Skip to main content
Sign in
Zoth ZeUSD1 decision on this page

Audit log

Every state-changing event for Zoth ZeUSD: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-28 01:44:30Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,622,628
    sig
    EEanqWgoK7HK…934M1qxnexplorer ↗
    hash
    7uRpHj1puSsZ…E14FHurCsha256 → base58
    verifying row…full verify ↗
    canonical bytes (6566 B) ▸
    {"actor":"system:backfill","investigation_id":"ca5cb647-6571-4b13-9d37-f1bd35a95dae","kind":"publish","page_slug":"zoth-zeusd","published_at":"2026-05-28T01:44:30.125Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Zoth ZeUSD","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://decrypt.co/311077/ethereum-defi-platform-zoth-hit-by-8-85-million-hack","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/zoth-rekt","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-zoth-hack-march-2025","type":"other","url":""},{"credibility":3,"name":"https://lazarus.day/incidents/zoth","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.verichains.io/p/anatomy-of-a-hack-how-a-simple-logic","type":"other","url":""},{"credibility":3,"name":"https://research.blockscope.co/zoth-vault-breach","type":"other","url":""},{"credibility":3,"name":"https://protos.com/rwa-platform-zoth-suffers-second-hack-this-month-loses-8-4m/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://research.blockscope.co/zoth-vault-breach","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-zoth-hack-march-2025","type":"other","url":""},{"credibility":3,"name":"https://blog.solidityscan.com/zoth-hack-analysis-80ba3ac5076b","type":"other","url":""},{"credibility":3,"name":"https://cryptonews.com/news/rwa-restaking-protocol-zoth-suffers-security-breach/","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/zoth-exploit-admin-leak-causes-8m-losses","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.prnewswire.com/news-releases/zoths-next-chapter-advancing-secure-scalable-rwa-infrastructure-302450470.html","type":"other","url":""},{"credibility":3,"name":"https://cryptotvplus.com/2025/03/rwa-restaking-protocol-zoth-offers-500k-bounty-after-8-4m-hack/","type":"other","url":""},{"credibility":3,"name":"https://bitcoinethereumnews.com/blockchain/zoth-engages-crystal-blockchain-bv-for-asset-recovery-post-theft-coincu/","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@zoth.io/zoth-secures-15m-strategic-commitment-from-bolts-capital-to-power-the-future-of-real-world-assets-262ba4577404","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/zoth","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.rootdata.com/Projects/detail/Zoth?k=MTEzMDM%3D","type":"other","url":""},{"credibility":3,"name":"https://www.finsmes.com/2024/04/zoth-raises-2-5m-in-funding.html","type":"other","url":""},{"credibility":3,"name":"https://cryptobriefing.com/zoth-4m-funding-strategy/","type":"other","url":""},{"credibility":3,"name":"https://hacken.io/audits/zoth/sca-zoth-zeusd-contracts-dec2024/","type":"other","url":""},{"credibility":3,"name":"https://www.cryptonite.ae/global/zoth-protocol-hack-8-85m-uae-defi-2025","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-zoth-hack-march-2025","type":"other","url":""},{"credibility":3,"name":"https://blog.solidityscan.com/zoth-hack-analysis-80ba3ac5076b","type":"other","url":""},{"credibility":3,"name":"https://blog.verichains.io/p/anatomy-of-a-hack-how-a-simple-logic","type":"other","url":""},{"credibility":3,"name":"https://research.blockscope.co/zoth-vault-breach","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://research.blockscope.co/zoth-vault-breach","type":"other","url":""},{"credibility":3,"name":"https://lazarus.day/incidents/zoth","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/zoth-rekt","type":"other","url":""}]}],"sources_used":[],"summary":"Zoth is a Dubai-based real-world asset (RWA) restaking protocol and the issuer of ZeUSD, a CDP-style stablecoin backed by tokenized fixed-income assets including U.S. T-Bills and ETFs. In March 2025, the protocol suffered two separate security incidents within three weeks: a $285,000 logic-flaw exploit on March 1 and a critical $8.4–8.85 million admin key compromise on March 21, the latter resulting in the theft of 8.85 million USD0++ tokens. The stolen funds remain largely unrecovered as of mid-2025, with Zoth offering a $500,000 bounty and engaging Crystal Blockchain BV for forensic investigation.","timeline":[{"date":"2023-01-01","event":"Zoth protocol founded in Dubai by Pritam Dutta and Koushik Bhargav","source":""},{"date":"2024-04-10","event":"Zoth raises $2.5M seed round led by Borderless Capital and others including Wormhole and SingularityDAO","source":""},{"date":"2024-08-06","event":"Zoth raises $4M strategic funding round with Ripple among backers","source":""},{"date":"2024-09-18","event":"Zoth Atlas introduces ZeUSD as a permissionless fixed-income RWA gateway","source":""},{"date":"2024-12-01","event":"Hacken publishes smart contract audit of Zoth ZeUSD contracts","source":""},{"date":"2025-01-27","event":"Zoth announces first-ever RWA restaking layer with ZeUSD pre-deposit campaign","source":""},{"date":"2025-02-01","event":"ZeUSD enters beta phase, reaching over $27M TVL within six weeks","source":""},{"date":"2025-03-01","event":"ZeUSD opens to public; first exploit occurs on the same day — $285,000 stolen via LTV logic flaw in mintWithStable() function exploiting Uniswap V3 price manipulation","source":""},{"date":"2025-03-21","event":"Second exploit: attacker compromises Zoth deployer wallet (0x3604582f...218dca), upgrades USD0PPSubVaultUpgradeable proxy to malicious contract, drains 8,851,750 USD0++ tokens (~$8.4–8.85M). Funds converted to DAI then ETH across five wallets","source":""},{"date":"2025-03-22","event":"Zoth freezes 73% of TVL, engages Crystal Blockchain BV for investigation, and offers $500,000 recovery bounty (10% of recovered funds)","source":""},{"date":"2025-04-13","event":"Whitestream threat intelligence report tags the March 21 exploit with a Lazarus Group attribution indicator (via lazarus.day)","source":""},{"date":"2025-08-01","event":"Zoth secures $15M strategic token commitment from Bolts Capital to fund protocol recovery and ZeUSD relaunch","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 944f87c4-7274-4323-92ba-c83aaf6ba9da
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.