Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
publish · Impermax V3
View on Solana ↗
Sequence
#1
Score
Cluster
mainnet-beta
Slot
423080249
Off-chain at
2026-05-30T04:05:55.539Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
5eY1yHi7iBT7aurgq1bdKK8ThhdHduimF7U6g1quV6xL
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (6330 chars)
{"actor":"system:backfill","investigation_id":"47ca9be4-2495-459e-8f6a-07a4eb08f894","kind":"publish","page_slug":"impermax-v3","published_at":"2026-05-30T04:05:55.478Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Impermax V3","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.impermax.finance/","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/impermax-v3","type":"other","url":""},{"credibility":3,"name":"https://docs.impermax.finance/getting-started/code-audits","type":"other","url":""},{"credibility":3,"name":"https://impermax.medium.com/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://impermax.medium.com/impermax-v3-exploit-post-mortem-6b0818897b25","type":"other","url":""},{"credibility":3,"name":"https://www.quillaudits.com/blog/hack-analysis/how-impermax-v3-lost-300k-in-flashloan-attack","type":"other","url":""},{"credibility":3,"name":"https://blog.verichains.io/p/inside-the-impermax-v3-hack","type":"other","url":""},{"credibility":3,"name":"https://monoaudit.com/en/articles/impermax-v3","type":"other","url":""},{"credibility":3,"name":"https://quadrigainitiative.com/casestudy/impermaxfinancev3flashloanfeevaluationflawexploited.php","type":"other","url":""},{"credibility":3,"name":"https://incrypthos.com/security/lending-protocol-impermax-v3-drained-by-collateral-fee-valuation-flaw/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.nominis.io/insights/nominis-monthly-report-crypto-attacks-in-november-2025","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/impermax-v3","type":"other","url":""},{"credibility":3,"name":"https://x.com/ImpermaxFinance/status/1988636882977116667","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://impermax.medium.com/imx-incident-post-mortem-and-recovery-plan-aeecd4e457ce","type":"other","url":""},{"credibility":3,"name":"https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Impermax_Finance_Private_Key_Compromise_Token_Theft","type":"other","url":""},{"credibility":3,"name":"https://impermax.medium.com/imx-incident-refund-allocations-a873e5393cf3","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.impermax.finance/getting-started/code-audits","type":"other","url":""},{"credibility":3,"name":"https://hackenproof.com/programs/impermax-finance-smart-contracts","type":"other","url":""},{"credibility":3,"name":"https://skynet.certik.com/projects/impermax","type":"other","url":""},{"credibility":3,"name":"https://github.com/Impermax-Finance/IMX/blob/main/audit/CertiK%20Audit%20Report%20for%20IMX.pdf","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/impermax-v3","type":"other","url":""},{"credibility":3,"name":"https://www.nominis.io/insights/nominis-monthly-report-crypto-attacks-in-november-2025","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/impermax-v3","type":"other","url":""},{"credibility":3,"name":"https://impermax.medium.com/impermax-v3-exploit-post-mortem-6b0818897b25","type":"other","url":""},{"credibility":3,"name":"https://www.impermax.finance/","type":"other","url":""}]}],"sources_used":[],"summary":"Impermax V3 is the third major iteration of Impermax Finance, a DeFi leveraged yield-farming and lending protocol that allows liquidity providers to use Uniswap V3 LP tokens as collateral. The protocol suffered two separate critical exploits in 2025 — a ~$300,000 flash-loan collateral valuation attack in April and a ~$380,000 liquidation logic exploit in November — both on the Base chain, resulting in cumulative losses exceeding $680,000 and leaving lenders with unresolved bad debt. These incidents follow a 2022 private key compromise affecting the IMX token, representing a recurring pattern of security failures across the protocol's history.","timeline":[{"date":"2020-12","event":"Impermax Finance whitepaper published, outlining leveraged yield farming using LP tokens as collateral.","source":""},{"date":"2021-04-29","event":"IMX token launched via airdrop to approximately 35,000 Uniswap V2 liquidity providers. 14 million tokens distributed at token generation event.","source":""},{"date":"2022-07-16","event":"Private key compromise of several Impermax team wallets. Approximately 9 million IMX tokens and protocol-owned liquidity stolen. Team frontran attacker by selling tokens. IMX migrated to IBEX via pre-incident snapshot distribution.","source":""},{"date":"2025-04","event":"BailSec and Guardian each complete Impermax V3 Core audits prior to launch.","source":""},{"date":"2025-04-26","event":"Flash-loan exploit on Impermax V3 exploiting uncollected Uniswap V3 fee valuation flaw. Approximately $300,000–$400,000 drained from Base and Arbitrum pools. Attacker address: 0xE3223f7E3343c2C8079f261D59ee1e513086C7C3.","source":""},{"date":"2025-04-28","event":"Impermax Finance publishes official post-mortem on Medium. Protocol stabilization measures announced. Lender reimbursement plan based on pre-exploit snapshot committed to, with timeline unspecified.","source":""},{"date":"2025-07","event":"Joint re-audit of updated Impermax V3 Core completed by Guardian, BailSec (Charles Wang), and Cantina (Riley Holtereus).","source":""},{"date":"2025-08","event":"Guardian completes audit of Aerodrome Slipstream integration with Impermax V3.","source":""},{"date":"2025-11-11","event":"Second critical exploit on Impermax V3: liquidation routing logic vulnerability in cbBTC lending vault on Base. Approximately 5.39 cbBTC (~$380,000) drained. Team disables vault connections and advises all users to withdraw funds.","source":""},{"date":"2026","event":"Protocol TVL declines to approximately $98,000. Annual fee and revenue activity reported at effectively zero. Lender reimbursement status for both 2025 exploits remains unconfirmed publicly.","source":""}]},"v":1}