Audit log

Every state-changing event for Zunami Protocol: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-27 18:53:40Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 422,560,446

   sig

   2d7Lt6znDbrx…Vc9TEGiycopyexplorer ↗

   hash

   HWnMRzo82LLD…DJhuPMDkcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (7173 B) ▸

   {"actor":"system:backfill","investigation_id":"189de4b9-b6ff-4bfa-a98b-f5b074d364a4","kind":"publish","page_slug":"zunami-protocol","published_at":"2026-05-27T18:53:40.484Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Zunami Protocol","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://decrypt.co/152366/zunami-protocol-curve-finance-hack","type":"other","url":""},{"credibility":3,"name":"https://hashex.org/audits/zunami-protocol/","type":"other","url":""},{"credibility":3,"name":"https://ackeeblockchain.com/blog/ackee-blockchain-audited-zunami-protocol/","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/zunami-protocol","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/zunami-protocol-rekt2","type":"other","url":""},{"credibility":3,"name":"https://medium.com/neptune-mutual/how-was-the-zunami-protocol-exploited-ea69a7a6a665","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cointelegraph.com/news/zunami-protocol-confirms-stablecoin-pools-attacked-in-exploit","type":"other","url":""},{"credibility":3,"name":"https://decrypt.co/152366/zunami-protocol-curve-finance-hack","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/3iea5hcDLs77TkOMQvoaSK-zunami-protocol-incident-analysis","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-zunami-protocol-hack-august-2023","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/zunami-protocol-rekt","type":"other","url":""},{"credibility":3,"name":"https://neptunemutual.com/blog/how-was-the-zunami-protocol-exploited/","type":"other","url":""},{"credibility":3,"name":"https://ackee.xyz/blog/zunami-hack-post-mortem/","type":"other","url":""},{"credibility":3,"name":"https://immunebytes.com/blog/zunami-protocol-hack-aug-13-2023-detailed-analysis-report/","type":"other","url":""},{"credibility":3,"name":"https://cryptopotato.com/zunami-protocol-exploited-for-over-2-million-native-stablecoin-uzd-plunges-99/","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/hackers-stole-zunami-protocol/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/zunami-protocol-rekt2","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/zunami-protocol","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/neptune-mutual/how-was-the-zunami-protocol-exploited-ea69a7a6a665","type":"other","url":""},{"credibility":3,"name":"https://neptunemutual.com/blog/how-was-the-zunami-protocol-exploited/","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/zunami-protocol-rekt","type":"other","url":""},{"credibility":3,"name":"https://hashex.org/audits/zunami-protocol/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/zunami-protocol-rekt","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/zunami-protocol-rekt2","type":"other","url":""},{"credibility":3,"name":"https://cryptopotato.com/zunami-protocol-exploited-for-over-2-million-native-stablecoin-uzd-plunges-99/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://hashex.org/audits/zunami-protocol/","type":"other","url":""},{"credibility":3,"name":"https://hashex.org/audits/zunami-protocol-uzd/","type":"other","url":""},{"credibility":3,"name":"https://ackeeblockchain.com/blog/ackee-blockchain-audited-zunami-protocol/","type":"other","url":""},{"credibility":3,"name":"https://ackeeblockchain.com/blog/zunami-uzd-audit-summary/","type":"other","url":""},{"credibility":3,"name":"https://oxor-io.github.io/public_audits/Zunami/Zunami%20Protocol%20v2%20Reaudit%202%20Report.pdf","type":"other","url":""},{"credibility":3,"name":"https://zunamilab.gitbook.io/product-docs/risks-and-security/audits","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/zunami-protocol-rekt2","type":"other","url":""},{"credibility":3,"name":"https://www.linkedin.com/company/zunami-protocol","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/zunami-protocol","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/zunami-protocol-rekt2","type":"other","url":""}]}],"sources_used":[],"summary":"Zunami Protocol is an Ethereum-based DeFi yield aggregator and stablecoin issuer (UZD, zETH) that suffered at least four separate security incidents between January 2023 and May 2025, losing a combined estimated $2.86 million or more in user funds. The protocol is notable for ignoring a prior warning from SlowMist before its largest smart contract exploit, and for a May 2025 incident in which an admin key compromise allegedly drained $500,000, with the team subsequently going silent for weeks and development activity having ceased months prior.","timeline":[{"date":"2023-01-26","event":"Zunami Protocol's fund transfer is sandwich-attacked in the mempool; approximately $49,000 is lost.","source":""},{"date":"2023-02","event":"A series of 13 flash loan transactions exploit price gaps between Zunami liquidity pools; combined losses from January and February 2023 incidents totals approximately $260,000 per Zunami's own disclosure.","source":""},{"date":"2023-06","event":"SlowMist privately notifies Zunami Protocol of the price manipulation vulnerability that would later be exploited; team response is described as 'unpleasant' and no fix is applied.","source":""},{"date":"2023-08-13","event":"Zunami Protocol is exploited via a flash loan price manipulation attack targeting the MIMCurveStakeDao strategy; approximately $2.1 million (1,184 ETH) is drained from zETH and UZD pools on Curve Finance. UZD falls over 99% and zETH falls over 88%.","source":""},{"date":"2023-08-14","event":"Zunami confirms the exploit on social media; stolen funds are laundered via Tornado Cash. PeckShield, CertiK, Halborn, and Ackee Blockchain publish post-mortem analyses.","source":""},{"date":"2023-09","event":"Zunami Protocol completes an angel funding round and announces development of a V2 update.","source":""},{"date":"2025-05-14","event":"An admin key compromise results in the theft of approximately $500,000 in zunUSD and zunETH collateral. An admin role is granted 7 minutes before 296,456 LP tokens are transferred to an attacker wallet. Funds are laundered via Tornado Cash.","source":""},{"date":"2025-05","event":"Zunami team CEO and CTO make public statements; CTO alleges Russian police involvement and possible laptop cloning. Team subsequently goes silent for approximately three weeks. GitHub shows no commits for at least three months prior.","source":""}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 23c82c86-2aff-4d4f-b9c9-748ea68c0745copy