Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
publish · Crema Finance
View on Solana ↗
Sequence
#1
Score
Cluster
mainnet-beta
Slot
422554239
Off-chain at
2026-05-27T18:12:29.689Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
GuRNxpn4ubZdB3HyHo28YGK9aXEdKV5pYLn6zb4FKgor
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (6241 chars)
{"actor":"system:backfill","investigation_id":"42a98fcb-c67c-4a73-abf4-ca61dd3c31fe","kind":"publish","page_slug":"crema-finance","published_at":"2026-05-27T18:12:29.640Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Crema Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2022/07/04/solana-defi-protocol-crema-loses-88m-in-exploit","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-crema-finance-hack-july-2022","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/4XzSJEeWC2bRppR9CeBckw-crema-finance-exploit","type":"other","url":""},{"credibility":3,"name":"https://ackee.xyz/blog/2022-solana-hacks-explained-crema-finance/","type":"other","url":""},{"credibility":3,"name":"https://therecord.media/nearly-9-million-stolen-from-defi-platform-crema-finance","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2022/07/07/crema-finance-attacker-returns-almost-8m-keeps-17m-bounty","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/crema-hacker-returns-8m-keeps-1-6m-in-deal-with-protocol","type":"other","url":""},{"credibility":3,"name":"https://finance.yahoo.com/news/crema-hacker-returns-8-million-114746305.html","type":"other","url":""},{"credibility":3,"name":"https://news.bitcoin.com/crema-finance-hacker-negotiates-with-defi-projects-team-returns-8-million-in-eth-and-sol/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/@Crema.finance/the-compensation-plan-regarding-cremas-exploit-incident-62fb9ba4c4bc","type":"other","url":""},{"credibility":3,"name":"https://www.investing.com/news/cryptocurrency-news/crema-finance-team-announces-compensation-plan-following-attack-2845567","type":"other","url":""},{"credibility":3,"name":"https://www.bankinfosecurity.com/crema-finance-issues-recovery-plans-after-88-m-crypto-hack-a-19545","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://tokeninsight.com/en/news/crema-finance-to-go-live-again-after-new-smart-contract-audit","type":"other","url":""},{"credibility":3,"name":"https://ackee.xyz/blog/2022-solana-hacks-explained-crema-finance/","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/crema-finance","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.crunchbase.com/organization/crema-finance","type":"other","url":""},{"credibility":3,"name":"https://tokeninsight.com/en/coins/crema-finance/team","type":"other","url":""},{"credibility":3,"name":"https://solanacompass.com/projects/crema-finance","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/crema-finance","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2022/07/07/crema-finance-attacker-returns-almost-8m-keeps-17m-bounty","type":"other","url":""},{"credibility":3,"name":"https://www.web3isgoinggreat.com/?id=crema-finance-hacked-for-8-8-million","type":"other","url":""}]}],"sources_used":[],"summary":"Crema Finance is a Solana-based concentrated liquidity market maker (CLMM) DEX protocol that launched in January 2022. On July 2, 2022, the protocol suffered a critical exploit in which an attacker used a fake tick account and flash loans to drain approximately $8.78 million from multiple liquidity pools. Following on-chain negotiations, the attacker returned roughly $7.1 million and retained approximately $1.68 million as an agreed white-hat bounty; Crema subsequently issued a CRM token compensation plan for affected users and submitted a revised codebase for re-audit by SlowMist before reopening.","timeline":[{"date":"2022-01-01","event":"Crema Finance mainnet launches on Solana as a concentrated liquidity DEX protocol.","source":""},{"date":"2022-07-02","event":"Attacker exploits Crema Finance's CLMM pools using a fake tick account and flash loans from Solend, draining approximately $8.78 million in SOL and USDC. Protocol suspends all smart contract operations immediately.","source":""},{"date":"2022-07-02","event":"Stolen funds converted to 69,422.9 SOL and 6,497,738 USDC; USDC is bridged to Ethereum via Wormhole and swapped to approximately 6,064 ETH. Attacker's Ethereum address identified as 0x8021b2962dB803b73Aa874030B0B42c202E8458F.","source":""},{"date":"2022-07-02","event":"Crema Finance TVL drops from over $12 million to approximately $3 million following the exploit.","source":""},{"date":"2022-07-03","event":"Crema Finance sends on-chain message to attacker's Ethereum address offering an $800,000 white-hat bounty with a 72-hour return deadline.","source":""},{"date":"2022-07-06","event":"Crema Finance and the attacker reach a negotiated agreement. Attacker retains 45,455 SOL (~$1.68 million) as a white-hat bounty and returns 6,064 ETH and 23,967.9 SOL across four transactions.","source":""},{"date":"2022-07-07","event":"Crema Finance publicly announces the recovery agreement, designates the attacker a 'white hat,' and commits to releasing a compensation plan within 48 hours.","source":""},{"date":"2022-07-08","event":"Crema Finance publishes compensation plan: 15 million CRM tokens (1.5% of total hard-cap) allocated from team reserves, distributed via 12-month linear vesting starting August 1, 2022. Affected pool users may withdraw 84% of assets immediately.","source":""},{"date":"2022-08-01","event":"First monthly CRM compensation token unlock for affected liquidity providers.","source":""},{"date":"2022-10-01","event":"Crema Finance submits revised codebase to SlowMist for a new smart contract security audit ahead of planned re-launch.","source":""},{"date":"2025-05-01","event":"Protocol remains nominally live with a TVL of approximately $124,000 and near-zero daily trading volume, indicating severe user attrition since the 2022 exploit.","source":""}]},"v":1}