Verify a decision
Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.
How verification works
- We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (
payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction. - We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
- You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is
AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.
Decision
publish · Mobius Token
- Sequence
- #1
- Score
- →
- Cluster
- mainnet-beta
- Slot
- 422575045
- Off-chain at
- 2026-05-27T20:30:15.920Z
- Anchored at
- —
- Block time
- —
Independent verification
- 1. Database (off-chain)
- 3mPKunr7MRh2ZBcdBdYXU5jknqHHfERzAA7kpLnBRW4t
- 2. Recomputed (your browser)
- computing…
- 3. On-chain (Solana memo)
- fetching…
Canonical bytes hashed (4574 chars)
{"actor":"system:backfill","investigation_id":"18c18006-b61a-4fbf-a97d-6e612808d7d7","kind":"publish","page_slug":"mobius-token","published_at":"2026-05-27T20:30:15.862Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Mobius Token","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cointelegraph.com/news/mobius-token-exploit-bnb-chain-2-1m-loss","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/mobius-token-incident-analysis","type":"other","url":""},{"credibility":3,"name":"https://www.quillaudits.com/blog/hack-analysis/mobius-token-exploit-breakdown","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-mobius-hack-may-2025","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/mobius-defi-hack-on-bnb-chain/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.quillaudits.com/blog/hack-analysis/mobius-token-exploit-breakdown","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/mobius-token-incident-analysis","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-mobius-hack-may-2025","type":"other","url":""},{"credibility":3,"name":"https://quillaudits.medium.com/mobius-token-exploit-breakdown-2-1m-lost-due-to-poor-logic-4c5ea5febdec","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.certik.com/resources/blog/mobius-token-incident-analysis","type":"other","url":""},{"credibility":3,"name":"https://www.quillaudits.com/blog/hack-analysis/mobius-token-exploit-breakdown","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/mobius-defi-hack-on-bnb-chain/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://beincrypto.com/mobius-defi-hack-on-bnb-chain/","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/mobius-token-incident-analysis","type":"other","url":""},{"credibility":3,"name":"https://www.cryptopolitan.com/mobius-suffers-hack-on-bnb-chain/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://thespotlite.net/mobius-finance-mot-airdrop-is-it-real-or-a-scam-full-details","type":"other","url":""},{"credibility":3,"name":"https://cryptorank.io/news/feed/a08b2-mobius-exploited-for-2-1m-while-scammers-breach-ledgers-social-media","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.certik.com/resources/blog/mobius-token-incident-analysis","type":"other","url":""}]}],"sources_used":[],"summary":"Mobius Token (ticker: MBU) is a DeFi token that operated on BNB Chain. On May 11, 2025, an attacker exploited a critical decimal-precision bug in the project's unaudited smart contract, minting approximately 9.73 quadrillion MBU tokens with a deposit of only 0.001 BNB and draining $2.15 million in USDT from the protocol's liquidity pools. The stolen funds were laundered through Tornado Cash, no official team response was issued, and no funds have been recovered.","timeline":[{"date":"2025-05-04","event":"Attacker wallet 0xB32A53Af96F7735D47F4b76C525BD5Eb02B42600 funded via Tornado Cash with 10 BNB; same wallet allegedly exploited MHT Trade on this date.","source":""},{"date":"2025-05-08","event":"Mobius Token contract reportedly funded in preparation for the exploit.","source":""},{"date":"2025-05-11","event":"At 07:31 UTC, attacker deployed malicious contract 0x631adFF068D484Ce531Fb519Cda4042805521641 on BNB Chain.","source":""},{"date":"2025-05-11","event":"At 07:33 UTC, exploit executed: 0.001 WBNB deposited, approximately 9.73 quadrillion MBU tokens minted via decimal inflation bug, and $2,152,219.99 in USDT drained from PancakeSwap liquidity pools.","source":""},{"date":"2025-05-11","event":"Security firm Cyvers publicly flagged the exploit in real time on X (Twitter). CertiK, QuillAudits, and Halborn published post-mortem analyses.","source":""},{"date":"2025-05-11","event":"Attacker laundered approximately 2,100 BNB through Tornado Cash in 21 batches of 100 BNB. MBU token price collapses to near zero.","source":""},{"date":"2025-05-11","event":"No official statement released by the Mobius Token team. No fund recovery reported.","source":""}]},"v":1}