRa9P8zJzBhM9pmcB
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (1172 chars)
{"actor":"judge","decided_at":"2026-06-04T20:39:55.669Z","decision":"review_approve","investigation_id":"3f8ad1aa-b016-4d23-bc55-23c6bfeee1c4","new_score":57,"page_slug":"trezor","prev_score":62,"reason":"17 of 24 claims are fully confirmed by independent Tier 1 sources, and no link rot was detected. The page is approved with a minor score penalty for one disputed finding and four partially-supported findings. The single disputed claim (claim_findings[22]) states that Trezor patched the Ledger Donjon Safe 3 vulnerability via firmware update; Trezor's own official vulnerability disclosure (Tier 1) explicitly states the flaw was not patchable via firmware. Additionally, claim_findings[18] mischaracterizes the March 2024 X account compromise mechanism as a spoofed Twitter login page capturing credentials, when Trezor's Tier 1 blog confirms it was a malicious Calendly app authorization — a meaningful technical distinction. These errors are correctable without affecting the page's overall integrity or core conclusions.","score_delta":-5,"sequence_num":3,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}