Audit log

Every state-changing event for WOOFi Swap: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-27 17:32:35Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 422,548,221

   sig

   5Ezhxx85KBnn…nQYSauV8copyexplorer ↗

   hash

   BXyjCjKjmmHJ…pH69mmw1copysha256 → base58

   verifying row…full verify ↗

   canonical bytes (6928 B) ▸

   {"actor":"system:backfill","investigation_id":"46bfb3dc-55cc-45bc-bf09-e50e01922e73","kind":"publish","page_slug":"woofi-swap","published_at":"2026-05-27T17:32:35.147Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"WOOFi Swap","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.kraken.com/learn/what-is-woo-network","type":"other","url":""},{"credibility":3,"name":"https://www.blockchain-council.org/blockchain/woo-network/","type":"other","url":""},{"credibility":3,"name":"https://learn.woo.org/woofi-the-all-in-one-defi-app","type":"other","url":""},{"credibility":3,"name":"https://woox.io/en/blog/new-names-new-logos-how-woo-network-is-changing-markets-as-we-know-them","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://woox.io/en/blog/woofi-spmm-exploit-post-mortem","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/280759/woofi-offers-bounty-after-8-75-million-exploit-on-arbitrum","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-woofi-hack-march-2024","type":"other","url":""},{"credibility":3,"name":"https://www.cyfrin.io/blog/hack-analysis-into-woofi-exploit","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/woo-rekt","type":"other","url":""},{"credibility":3,"name":"https://blog.cube3.ai/2024/03/07/8-million-dollar-crypto-hack-woofi-exploit-postmortem-report-by-silur/","type":"other","url":""},{"credibility":3,"name":"https://olympixai.medium.com/unpacking-the-woofi-swap-exploit-ae6f172fe736","type":"other","url":""},{"credibility":3,"name":"https://cryptoslate.com/woofi-offers-10-bounty-in-race-to-recover-8-million-stolen-in-flash-loan-exploit/","type":"other","url":""},{"credibility":3,"name":"https://www.ibtimes.com/woofi-exploiter-moves-over-700k-eth-after-defi-platform-offers-bounty-3726711","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://learn.woo.org/woofi-docs/woofi-dev-docs/references/audits-and-bounties","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/woo-rekt","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-woofi-hack-march-2024","type":"other","url":""},{"credibility":3,"name":"https://immunefi.com/bug-bounty/woofi/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.ainvest.com/news/woo-pauses-withdrawals-14m-cybersecurity-breach-promises-reimbursement-2507/","type":"other","url":""},{"credibility":3,"name":"https://woox.io/blog/july-24th-security-incident-post-mortem","type":"other","url":""},{"credibility":3,"name":"https://cryptonews.com/news/crypto-exchange-woo-x-loses-14m-after-team-member-falls-for-phishing-attack/","type":"other","url":""},{"credibility":3,"name":"https://coincentral.com/woo-x-users-hit-by-14-million-crypto-exchange-hack/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://en.wikipedia.org/wiki/Three_Arrows_Capital","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/business/2022/10/17/sec-cftc-probing-bankrupt-crypto-hedge-fund-three-arrows-capital-report","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.pcrisk.com/removal-guides/31499-woofi-wallet-connection-scam","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://woox.io/en/blog/woofi-spmm-exploit-post-mortem","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-woofi-hack-march-2024","type":"other","url":""},{"credibility":3,"name":"https://www.globenewswire.com/news-release/2025/10/15/3167430/0/en/Web-3-Private-Equity-Fund-FusionX-Digital-to-become-the-new-operator-of-WOO-X-plans-to-scale-centralized-exchange-while-growing-token-utility.html","type":"other","url":""}]}],"sources_used":[],"summary":"WOOFi Swap is a decentralized exchange (DEX) built by WOO Network, operating on 12+ blockchain networks including Arbitrum, Avalanche, and Optimism, and using a proprietary synthetic Proactive Market Maker (sPMM) algorithm. On March 5, 2024, the protocol suffered a critical oracle manipulation exploit on Arbitrum in which an attacker used flash loans to manipulate WOO token pricing to near zero, stealing approximately $8.75 million; funds were not recovered. The parent platform WOO X also suffered a separate $14 million phishing-linked breach in July 2025 attributed to North Korean state-sponsored threat actors, compounding the ecosystem's security record.","timeline":[{"date":"2019-01-01","event":"WOO Network (originally Wootrade) founded by Jack Tan and Mark Pimentel, co-founders of Kronos Research.","source":""},{"date":"2021-01-01","event":"WOOFi Swap launches as the DeFi product arm of WOO Network, operating with the sPMM algorithm. No security incidents reported for approximately three years.","source":""},{"date":"2022-08-01","event":"PeckShield completes second audit of WOOFi Supercharger vault, reporting no critical or high-severity issues.","source":""},{"date":"2022-06-27","event":"Three Arrows Capital (3AC), an early investor in WOO Network's Series A, is ordered into liquidation by a British Virgin Islands court after failing to meet margin calls.","source":""},{"date":"2024-03-05","event":"WOOFi Swap on Arbitrum is exploited via flash loan oracle manipulation. Attacker (0x9961190b...) manipulates WOO price to $0.00000009, draining approximately $8.75 million across three attack cycles in 13 minutes. Pools paused by 16:02 UTC.","source":""},{"date":"2024-03-06","event":"WOOFi offers 10% white-hat bounty to the attacker and posts an information bounty on Arkham Intelligence. Official post-mortem published.","source":""},{"date":"2024-03-07","event":"PeckShield reports that an address labeled 'Hack, WOOFi Exploiter' moved 199.52 ETH (~$713,000) to a new address; connection to bounty offer unclear.","source":""},{"date":"2024-03-19","event":"WOOFi Swap v2 contracts resume operation after approximately two weeks of downtime. Zellic completes post-remediation audit of sPMM, oracle, and router contracts.","source":""},{"date":"2025-07-24","event":"WOO X centralized exchange suffers $14 million breach. A developer downloads a malicious file via social engineering, installing a Lazarus Group (UNC4899) backdoor. Nine user accounts drained. Withdrawals halted. All affected users fully compensated from treasury.","source":""},{"date":"2025-10-15","event":"FusionX Digital announced as new operator of WOO X, signaling governance transition for the centralized exchange.","source":""}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision b1baf668-2d2d-4bbd-96c0-c23758899e2ecopy