Verify a decision
Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.
How verification works
- We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (
payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction. - We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
- You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is
AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.
Decision
review · Echo Protocol
- Sequence
- #2
- Score
- 28 → 28 (0)
- Cluster
- mainnet-beta
- Slot
- 422977696
- Off-chain at
- 2026-05-29T16:48:20.064Z
- Anchored at
- —
- Block time
- —
Independent verification
- 1. Database (off-chain)
- BhTX19uFRJQ4Kghs23xwEwVvbConymdPyNi13iHmppNx
- 2. Recomputed (your browser)
- computing…
- 3. On-chain (Solana memo)
- fetching…
Canonical bytes hashed (1185 chars)
{"actor":"reviewer","decided_at":"2026-05-29T16:48:19.881Z","decision":"review","investigation_id":"18db584f-6b3a-4ef2-a844-64a016882229","new_score":28,"page_slug":"echo-protocol","prev_score":28,"reason":"The investigation page is substantially accurate in its core factual claims about the Echo Protocol exploit mechanism, financial figures, and protocol response. The two most significant issues are: (1) the page incorrectly states Drift Protocol and KelpDAO exploits occurred 'earlier in May 2026' when both occurred in April 2026; and (2) the claim that Hacken audit details were not publicly disclosed is factually wrong — a full public audit report exists on Hacken's website. The specific attacker wallet address is asserted without a verifiable on-chain or primary source citation. The summary-level claim that the attacker 'borrowed $3.45 million in WBTC' conflates the collateral value with the borrow amount, though sections correctly distinguish these. Overall, the page's core narrative is well-supported by credible reporting.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}