Verify a decision

{"actor":"reviewer","decided_at":"2026-06-14T23:15:46.443Z","decision":"review","investigation_id":"3d2cc7b8-95f7-498d-b8b1-64ac61450e87","new_score":22,"page_slug":"drift","prev_score":22,"reason":"Blue-chip calibration review (Prompt A). Verdict: over-penalized. Page content is treated as accurate; the trust_score band is miscalibrated. Drift Protocol is a legitimate, institutionally funded (Multicoin Capital, Blockchain Capital, $52.5M total raised), audited (OtterSec, Trail of Bits), DefiLlama-verified decentralized perpetual futures exchange on Solana. The page's own status field reads 'VERIFIED (via DefiLlama)' while the trust score sits at 22/WARNING — a direct internal contradiction the scoring engine did not resolve. The $285-286M April 2026 loss was a state-sponsored (DPRK/UNC4736) social engineering attack independently confirmed by Chainalysis, TRM Labs, Elliptic, The Block, and CoinDesk; Drift was the victim, not the perpetrator. There is a legitimate partial-negligence deduction: Drift migrated its Security Council to a zero-timelock 2-of-5 configuration five days before the exploit, an avoidable governance failure identified by multiple independent security analysts. That negligence, combined with the severity of unresolved user losses ($295.4M, 8-year recovery timeline), warrants a CAUTIONARY band rather than a VERIFIED band. However, placing Drift at 22/WARNING — the same tier reserved for entities with 'elevated fraud/loss risk' — misrepresents a legitimate protocol that suffered an extraordinary state-actor attack. A score of 52/CAUTIONARY appropriately reflects: legitimacy and institutional credibility (+baseline), serious unresolved user losses and long recovery horizon (-material caveat), partial governance negligence enabling the exploit (-secondary deduction), and the absence of any fraudulent conduct by Drift itself.","score_delta":0,"sequence_num":5,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}