Verify a decision
Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.
How verification works
- We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (
payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction. - We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
- You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is
AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.
Decision
- Sequence
- #2
- Score
- 0 → 0 (0)
- Cluster
- mainnet-beta
- Slot
- 423932891
- Off-chain at
- 2026-06-03T02:06:02.451Z
- Anchored at
- —
- Block time
- —
Independent verification
- 1. Database (off-chain)
- 7GQWRV6HbiDCKMncqAEDbnonqJzTtk16atbitD78kEtz
- 2. Recomputed (your browser)
- computing…
- 3. On-chain (Solana memo)
- fetching…
Canonical bytes hashed (1355 chars)
{"actor":"reviewer","decided_at":"2026-06-03T02:06:02.370Z","decision":"review","investigation_id":"5f4ae5ce-810a-450a-8b66-4d4a91730751","new_score":0,"page_slug":"bandcampro-stellarmonster-wallet-malware","prev_score":0,"reason":"The investigation page is broadly well-supported by multiple independent secondary sources all tracing to the Trend Micro 'Patriot Bait' report (primary URL returns 403 but was accessible to the sources cited). The core claims — bandcampro's handle, Russian-speaking attribution, GEMINI.md jailbreak, 73 stolen API keys, GoToResolve RAT distributed via StellarMonster, 29 WordPress compromises, the QFS Terminal chatbot, and the May 2026 disclosure — are confirmed across at least two independent secondary sources each. The Veriti.ai DaisyCloud citation is link-rotted (redirects to checkpoint.com) but the underlying claim about DaisyCloud is independently substantiated. Three claims are unverifiable from accessible sources (specific victim industry categories, HYPE token pump-and-dump specifics, 12-word seed phrase detail), and several IOC claims are confirmable only through the single-source Trend Micro report chain. No claims are disputed by any credible counter-source.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}