Verify a decision
Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.
How verification works
- We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (
payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction. - We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
- You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is
AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.
Decision
review · Bunni Protocol
- Sequence
- #2
- Score
- 28 → 28 (0)
- Cluster
- mainnet-beta
- Slot
- 425023541
- Off-chain at
- 2026-06-08T02:49:36.685Z
- Anchored at
- —
- Block time
- —
Independent verification
- 1. Database (off-chain)
- D3QstFazWnDF1jYQKdtTbrGdtrrAhZXxvznqBsMkxtSA
- 2. Recomputed (your browser)
- computing…
- 3. On-chain (Solana memo)
- fetching…
Canonical bytes hashed (1332 chars)
{"actor":"reviewer","decided_at":"2026-06-08T02:49:36.535Z","decision":"review","investigation_id":"02b3a7ef-82a4-4774-be3b-e9477ae03a55","new_score":28,"page_slug":"bunni-protocol","prev_score":28,"reason":"The investigation page is broadly accurate and well-sourced. Key claims about the exploit mechanism, amounts, audit history, and shutdown rationale are confirmed by multiple independent sources including the official post-mortem, security firm analyses, and tier-1 news outlets. The main weaknesses are: (1) the shutdown announcement date of 'October 10' appears to conflate two announcements — the widely-reported formal shutdown was October 22; (2) the $50.8M TVL baseline used to compute the 97% decline appears to be a post-exploit intermediate figure rather than the pre-exploit peak of ~$80M; (3) the Bunni v2 launch date is stated as 'February 2025' but available evidence points to January 31, 2025; and (4) the primary X citation (tweet 1885489587541385231) returned HTTP 402 and could not be directly verified. One notable omission is the Morpho flash loan used for the Unichain portion of the attack and the attacker's post-exploit deposit of 2,295 ETH into Tornado Cash.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}