Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
publish · DeltaPrime
View on Solana ↗
Sequence
#1
Score
Cluster
mainnet-beta
Slot
422639375
Off-chain at
2026-05-28T03:34:46.079Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
GHyweNCQQcpNHs5SD4613VCDXJ4RmAfVtRmGMiFnvYDx
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (6543 chars)
{"actor":"system:backfill","investigation_id":"3b16504a-8f88-41b7-9f56-439fcc2ace96","kind":"publish","page_slug":"deltaprime","published_at":"2026-05-28T03:34:45.950Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"DeltaPrime","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.deltaprime.io/","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/deltaprime","type":"other","url":""},{"credibility":3,"name":"https://docs.deltaprime.io/protocol/the-story-so-far","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-deltaprime-hack-september-2024","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/markets/2024/09/16/crypto-broker-deltaprime-drained-of-over-6m-amid-apparent-private-key-leak","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/delta-prime-defi-hacked-6-m-arbitrum","type":"other","url":""},{"credibility":3,"name":"https://www.merklescience.com/blog/hack-track-deltaprime-flow-of-funds-analysis","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/deltaprime-rekt","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-deltaprime-hack-november-2024","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/delta-prime-exploited-for-4-8-m-worth-of-arb-and-avax","type":"other","url":""},{"credibility":3,"name":"https://threesigma.xyz/blog/exploit/deltaprime-defi-exploit-avalanche-arbitrum-hack","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/325498/lending-protocol-delta-prime-suffers-second-exploit-in-two-months-bringing-losses-above-10-million","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/deltaprime-incident-analysis","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cryptoslate.com/deltaprime-hit-by-6m-exploit-amid-north-korea-links-allegations/","type":"other","url":""},{"credibility":3,"name":"https://99bitcoins.com/news/6-million-drained-from-defi-platform-zachxbt-claims-that-north-korea-hackers-may-be-involved/","type":"other","url":""},{"credibility":3,"name":"https://www.cryptonewsz.com/north-korean-behind-deltaprime-attack-5-93m/","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/deltaprime-breach-suspicious-transactions/","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/deltaprime-rekt","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.globenewswire.com/news-release/2024/10/21/2965930/0/en/DeltaPrime-Reimbursement-Plan.html","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/press-release/2024/10/22/deltaprimes-path-to-regrowth-a-robust-plan-to-make-all-affected-users-whole-again","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@DeltaPrimeDefi/deltaprime-post-mortem-reimbursement-plan-07-12-2024-2d654912715b","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/press-releases/deltaprime-reimbursement-plan","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-deltaprime-hack-september-2024","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-deltaprime-hack-november-2024","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/deltaprime","type":"other","url":""},{"credibility":3,"name":"https://www.merklescience.com/blog/hack-track-deltaprime-flow-of-funds-analysis","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://thehackernews.com/2025/06/us-seizes-774m-in-crypto-tied-to-north.html","type":"other","url":""},{"credibility":3,"name":"https://cryptoslate.com/deltaprime-hit-by-6m-exploit-amid-north-korea-links-allegations/","type":"other","url":""}]}],"sources_used":[],"summary":"DeltaPrime is a decentralized leveraged farming and lending protocol deployed on Arbitrum and Avalanche. The protocol suffered two major security exploits in 2024 — a $5.98 million private key compromise in September and a $4.8 million smart contract vulnerability in November — totaling over $10.7 million in losses. On-chain investigator ZachXBT alleged that DeltaPrime had previously employed North Korean IT workers with alleged ties to the DPRK-linked Lazarus Group, raising concerns about insider access as a contributing factor to the first exploit.","timeline":[{"date":"2024-08-15","event":"ZachXBT contacts DeltaPrime and more than 25 other Web3 projects warning them about unknowingly hired DPRK-affiliated IT workers. DeltaPrime reportedly tells ZachXBT the flagged individuals have been removed.","source":""},{"date":"2024-09-16","event":"DeltaPrime's Arbitrum deployment is exploited for approximately $5.98 million via a compromised admin private key. The attacker upgrades proxy contracts to malicious versions and drains DPUSDC, DPARB, and DPBTCb pools. 1,337 ETH is sent to Tornado Cash.","source":""},{"date":"2024-09-16","event":"ZachXBT publicly comments that DeltaPrime was one of the teams warned about DPRK IT workers, and observes laundering patterns similar to the Lazarus Group.","source":""},{"date":"2024-10-21","event":"DeltaPrime publishes its initial reimbursement plan introducing rTKN tokens, with a 1.4x compensation ratio for affected users and a $1.33 million Stability Pool contribution.","source":""},{"date":"2024-11-11","event":"DeltaPrime suffers a second exploit affecting both Arbitrum and Avalanche, losing approximately $4.8 million due to insufficient input validation in the reward claiming smart contract. Total 2024 losses exceed $10.7 million. Protocol pauses all pools.","source":""},{"date":"2024-12-07","event":"DeltaPrime publishes updated post-mortem and reimbursement plan for the second exploit, allocating 33% of future DegenPrime revenue to rTKN reimbursements.","source":""},{"date":"2025-01-01","event":"DeltaPrime 2.0 launches with enhanced security features including a new audit by BlockSec (the protocol's eighth audit).","source":""}]},"v":1}