Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
publish · Grim Finance
View on Solana ↗
Sequence
#1
Score
Cluster
mainnet-beta
Slot
421119814
Off-chain at
2026-05-21T03:21:08.498Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
4XL42unt6FZb5A6FhVB29DQLzUoJHRBmcAhd1edqXcHH
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (6704 chars)
{"actor":"system:backfill","investigation_id":"5475bb6c-6b45-406c-9916-785317b085b9","kind":"publish","page_slug":"grim-finance","published_at":"2026-05-21T03:21:08.420Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Grim Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2021/12/20/fantom-defi-project-grim-finance-exploited-for-30m","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/defi-protocol-grim-finance-lost-30m-in-5x-reentrancy-hack","type":"other","url":""},{"credibility":3,"name":"https://slowmist.medium.com/analysis-of-the-grim-finance-hack-bc440108b069","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-grim-finance-hack-december-2021","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/grimfinancereentrancyattack.php","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cryptonews.net/news/security/2913195/","type":"other","url":""},{"credibility":3,"name":"https://www.technologyforyou.org/30-million-stolen-from-defi-protocol-grim-finance-audit-firm-apologizes-for-missing-vulnerability/","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-grim-finance-hack-december-2021","type":"other","url":""},{"credibility":3,"name":"https://www.defisafety.com/app/pqrs/423","type":"other","url":""},{"credibility":3,"name":"https://sourcehat.com/audits/GrimVaultV2/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2021/12/20/fantom-defi-project-grim-finance-exploited-for-30m","type":"other","url":""},{"credibility":3,"name":"https://decrypt.co/88727/grim-finance-hacked-30-million-fantom-tokens","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/grimfinancereentrancyattack.php","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/@grimfinance11/grim-finance-update-to-exploit-15226e6df736","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/grimfinancereentrancyattack.php","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/grim-finance","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/grim-finance","type":"other","url":""},{"credibility":3,"name":"https://www.vidma.io/blog/the-grim-reaper-strikes-unraveling-the-30-million-grim-finance-hack","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2021/12/20/fantom-defi-project-grim-finance-exploited-for-30m","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-grim-finance-hack-december-2021","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/grim-finance","type":"other","url":""},{"credibility":3,"name":"https://www.defisafety.com/app/pqrs/423","type":"other","url":""}]}],"sources_used":[],"summary":"Grim Finance was a Fantom-based DeFi yield optimizer (fork of Beefy Finance) that suffered a devastating reentrancy exploit on December 19, 2021, resulting in approximately $30 million in user funds stolen. The vulnerability — a missing reentrancy guard in the depositFor() function — had existed in an audited codebase and was classified by security researchers as an entirely preventable, well-understood attack class. The protocol has since collapsed to a near-zero TVL of roughly $29,000 and its proposed compensation plan yielded no meaningful restitution for affected users.","timeline":[{"date":"2021-08-01","event":"Solidity Finance conducts a smart contract audit of Grim Finance, approximately four months before the exploit. A new analyst performs the review while the firm's CTO is on vacation; the reentrancy vulnerability in depositFor() is not flagged.","source":""},{"date":"2021-12-19","event":"Attacker (address: 0xdefc385d7038f391eb0063c2f7c238cfb55b206c) exploits the GrimBoostVault depositFor() reentrancy vulnerability using a flash loan and a malicious token contract, draining approximately $30 million from Grim Finance vaults on Fantom.","source":""},{"date":"2021-12-19","event":"Grim Finance team pauses all vaults approximately six hours after the attack begins. The team notifies Circle (USDC), MakerDAO (DAI), and AnySwap to freeze attacker-linked addresses. The attacker has already begun converting and bridging stolen assets.","source":""},{"date":"2021-12-19","event":"Grim Finance TVL collapses from approximately $98.9 million to $4.2 million. The GRIM token falls approximately 81%, from $0.80 to $0.15. Rugdoc.io and other security watchdogs publicly criticize the lack of a basic reentrancy guard.","source":""},{"date":"2021-12-20","event":"Solidity Finance issues a public statement acknowledging the missed vulnerability, attributing it to internal organizational stress and a new analyst performing the review. CoinDesk, CoinTelegraph, and Decrypt report on the breach.","source":""},{"date":"2021-12-20","event":"Attacker alleged to have deposited approximately $3.3 million of stolen funds into Tornado Cash mixer, with additional funds bridged from Fantom to Ethereum mainnet via stablecoin conversions.","source":""},{"date":"2021-12-31","event":"Grim Finance publishes post-mortem and compensation plan announcing a new token airdrop (50% of platform revenues), 0.2% insurance fund, and NFT airdrops from partner Pod Town. Affected users must submit claims by January 7, 2022.","source":""},{"date":"2022-01-07","event":"Claim submission deadline for hack victims passes. No public reporting confirms material restitution was subsequently delivered.","source":""},{"date":"2022-03-17","event":"DeFiSafety publishes a Process Quality Review rating Grim Finance at 24% with a FAIL designation, citing inadequate security processes.","source":""},{"date":"2022-08-08","event":"U.S. Treasury OFAC sanctions Tornado Cash, the mixer allegedly used to launder a portion of the Grim Finance stolen funds.","source":""},{"date":"2026-05-01","event":"Grim Finance TVL sits at approximately $28,759 across six chains per DeFiLlama, reflecting a functionally abandoned protocol. No meaningful development activity or community engagement has been identified since early 2022.","source":""}]},"v":1}