Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
publish · Nomad Bridge
View on Solana ↗
Sequence
#1
Score
Cluster
mainnet-beta
Slot
423210460
Off-chain at
2026-05-30T18:25:37.405Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
EhszxAJKAX9BXTh2GeDoXjYqNuTaCdwXNvJq1vDDQ3KR
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (8645 chars)
{"actor":"system:backfill","investigation_id":"36722e1d-f43e-49aa-a454-62e23ca2c6f3","kind":"publish","page_slug":"nomad-bridge","published_at":"2026-05-30T18:25:37.362Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Nomad Bridge","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.classaction.org/news/nomad-crypto-bridge-class-action-says-simple-programmer-mistake-allowed-186m-hack-in-2022","type":"other","url":""},{"credibility":3,"name":"https://www.crunchbase.com/organization/illusory-systems-inc","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-nomad-hack-august-2022","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-nomad-hack-august-2022","type":"other","url":""},{"credibility":3,"name":"https://medium.com/immunefi/hack-analysis-nomad-bridge-august-2022-5aa63d53814a","type":"other","url":""},{"credibility":3,"name":"https://nomoslabs.io/blog/nomad-bridge-exploit-technical-breakdown-190m-hack","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cloud.google.com/blog/topics/threat-intelligence/dissecting-nomad-bridge-hack","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/160851/nomads-190-million-bridge-exploit-drew-hacking-feeding-frenzy-of-300-addresses","type":"other","url":""},{"credibility":3,"name":"https://decrypt.co/106459/crypto-bridge-nomad-exploited-190m-frenzied-free-for-all","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cointelegraph.com/news/white-hat-hackers-have-returned-32-6m-worth-of-tokens-to-nomad-bridge","type":"other","url":""},{"credibility":3,"name":"https://www.cnbc.com/2022/08/05/crypto-startup-nomad-offers-10percent-bounty-after-190-million-hack.html","type":"other","url":""},{"credibility":3,"name":"https://www.theregister.com/2025/12/17/nomad_ftc_settlement/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.classaction.org/media/singh-v-illusory-systems-inc-et-al.pdf","type":"other","url":""},{"credibility":3,"name":"https://blockchain.bakermckenzie.com/2024/04/08/u-s-court-dismisses-rico-lawsuit-brought-in-connection-with-nomad-bridge-hack/","type":"other","url":""},{"credibility":3,"name":"https://www.ftc.gov/news-events/news/press-releases/2025/12/ftc-will-require-illusory-systems-return-money-stolen-hackers-implement-information-security-program","type":"other","url":""},{"credibility":3,"name":"https://www.federalregister.gov/documents/2025/12/19/2025-23407/illusory-systems-inc-analysis-of-proposed-consent-order-to-aid-public-comment","type":"other","url":""},{"credibility":3,"name":"https://www.theregister.com/2025/12/17/nomad_ftc_settlement/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.trmlabs.com/resources/blog/key-suspect-in-190m-nomad-bridge-exploit-extradited-to-the-united-states","type":"other","url":""},{"credibility":3,"name":"https://cryptoslate.com/israeli-authorities-arrest-nomad-bridge-hacker-approve-extradition-to-us/","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/suspect-behind-190-million-nomad-bridge-hack-extradited-us","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/immunefi/hack-analysis-nomad-bridge-august-2022-5aa63d53814a","type":"other","url":""},{"credibility":3,"name":"https://www.elliptic.co/blog/analysis/nomad-loses-156-million-in-seventh-major-crypto-bridge-exploit-of-2022","type":"other","url":""},{"credibility":3,"name":"https://cyberscoop.com/ftc-settles-with-illusory-systems-in-2022-cryptocurrency-hack/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cloud.google.com/blog/topics/threat-intelligence/dissecting-nomad-bridge-hack","type":"other","url":""},{"credibility":3,"name":"https://www.elliptic.co/blog/analysis/nomad-loses-156-million-in-seventh-major-crypto-bridge-exploit-of-2022","type":"other","url":""},{"credibility":3,"name":"https://edition.cnn.com/2022/08/03/tech/crypto-bridge-hack-nomad","type":"other","url":""}]}],"sources_used":[],"summary":"Nomad Bridge, operated by Illusory Systems Inc., was a cross-chain asset bridge that suffered a catastrophic $190 million exploit on August 1, 2022, when a routine smart contract upgrade inadvertently initialized trusted Merkle roots to a zero value, rendering all message proofs automatically valid. The vulnerability enabled a widely replicated 'crowd-sourced' draining event involving approximately 300 addresses over roughly 150 minutes — widely regarded as the first 'permissionless' mass-exploitation event in DeFi history. Subsequent actions include a class-action lawsuit, a December 2025 FTC settlement requiring repayment of approximately $37.5 million to affected users, and the 2025 arrest and extradition of a key suspect, Russian-Israeli national Alexander Gurevich.","timeline":[{"date":"2021-11-10","event":"Illusory Systems Inc. incorporated in Delaware; Nomad Bridge protocol development begins under founders Pranay Mohan and James Prestwich.","source":""},{"date":"2022-04-01","event":"Illusory Systems raises $22.4 million in seed funding led by Polychain Capital, with participation from Circle Ventures, Hack VC, Archetype, Breyer Capital, and others.","source":""},{"date":"2022-06-01","event":"A routine upgrade to the Nomad Replica.sol smart contract initializes the trusted Merkle root to 0x00, inadvertently making all message proofs automatically valid. The vulnerability goes undetected.","source":""},{"date":"2022-08-01","event":"An initial attacker discovers the zero-root vulnerability and drains 100 WBTC. Within minutes, approximately 300 addresses begin copying the exploit transaction, substituting their own recipient addresses. Roughly $190 million is drained over approximately 150 minutes in what analysts describe as the first 'crowd-sourced' DeFi exploit.","source":""},{"date":"2022-08-05","event":"Nomad announces a 10% bounty program, offering to refrain from legal action against exploiters who return 90% of stolen funds, plus a Whitehat NFT. CNBC and major outlets report on the offer.","source":""},{"date":"2022-08-09","event":"White-hat participants have returned approximately $32.6 million in tokens to Nomad's recovery address, representing early partial recovery.","source":""},{"date":"2023-02-01","event":"Class-action lawsuit Singh v. Illusory Systems Inc. filed in the U.S. District Court for the District of Delaware, alleging RICO violations including wire fraud and operating an unlicensed money-transmitting business.","source":""},{"date":"2023-08-01","event":"FBI's San Francisco field office files an eight-count federal indictment in the Northern District of California against Alexander Gurevich, a Russian-Israeli dual national, alleging wire fraud, conspiracy, and money laundering in connection with the Nomad exploit.","source":""},{"date":"2024-03-29","event":"U.S. District Court dismisses RICO claims in the Singh v. Illusory Systems class-action lawsuit.","source":""},{"date":"2024-12-01","event":"The United States formally submits an extradition request to Israel for Alexander Gurevich.","source":""},{"date":"2025-04-19","event":"Alexander Gurevich re-enters Israel during Passover holiday and is summoned for an extradition hearing. He ignores the summons and legally changes his name to 'Alexander Block' in Israel's Population Registry.","source":""},{"date":"2025-05-01","event":"Gurevich applies for a new passport under his changed name and attempts to board a flight to Russia. Israeli police, coordinating with the DOJ, FBI, and Interpol, arrest him at the airport. Israeli authorities approve extradition to the United States.","source":""},{"date":"2025-12-16","event":"The FTC announces a proposed settlement with Illusory Systems Inc. requiring the company to repay approximately $37.5 million to affected users, implement a comprehensive security program, and cease misrepresentations about product security.","source":""},{"date":"2025-12-19","event":"The proposed FTC consent order is published in the Federal Register for public comment, with a comment deadline of January 20, 2026.","source":""}]},"v":1}