Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
publish · Balancer
View on Solana ↗
Sequence
#1
Score
Cluster
mainnet-beta
Slot
423217278
Off-chain at
2026-05-30T19:10:53.788Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
F64nJcNu71zo2t9saVQyeHfNmfA3BV6jqGgfRL29cHUp
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (8319 chars)
{"actor":"system:backfill","investigation_id":"36f75834-67ae-4c11-b2be-78c9066f6778","kind":"publish","page_slug":"balancer","published_at":"2026-05-30T19:10:53.718Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Balancer","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cryptopotato.com/balancer-protocol-guide/","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/academy/article/what-is-balancer","type":"other","url":""},{"credibility":3,"name":"https://getblock.io/blog/bringing-perfect-balance-to-amms-story-of-balancer-bal/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.peckshield.com/2020/06/28/balancer/","type":"other","url":""},{"credibility":3,"name":"https://decrypt.co/33937/hacker-steals-500k-crypto-balancer-pool","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/casestudy/balancerdeflationhack.php","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cointelegraph.com/news/euler-attack-causes-locked-tokens-losses-in-11-defi-protocols-including-balancer","type":"other","url":""},{"credibility":3,"name":"https://forum.balancer.fi/t/euler-hack-post-mortem/4490","type":"other","url":""},{"credibility":3,"name":"https://www.panewslab.com/en/articles/281ef9d5-31d1-4e7b-a9a6-267939b5cfa9","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.web3isgoinggreat.com/?id=balancer-exploit","type":"other","url":""},{"credibility":3,"name":"https://decrypt.co/154002/balancer-suffers-nearly-1m-exploit-team-urges-users-withdraw-funds","type":"other","url":""},{"credibility":3,"name":"https://www.bitdegree.org/crypto/news/balancer-warns-users-of-vulnerability-in-some-pools-2-8m-still-at-risk","type":"other","url":""},{"credibility":3,"name":"https://cryptopotato.com/balancer-drained-for-almost-1m-days-after-disclosing-vulnerability/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://decrypt.co/197953/balancer-frontend-hit-by-dns-attack-over-250k-stolen","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/balancer-social-engineering-attack-dns-provider-frontend-hijack","type":"other","url":""},{"credibility":3,"name":"https://slowmist.medium.com/analysis-of-balancer-bgp-hijacking-incident-40adb6b285b5","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/251970/balancer-dns-attack-frontend","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://velocorexyz.medium.com/velocore-incident-post-mortem-6197020ec3e9","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/velocore-rekt/","type":"other","url":""},{"credibility":3,"name":"https://immunebytes.com/blog/velocore-finance-exploit-june-2-2024-detailed-analysis/","type":"other","url":""},{"credibility":3,"name":"https://smartcontractshacking.com/hacks/velocore-v2-hack-2024","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://research.checkpoint.com/2025/how-an-attacker-drained-128m-from-balancer-through-rounding-error-exploitation/","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-balancer-hack-november-2025","type":"other","url":""},{"credibility":3,"name":"https://blog.trailofbits.com/2025/11/07/balancer-hack-analysis-and-guidance-for-the-defi-ecosystem/","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/377863/balancer-identifies-rounding-error-as-root-cause-of-multi-chain-defi-exploit","type":"other","url":""},{"credibility":3,"name":"https://www.certora.com/blog/breaking-down-the-balancer-hack","type":"other","url":""},{"credibility":3,"name":"https://www.dlnews.com/articles/defi/balancer-suffers-128m-exploit-despite-multiple-audits/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.dlnews.com/articles/defi/balancer-suffers-128m-exploit-despite-multiple-audits/","type":"other","url":""},{"credibility":3,"name":"https://blog.trailofbits.com/2025/11/07/balancer-hack-analysis-and-guidance-for-the-defi-ecosystem/","type":"other","url":""},{"credibility":3,"name":"https://www.certora.com/blog/breaking-down-the-balancer-hack","type":"other","url":""},{"credibility":3,"name":"https://cryptonews.com/exclusives/balancer-defi-protocol-may-have-lost-over-100-million-due-to-a-2023-bug/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cryptopotato.com/balancer-protocol-guide/","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/learn/balancer/","type":"other","url":""},{"credibility":3,"name":"https://www.ccn.com/education/crypto/balancer-exploit-smart-contracts-defi-blockchains-assets-impacted/","type":"other","url":""}]}],"sources_used":[],"summary":"Balancer is a decentralized automated market maker (AMM) protocol on Ethereum, founded in 2018 by Fernando Martinelli and Mike McDonald, that allows multi-token liquidity pools with customizable weighting. The protocol has suffered six documented security incidents between 2020 and 2025, resulting in cumulative losses exceeding $140 million, including a catastrophic $128 million exploit in November 2025 caused by an arithmetic precision flaw in Composable Stable Pool contracts. Despite multiple audits by major firms including Trail of Bits, OpenZeppelin, and Certora, systemic smart contract vulnerabilities and a highly complex protocol architecture have repeatedly exposed user funds to loss.","timeline":[{"date":"2018-01-01","event":"Balancer protocol research begins at BlockScience as an R&D project.","source":""},{"date":"2020-03-01","event":"Balancer Labs raises $3 million in seed funding and launches Balancer V1 mainnet.","source":""},{"date":"2020-06-01","event":"BAL governance token launches; 25 million tokens allocated to founders and investors, 65 million to liquidity providers.","source":""},{"date":"2020-06-28","event":"Deflationary token flash loan exploit: attacker uses dYdX flash loan to drain STA and STONK pools. Approximately $523,600 stolen. Balancer reimburses affected users.","source":""},{"date":"2021-04-01","event":"Balancer V2 launches with unified vault architecture, separating pool logic from asset custody.","source":""},{"date":"2023-03-13","event":"Euler Finance is exploited for $197 million. Balancer's bb-e-USD pool suffers approximately $11.9 million in indirect losses. Emergency subDAO pauses the pool.","source":""},{"date":"2023-08-22","event":"Balancer publicly discloses a critical vulnerability in V2 boosted pools and urges liquidity providers to withdraw funds. Approximately $2.8 million estimated at risk.","source":""},{"date":"2023-08-25","event":"Balancer reports 99.7% of at-risk liquidity withdrawn; approximately $565,199 still in vulnerable pools.","source":""},{"date":"2023-08-27","event":"Attackers exploit the disclosed August 22 vulnerability via flash loans, draining over $2.1 million across eight networks.","source":""},{"date":"2023-09-19","event":"Balancer frontend compromised via social engineering attack on EuroDNS registrar and BGP hijacking. Approximately $253,044 stolen from users who interacted with malicious front-end across six networks.","source":""},{"date":"2023-09-20","event":"Balancer DAO successfully recovers control of compromised domain by approximately 5:45 pm UTC.","source":""},{"date":"2024-06-02","event":"Velocore, a Balancer-fork DEX, is exploited for approximately $6.8 million on Linea and zkSync Era due to faulty logic in its ConstantProductPool contract.","source":""},{"date":"2025-11-03","event":"Balancer V2 suffers its largest-ever exploit: approximately $128.64 million drained across six blockchain networks in under 30 minutes via a rounding error in _upscaleArray() within ComposableStablePool contracts. Safe Harbor recoveries begin within hours.","source":""}]},"v":1}