Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
publish · Qubit Finance
View on Solana ↗
Sequence
#1
Score
Cluster
mainnet-beta
Slot
421077048
Off-chain at
2026-05-20T22:36:30.792Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
EhzA6kJzwANPU1nsX7VLiijA4Zunmn3G2VkmqBiUenj
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (6545 chars)
{"actor":"system:backfill","investigation_id":"d90e7a11-4928-45d2-87e7-45da166374d3","kind":"publish","page_slug":"qubit","published_at":"2026-05-20T22:36:30.745Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Qubit Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://pancakebunny.medium.com/introducing-qubit-qbt-innovating-lending-and-borrowing-on-the-bsc-9f3fe6438f44"},{"credibility":3,"name":"","type":"other","url":"https://pancakebunny.medium.com/pancake-bunny-x-binance-labs-introducing-your-team-mound-288c21209375"},{"credibility":3,"name":"","type":"other","url":"https://qbt.wiki/en/company/mound-inc/"},{"credibility":3,"name":"","type":"other","url":"https://chainbulletin.com/pancakebunny-suffers-from-flash-loan-attack"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://medium.com/@QubitFin/protocol-exploit-report-305c34540fa3"},{"credibility":3,"name":"","type":"other","url":"https://certik.medium.com/qubit-bridge-collapse-exploited-to-the-tune-of-80-million-a7ab9068e1a0"},{"credibility":3,"name":"","type":"other","url":"https://slowmist.medium.com/our-analysis-of-the-80m-qubit-finance-exploit-b0f272cd8c25"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-qubit-hack-january-2022"},{"credibility":3,"name":"","type":"other","url":"https://rekt.news/qubit-rekt"},{"credibility":3,"name":"","type":"other","url":"https://medium.com/@QubitFin/protocol-exploit-report-2-30aade4d66de"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://rekt.news/qubit-rekt"},{"credibility":3,"name":"","type":"other","url":"https://certik.medium.com/qubit-bridge-collapse-exploited-to-the-tune-of-80-million-a7ab9068e1a0"},{"credibility":3,"name":"","type":"other","url":"https://bscscan.com/address/0x17b7163cf1dbd286e262ddc68b553d899b93f526"},{"credibility":3,"name":"","type":"other","url":"https://blog.merklescience.com/hacktrack/analysis-of-qubit-finance-exploit"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://medium.com/@QubitFin/our-compensation-plan-1-63e7c64738ed"},{"credibility":3,"name":"","type":"other","url":"https://www.bitdefender.com/en-us/blog/hotforsecurity/qubit-pleads-with-hacker-to-return-80-million-of-stolen-funds"},{"credibility":3,"name":"","type":"other","url":"https://finance.yahoo.com/news/losing-80-million-qubit-surrenders-110807610.html"},{"credibility":3,"name":"","type":"other","url":"https://www.infosecurity-magazine.com/news/crypto-finance-2m-bug-bounty/"},{"credibility":3,"name":"","type":"other","url":"https://qbt.wiki/en/"},{"credibility":3,"name":"","type":"other","url":"https://tokeninsight.com/en/news/qubit-finance-released-compensation-plan-team-mound-gives-up-all-of-its-tokens-to-compensate-the-community"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/markets/2022/01/28/defi-protocol-qubit-finance-exploited-for-80m"},{"credibility":3,"name":"","type":"other","url":"https://www.cpomagazine.com/cyber-security/hackers-exploited-a-logical-flaw-to-steal-80-million-from-defi-platform-qubit-finance/"},{"credibility":3,"name":"","type":"other","url":"https://www.bankinfosecurity.com/defi-platform-qubit-finance-hacked-for-80-million-a-18406"},{"credibility":3,"name":"","type":"other","url":"https://therecord.media/qubit-finance-platform-hacked-for-80-million-worth-of-cryptocurrency"},{"credibility":3,"name":"","type":"other","url":"https://www.theblock.co/post/132157/qubit-finance-bridge-ethereum-bsc-exploited-lost-80-million"}]}],"sources_used":[],"summary":"Qubit Finance was a Binance Smart Chain lending and cross-chain bridge protocol developed by South Korean firm Mound Inc., the same team behind PancakeBunny. On January 27, 2022, an attacker exploited a logic error in the QBridge Ethereum-BSC bridge to mint approximately 77,162 qXETH tokens without depositing any ETH, then drained roughly $80 million in protocol assets; no funds were ever recovered and the attacker was never identified.","timeline":[{"date":"2021-04-01","event":"Mound Inc. receives $1.6 million seed funding from Binance Labs","source":""},{"date":"2021-05-19","event":"PancakeBunny, Mound Inc.'s other protocol, suffers a $45 million flash loan exploit","source":""},{"date":"2021-11-23","event":"QBridge smart contract first deployed on Binance Smart Chain","source":""},{"date":"2021-11-29","event":"QBridge smart contract first deployed on Ethereum","source":""},{"date":"2022-01-27","event":"Attacker wallet (0xd01ae1a708614948b2b5e0b7ab5be6afa01325c7) funded via Tornado Cash at 9:18 PM UTC","source":""},{"date":"2022-01-27","event":"Attacker submits 16 fraudulent deposit() transactions to QBridge on Ethereum between 9:34 PM and 9:50 PM UTC with zero ETH attached","source":""},{"date":"2022-01-27","event":"BSC relayer processes 16 voteProposal transactions between 9:36 PM and 9:51 PM UTC, minting qXETH for attacker without any real deposit","source":""},{"date":"2022-01-27","event":"Attacker uses minted qXETH as collateral to borrow and extract approximately 206,809 BNB (~$80 million) from the protocol","source":""},{"date":"2022-01-28","event":"Qubit Finance disables all core protocol functions and publicly discloses the exploit","source":""},{"date":"2022-01-28","event":"Qubit team appeals to attacker to return funds, initially offering $250,000 bug bounty","source":""},{"date":"2022-01-29","event":"Qubit team increases bounty offer to $1 million; attacker does not respond publicly","source":""},{"date":"2022-01-31","event":"Bounty offer reported to have been raised to $2 million with no prosecution pledge","source":""},{"date":"2022-02-08","event":"Qubit Finance publishes compensation plan: Team Mound surrenders all tokens to community, commits to debt-funded $10M initial tranche","source":""},{"date":"2022-02-01","event":"Qubit Finance transfers governance authority to community DAO","source":""},{"date":"2022-02-08","event":"Qubit team announces $500,000 bounty for information identifying the attacker, files reports with international law enforcement","source":""},{"date":"2022-01-01","event":"Protocol ceases operations; no funds recovered; attacker never identified or charged","source":""}]},"v":1}