Skip to main content
Sign in
← avoid.net

Verify a decision

Every moderation decision on AVOID.NET is anchored to the Solana blockchain. You don't have to trust us — you can verify cryptographically that we committed to a verdict at a specific moment and have not rewritten it.

How verification works

  1. We commit. When a moderator accepts/rejects a submission, we serialize the decision into deterministic UTF-8 bytes (payload_canonical_string), hash it with SHA-256, encode the digest as base58, and write it to Solana inside an SPL Memo v2 transaction.
  2. We store the bytes. The exact bytes we hashed are stored alongside the decision in our database. Anyone can read them and recompute the hash in any language.
  3. You compare three values. Database hash, your independently-recomputed hash, and the hash inside the on-chain memo. If all three match, the decision is authentic and timestamped.
The on-chain memo format is AVOID.NET|v1|h:<b58-sha256>|d:<id>|t:<iso>

Find a signature on any investigation page's decision log, or run python -m src.verify_decision --signature <sig> for a CLI check.

Decision
publish · Binance Bridge
View on Solana ↗
Sequence
#1
Score
Cluster
mainnet-beta
Slot
421042212
Off-chain at
2026-05-20T18:44:18.154Z
Anchored at
Block time

Independent verification

1. Database (off-chain)
5zuDXojHro7nuRxfQ3Bn11YxiSAViRKjfvae3VtbZVtR
2. Recomputed (your browser)
computing…
3. On-chain (Solana memo)
fetching…
Canonical bytes hashed (6540 chars)
{"actor":"system:backfill","investigation_id":"6ea1ef2c-9ad2-458f-9bb3-88ec2da9e58b","kind":"publish","page_slug":"binance-bridge","published_at":"2026-05-20T18:44:18.076Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Binance Bridge","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-bnb-chain-hack-october-2022"},{"credibility":3,"name":"","type":"other","url":"https://en.wikipedia.org/wiki/BNB_Smart_Chain_(blockchain_platform)"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://rekt.news/bnb-bridge-rekt"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-bnb-chain-hack-october-2022"},{"credibility":3,"name":"","type":"other","url":"https://medium.com/immunefi/hack-analysis-binance-bridge-october-2022-2876d39247c1"},{"credibility":3,"name":"","type":"other","url":"https://swarm.ptsecurity.com/binance-smart-chain-token-bridge-hack/"},{"credibility":3,"name":"","type":"other","url":"https://forum.cosmos.network/t/cosmos-sdk-ibc-vulnerability-retrospective-security-advisories-dragonberry-and-elderflower-october-2022/8735"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://bscscan.com/address/0x489a8756c18c0b8b24ec2a2b9ff3d4d447f79bec"},{"credibility":3,"name":"","type":"other","url":"https://www.elliptic.co/blog/analysis/attack-mints-569-million-worth-of-bnb-tokens-in-bsc-bridge-exploit"},{"credibility":3,"name":"","type":"other","url":"https://www.merklescience.com/blog/hack-track-analysis-of-the-bnb-smart-chain-exploit"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://cointelegraph.com/news/bnb-chain-confirms-bsc-halt-due-to-potential-exploit"},{"credibility":3,"name":"","type":"other","url":"https://fortune.com/crypto/2022/10/06/binance-smart-chain-halts-after-exploit/"},{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/business/2022/10/06/binance-linked-bnb-price-falls-close-to-4-on-hack-rumors"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.elliptic.co/blog/analysis/attack-mints-569-million-worth-of-bnb-tokens-in-bsc-bridge-exploit"},{"credibility":3,"name":"","type":"other","url":"https://www.bankinfosecurity.com/binance-restores-cross-chain-bridge-after-569m-attack-a-20227"},{"credibility":3,"name":"","type":"other","url":"https://www.binance.com/en/feed/post/1452535182522"},{"credibility":3,"name":"","type":"other","url":"https://cryptoslate.com/binance-resumes-bsc-bridge-operation-after-2m-bnb-exploit/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-bnb-chain-hack-october-2022"},{"credibility":3,"name":"","type":"other","url":"https://www.cnbc.com/2022/10/07/more-than-100-million-worth-of-binances-bnb-token-stolen-in-another-major-crypto-hack.html"},{"credibility":3,"name":"","type":"other","url":"https://techcrunch.com/2022/10/07/blockchain-bridge-hack/"},{"credibility":3,"name":"","type":"other","url":"https://forum.cosmos.network/t/cosmos-sdk-ibc-vulnerability-retrospective-security-advisories-dragonberry-and-elderflower-october-2022/8735"}]}],"sources_used":[],"summary":"Binance Bridge (BSC Token Hub) was the official cross-chain bridge connecting the BNB Beacon Chain (BEP2) and BNB Smart Chain (BEP20), operated by Binance. On October 6-7, 2022, an attacker exploited a critical flaw in the bridge's IAVL Merkle proof verification logic inherited from Cosmos SDK, forging deposit proofs to mint 2 million BNB (approximately $586 million at time of exploit). Although the BNB Chain was halted by validators to contain the damage — trapping roughly $430 million on-chain — approximately $110–137 million escaped to other networks before the halt took effect.","timeline":[{"date":"2019-01-01","event":"Binance launches bridge infrastructure connecting Binance Chain and BNB Smart Chain ecosystems.","source":""},{"date":"2020-09-01","event":"BNB Smart Chain (BSC) launches; BSC Token Hub becomes primary cross-chain bridge for the BNB ecosystem.","source":""},{"date":"2022-10-06","event":"At 18:26 UTC, attacker mints first 1 million BNB via forged IAVL Merkle proof from block 110217401 to address 0x489A8756C18C0b8B24EC2a2b9FF3D4d447F79BEc. Transaction hash: 0xebf83628ba893d35b496121fb8201666b8e09f3cbadf0e269162baa72efe3b8b.","source":""},{"date":"2022-10-06","event":"At 20:43 UTC, attacker mints second 1 million BNB via second forged proof. Transaction hash: 0x05356fd06ce56a9ec5b4eaf9c075abd740cae4c21eab1676440ab5cd2fe5c57a. Total minted: 2 million BNB (~$586M).","source":""},{"date":"2022-10-06","event":"Attacker deposits 900,000 BNB as collateral on Venus Protocol and borrows approximately $147.5M in stablecoins (USDT, USDC, BUSD).","source":""},{"date":"2022-10-06","event":"Attacker bridges stolen stablecoins to Ethereum (~$53M), Fantom (~$57M), Polygon (~$400K), Avalanche, Optimism, and Arbitrum via Stargate Finance and Multichain.","source":""},{"date":"2022-10-06","event":"At approximately 21:35 UTC, all 44 BNB Smart Chain validators coordinate to halt BSC, trapping ~$430M in assets on-chain. Chain halted for approximately 8 hours.","source":""},{"date":"2022-10-07","event":"Binance CEO Changpeng Zhao (CZ) publicly confirms the exploit and chain halt. Tether and Circle freeze combined $33.5M in USDT and USDC held by the attacker.","source":""},{"date":"2022-10-07","event":"Binance restores cross-chain bridge operations after validators apply hotfix release v1.1.15 patching the IAVL verification flaw.","source":""},{"date":"2022-10-08","event":"Cosmos engineers begin intensive security review of ICS-23 implementation in response to the BSC incident, identifying the broader 'Dragonberry' vulnerability affecting all IBC-enabled Cosmos chains.","source":""},{"date":"2022-10-12","event":"BNB Chain implements Moran Hardfork with permanent IAVL hash-check vulnerability fix.","source":""},{"date":"2023-11-01","event":"BNB Chain Core proposes forced liquidation of exploiter's Venus Protocol collateral position. USDT and USDC positions force-liquidated to recover partial funds without open-market BNB sell-off.","source":""}]},"v":1}