← Vitalik Buterin3 decisions on this page

Audit log

Every state-changing event for Vitalik Buterin: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

#1publishby system:backfill
2026-05-18 23:07:57Z
Score: ? → ? (no score change)
anchoranchored
chain
●mainnet-betaslot 420,649,405
sig
VBP8HxLKWrKg…v1m7zFSdexplorer ↗
hash
71FYBCQ97CeU…EYLw7jPEsha256 → base58
verifying row…full verify ↗
canonical bytes (5017 B) ▸
{"actor":"system:backfill","investigation_id":"1e5a0170-7238-4c75-8a3d-9543ebe7c48b","kind":"publish","page_slug":"vitalik-buterin","published_at":"2026-05-18T23:07:57.591Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Vitalik Buterin","sections":[{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]}],"sources_used":[],"summary":"Vitalik Buterin is the legitimate co-founder of Ethereum and is not himself a scam actor. However, his name, likeness, and social media presence constitute one of the most heavily weaponized impersonation surfaces in crypto. Documented threats include a September 2023 SIM-swap of his X account (linked to Pink Drainer, resulting in ~$691K stolen from followers), persistent fake giveaway livestreams on YouTube, thousands of fraudulent Instagram accounts, and an escalating campaign of AI-generated deepfake videos distributing wallet-drainer phishing links.","timeline":[{"date":"2018-10-03","event":"Fake Instagram account @buterin_vitalik with 24,000 followers collects 37.491 ETH (~$7,500 at the time) via a fake giveaway directing victims through a Telegram bot.","source":"","source_url":"https://cryptoslate.com/vitaliks-impostor-instagram-account-collects-37-ether-in-apparent-giveaway-scam/"},{"date":"2020-07-10","event":"CoinDesk reports that crypto giveaway scams impersonating Buterin and other figures are flourishing on YouTube, constituting an established multi-year threat vector.","source":"","source_url":"https://www.coindesk.com/markets/2020/07/10/crypto-giveaway-scams-continue-to-flourish-on-youtube"},{"date":"2022-01-04","event":"A fraudulent Instagram account using the handle @vitalik.eth accumulates over 570,000 followers and runs sponsored paid advertisements to promote staking scams.","source":"","source_url":"https://u.today/scam-alert-someone-allegedly-impersonates-vitalik-buterin-on-instagram-pulling-off-crypto-scams"},{"date":"2022-02-18","event":"Group-IB documents 36 fabricated YouTube giveaway livestreams using Buterin footage over a 48-hour window; scammer wallets receive over $1.6 million in 281 transactions from more than 165,000 viewers.","source":"","source_url":"https://www.group-ib.com/media-center/press-releases/crypto-trap/"},{"date":"2022-08-15","event":"Vitalik Buterin publicly warns via his Twitter account that all 5,000+ Instagram accounts claiming to be him are fake and constitute scams.","source":"","source_url":"https://thecryptobasic.com/2022/08/15/all-5000-of-my-instagram-accounts-are-fake-ethereum-founder-vitalik-buterin-gives-a-reminder/"},{"date":"2022-01-01","event":"Attacker compromises verified journalist Aaron Goldfarb's Twitter account, redesigns it to impersonate Vitalik Buterin, and uses it to launch phishing campaigns targeting followers.","source":"","source_url":"https://u.today/vitalik-buterin-scam-hits-verified-account-of-famous-journalist"},{"date":"2023-09-09","event":"Attacker SIM-swaps Buterin's T-Mobile number, resets his X account password, and posts a phishing link for a fake 'Proto-Danksharding commemorative NFT.' ZachXBT tracks losses reaching ~$691,000, including CryptoPunk #3983 (~$244,000). Attack wallet is linked to Pink Drainer.","source":"","source_url":"https://decrypt.co/155738/hacker-steals-690000-after-hijacking-vitalik-buterin-x-account"},{"date":"2023-09-12","event":"Buterin confirms publicly via Farcaster that the attack was a SIM swap via T-Mobile, and advises users to remove phone numbers from X account settings.","source":"","source_url":"https://decrypt.co/156000/vitalik-buterin-sim-swap-attack-behind-700000-twitter-hack"},{"date":"2024-02-07","event":"CertiK discloses a deepfake video falsely depicting Buterin endorsing a wallet-drainer phishing site, marking an escalation from text-based impersonation to synthetic AI-generated video.","source":"","source_url":"https://crypto.news/analysts-discover-deepfakes-of-vitalik-buterin-promoting-scam-crypto-wallet/"},{"date":"2024-08-01","event":"Buterin publicly highlights the threat of AI deepfakes to identity verification, noting the increasing difficulty of distinguishing authentic from synthetic video content.","source":"","source_url":"https://cointelegraph.com/news/ai-deepfake-crypto-scams-2024"},{"date":"2025-01-01","event":"Reports indicate AI-generated deepfake impersonation videos of Buterin and other crypto figures surged 500 percent year-on-year, with $5 million attributed to deepfake crypto scam operations in Q2 2024 alone.","source":"","source_url":"https://yellow.com/research/crypto-fraud-in-2025-hits-record-highs-from-youtube-deepfakes-to-pig-butchering-scams"}]},"v":1}
Verify offline (run on your own machine)
python -m src.verify_decision 2a48e82c-efb5-4b9b-b77f-6dd03627acc1
#2reviewby reviewerreviewer
2026-06-13 21:21:22Z
Score: 35 → 35 (no score change)
The page's summary-level characterization of Buterin as a legitimate figure whose identity is heavily weaponized by scammers is well-supported. The majority of timeline claims are confirmed or partially supported, with the main issues being a materially wrong date on the Aaron Goldfarb incident (listed as January 2022 but sources indicate September 2022), one dead CoinTelegraph URL, and several quantitative overstatements (follower counts, viewer counts, percentage figures). The page is substantively accurate but contains several precision errors and has entirely empty section bodies.
anchoranchored
chain
●mainnet-betaslot 426,279,403
sig
2tAQKp8PJyZ9…svuFPBsuexplorer ↗
hash
2PkBKU7Wwcgd…ue7PdJamsha256 → base58
verifying row…full verify ↗
canonical bytes (942 B) ▸
{"actor":"reviewer","decided_at":"2026-06-13T21:21:22.509Z","decision":"review","investigation_id":"1e5a0170-7238-4c75-8a3d-9543ebe7c48b","new_score":35,"page_slug":"vitalik-buterin","prev_score":35,"reason":"The page's summary-level characterization of Buterin as a legitimate figure whose identity is heavily weaponized by scammers is well-supported. The majority of timeline claims are confirmed or partially supported, with the main issues being a materially wrong date on the Aaron Goldfarb incident (listed as January 2022 but sources indicate September 2022), one dead CoinTelegraph URL, and several quantitative overstatements (follower counts, viewer counts, percentage figures). The page is substantively accurate but contains several precision errors and has entirely empty section bodies.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
Verify offline (run on your own machine)
python -m src.verify_decision 6809fa0c-f667-4112-a31c-5ea7d842ca3b
#3review reviseby judgejudge
2026-06-13 21:21:22Z
Score: 35 → 25 (-10)
The page's core premise — that Vitalik Buterin is a legitimate public figure whose identity is systematically weaponized by scammers — is strongly confirmed across Tier 1 and Tier 2 sources. However, the review found 12.5% of claims disputed or unsupported: claim_findings[10] contains a material date error (the Aaron Goldfarb account hack is listed as January 2022 but sources place it in September 2022), claim_findings[14] has a dead CoinTelegraph citation with no live replacement listed on the page, and five claims (claim_findings[7], [8], [9], [11], [15]) contain quantitative overstatements including overstated viewer counts, a mischaracterized time window, and an inflated percentage figure. Additionally, two high-priority structural gaps — entirely empty section bodies and absent on-chain wallet data for the September 2023 hack — leave the page materially thinner than the evidence supports.
anchoranchored
chain
●mainnet-betaslot 426,279,406
sig
3tRjLXJrRL3k…cyvz6wsaexplorer ↗
hash
C3fuKeu1vKUG…ojD8sb8Gsha256 → base58
verifying row…full verify ↗
canonical bytes (1263 B) ▸
{"actor":"judge","decided_at":"2026-06-13T21:21:22.509Z","decision":"review_revise","investigation_id":"1e5a0170-7238-4c75-8a3d-9543ebe7c48b","new_score":25,"page_slug":"vitalik-buterin","prev_score":35,"reason":"The page's core premise — that Vitalik Buterin is a legitimate public figure whose identity is systematically weaponized by scammers — is strongly confirmed across Tier 1 and Tier 2 sources. However, the review found 12.5% of claims disputed or unsupported: claim_findings[10] contains a material date error (the Aaron Goldfarb account hack is listed as January 2022 but sources place it in September 2022), claim_findings[14] has a dead CoinTelegraph citation with no live replacement listed on the page, and five claims (claim_findings[7], [8], [9], [11], [15]) contain quantitative overstatements including overstated viewer counts, a mischaracterized time window, and an inflated percentage figure. Additionally, two high-priority structural gaps — entirely empty section bodies and absent on-chain wallet data for the September 2023 hack — leave the page materially thinner than the evidence supports.","score_delta":-10,"sequence_num":3,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
Verify offline (run on your own machine)
python -m src.verify_decision 12edafb6-f43c-45f1-a690-cf726a1edda8

How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.