Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
publish · StableMagnet
View on Solana ↗
Sequence
#1
Score
Cluster
mainnet-beta
Slot
422206362
Off-chain at
2026-05-26T03:49:38.548Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
3PVBfqYyCfFXp1Th3CXautPJ8tJDL44mQksNVz4N3ort
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (6195 chars)
{"actor":"system:backfill","investigation_id":"3699ba84-0fa1-46e7-9d11-c82e2519a088","kind":"publish","page_slug":"stablemagnet","published_at":"2026-05-26T03:49:38.404Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"StableMagnet","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-stablemagnet-rugpull-june-2021","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/stablemagnet-rekt","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/stablemagnetexitscam.php","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/stablemagnet-rekt","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-stablemagnet-rugpull-june-2021","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/stablemagnetexitscam.php","type":"other","url":""},{"credibility":3,"name":"https://x.com/peckshield/status/1407845381312892931","type":"other","url":""},{"credibility":3,"name":"https://smartcontractshacking.com/hacks/stablemagnet-hack-2021","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://github.com/TechRate/Smart-Contract-Audits","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-stablemagnet-rugpull-june-2021","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/stablemagnet-rekt","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/stablemagnetexitscam.php","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.banklesstimes.com/news/2023/01/31/ethical-hacker-helps-recover-millions-lost-in-stablemagnet-rug-pull/","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/stablemagnetexitscam.php","type":"other","url":""},{"credibility":3,"name":"https://www.cryptopolitan.com/defi-scammers-tracked-down-after-a-25-million-rug-pull/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://revoke.cash/exploits/stablemagnet","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/stablemagnetexitscam.php","type":"other","url":""},{"credibility":3,"name":"https://www.web3isgoinggreat.com/?id=2021-06-23-0","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-stablemagnet-rugpull-june-2021","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/stablemagnet-rekt","type":"other","url":""},{"credibility":3,"name":"https://x.com/peckshield/status/1407845381312892931","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://x.com/peckshield/status/1407845381312892931","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/stablemagnet-rekt","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/stablemagnet-rekt","type":"other","url":""},{"credibility":3,"name":"https://bscscan.com/address/0xb89e9365cb5bacfcf4a4b0386dfad45c3b4d3258","type":"other","url":""},{"credibility":3,"name":"https://x.com/peckshield/status/1407845381312892931","type":"other","url":""}]}],"sources_used":[],"summary":"StableMagnet was a stablecoin yield and DEX protocol launched on Binance Smart Chain (BSC) that executed a deliberate rug pull on June 23-24, 2021, stealing approximately $27 million in USDT, USDC, and BUSD from over 1,000 users. The team concealed a malicious backdoor by substituting an unverified SwapUtils library for the one shown in publicly audited source code — a novel attack vector that exposed a critical gap in how block explorers verify linked library code. Following an anonymous white-hat investigation and Manchester police arrests, most of the stolen funds were eventually returned by late 2022.","timeline":[{"date":"2021-06-01","event":"StableMagnet launches on Binance Smart Chain, offering a USDT/USDC/BUSD 3Pool stablecoin DEX with a TechRate audit in place.","source":""},{"date":"2021-06-23","event":"StableMagnet team activates malicious backdoor in the unverified SwapUtils library (0xE25d05777BB4bD0FD0Ca1297C434e612803eaA9a), draining approximately $22.2 million in USDT, USDC, and BUSD from the 3Pool and sweeping tokens from wallets with open approvals. Total losses reach approximately $27 million.","source":""},{"date":"2021-06-24","event":"PeckShield alerts the crypto community on Twitter that StableMagnet's SwapUtils library is unverified and different from the main swap contract source code, urging users to revoke approvals immediately. Rekt News publishes a detailed post-mortem.","source":""},{"date":"2021-06-24","event":"Stolen funds are bridged from BSC to Ethereum via AnySwap/Multichain and converted from USDT to DAI in an apparent laundering attempt. All StableMagnet websites and social media accounts go offline.","source":""},{"date":"2021-07-01","event":"Halborn publishes detailed technical analysis of the library substitution attack vector, noting the structural verification gap in Etherscan and BscScan.","source":""},{"date":"2022-01-30","event":"An anonymous white-hat hacker goes public (via CoinTelegraph and Bankless Times coverage) with details of their investigation: they identified alleged perpetrators as Hong Kong-based individuals, tracked their travel to Manchester, UK, and cooperated with Manchester police, who arrested suspects and recovered approximately $9 million from a USB device.","source":""},{"date":"2022-12-01","event":"Approximately $24 million of the originally stolen $27 million is reported returned to victims, following arrests and cooperation from alleged co-conspirators, per Quadriga Initiative records.","source":""}]},"v":1}