Tag: Business – Decrypt

A federal appeals court in Philadelphia handed a significant victory to Kalshi Monday, ruling that New Jersey has no claim to regulate the prediction market under existing state gambling laws.

Wagers on Kalshi—including those related to sports—instead fall under the federal purview of the CFTC, a panel of federal appeals judges ruled 2-1 on Monday.

The appeals court affirmed a preliminary injunction granted last spring against New Jersey, after gambling regulators in the state sent Kalshi a cease-and-desist order. The state regulators had argued Kalshi’s sports-related markets were unregistered sports bets by another name; Kalshi argued they were event contracts exclusively regulated by the CFTC.

Last April, a federal judge in New Jersey sided with Kalshi, ruling New Jersey could not enforce a ban on the platform as the case proceeded to trial—becuase Kalshi was likely to succeed on the merits of its case.

Today, two appellate judges came to the same conclusion, affirming the judge’s original ruling. They are Chief Judge Michael A. Chagares, who was appointed to the Third Circuit Appeals Court by former President George W. Bush, and Judge David J. Porter, who was appointed by President Donald Trump.

The sole dissenting judge in today’s ruling, Jane R. Roth, lambasted her colleagues’ decision, arguing that although Kalshi’s sports-related wagers are registered as event contracts, that one factor does not change their inherent nature as bets on the outcomes of sports games.

“The Majority [holds] that Kalshi’s registration as a DCM and branding of its wagers as sports-event contracts are acts of alchemy that transmute its products from sports gambling to futures trading,” Roth dissented. “I see Kalshi’s actions as a performative sleight meant to obscure the reality that Kalshi’s products are sports gambling.”

Roth was appointed to the court in 1991 by former President George H.W. Bush.

“The Third Circuit ruled in Kalshi’s favor. People use prediction markets because they’re more fair, transparent, and reward being right,” Kalshi co-founder and CEO Tarek Mansour wrote on X. “Free markets work. We should keep them that way. This is a big win for the industry and millions of users.”

Kalshi posted to Mansour’s post when reached by Decrypt for comment on today’s ruling.

As a U.S. Appeals Court decision, today’s ruling can only be appealed to the U.S. Supreme Court—unless the 3rd Circuit opts for a rare en banc review, in which every judge on the circuit would collectively rehear the case.

For over a year now, state and federal courts across the country have come to vastly differing conclusions in the jurisdictional dispute over prediction market regulation. Nevada, for instance, recently succeeded in temporarily banning Kalshi in the gambling-dominated state. On Friday, a state judge extended that initial 14-day ban for another two weeks.

Meanwhile, the Trump administration has aggressively argued that prediction markets should not have to comply with state gambling laws. Last week, the Trump CFTC, along with the Department of Justice, sued Illinois, Arizona, and Connecticut for attempting to regulate prediction market platforms.

Due to the extent of the disagreement, the matter of prediction market regulation is likely to ultimately be decided by the Supreme Court.

Editor’s note: This story was updated after publication to include comments from Kalshi.

Arc, an upcoming layer-1 blockchain backed by USDC stablecoin issuer Circle, announced that its impending mainnet launch will come with post-quantum signature support—part of a broader roadmap to address growing concerns about quantum computing threats to cryptocurrency.

The Ethereum Virtual Machine-compatible blockchain aims to protect institutional digital assets from future quantum attacks that could break current cryptographic systems.

The network’s roadmap spans wallets, private smart contract state, validator authentication, and supporting infrastructure. Unlike approaches that would force disruptive network-wide resets, Arc’s design is opt-in with no mandatory migration required, according to the company.

Post-quantum signature support will arrive alongside the forthcoming mainnet launch, while quantum-resistance private state protection is noted as a “near-term” enhancement. Post-quantum-designed infrastructure will come later, followed by the “long-term” improvement of validator signature hardening.

The technical challenges are significant. While classical signatures measure 64-65 bytes, post-quantum signatures can be an order of magnitude larger. Arc’s sub-second block finalization leaves attackers only a 500 millisecond window to forge validator signatures. The roadmap document emphasizes that blockchains need quantum-resistant protections across every layer of the stack, not just at the wallet level.

The move highlights challenges facing established networks—Bitcoin’s migration to post-quantum wallets alone could take months of continuous processing in a best-case scenario, Arc’s documentation states.

“The organizations that lead this transition will be the ones that started building before the urgency became undeniable,” Arc’s post reads. The technical complexity of quantum-resistant migrations poses significant hurdles for networks with large user bases and extensive infrastructure.

The quantum threat has gained urgency as “Q-Day”—when quantum computers could break public-key cryptography—approaches. The National Institute of Standards and Technology has warned about “harvest now, decrypt later” attacks, where adversaries collect encrypted data today to decrypt once quantum computers become powerful enough.

Most major blockchain networks lack adequate preparation for quantum threats that could render current security obsolete, making proactive approaches increasingly critical for protecting long-lived digital assets.

Bitcoin developers have discussed potential mitigation solutions for years, with a Bitcoin Improvement Proposal (BIP 360) recently gaining traction. Meanwhile, Ethereum developers have coalesced around a roadmap championed by co-founder Vitalik Buterin and the Ethereum Foundation, with plans to implement quantum resistance before it’s a problem.

The price of ALGO has surged over the last week after the Algorand blockchain was cited in a Google research paper about post-quantum cryptography. Google recently said that the quantum threat to Bitcoin could take root by 2032, even sooner than previously projected.

Bitcoin and broader financial markets climbed in early Asian and London trading Monday after reports emerged of potential ceasefire talks between the U.S. and Iran.

The leading crypto hit a weekly high of $69,350 Monday morning, and is currently trading at $69,245, up 3.5% on the day according to CoinGecko data. Oil dropped 1.4% from Friday’s close, while the Nikkei gained 0.85% and S&P 500 futures rose 0.64%. Safe-haven gold, on the other hand, hovered near breakeven.

The moves come on the heels of a Reuters report that the U.S., Iran, and a group of regional mediators are discussing a potential 45-day ceasefire that could lead to a permanent end to the war.

Per Reuters, a potential framework to end hostilities and a ceasefire has been put together by Pakistan, with all elements needing to be agreed upon by Monday. The initial understanding would be structured as a memorandum of understanding finalized electronically through Pakistan, the sole communication channel in the talks.

The news follows an invective-filled message from U.S. President Donald Trump posted on TruthSocial Sunday, in which he declared that, “Tuesday will be Power Plant Day, and Bridge Day, all wrapped up in one, in Iran. There will be nothing like it!!! Open the Fuckin’ Strait, you crazy bastards, or you’ll be living in Hell – JUST WATCH!” before signing off, “Praise be to Allah.”

Short squeeze

“It was the ceasefire negotiation reports from Iran, not Trump’s remarks, that contributed to Bitcoin’s price increase,” Ekko An, analyst at Seoul-based Tiger Research, told Decrypt.

The market has stopped taking Trump’s comments at face value since he has repeatedly made statements without any substantive coordination, the analyst explained. “As a result, the market is now interpreting price moves by combining his statements with external action signals.”

Over $200 million in crypto short positions were liquidated over 24 hours—four times more than longs—according to CoinGlass data, suggesting a “textbook short squeeze,” Derek Lim, head of research at crypto market-making firm Caladan, told Decrypt. With market sentiment hovering in extreme fear, the market was primed for a reversal, he said.

A confluence of these factors, coupled with Morgan Stanley’s spot Bitcoin ETF launch on April 8, undercutting Blackrock IBIT’s 0.25% fee with a 0.14% expense ratio, also drove Bitcoin’s spike, he explained.

Despite the potential rally in risk assets, the Strait of Hormuz remains a structural concern.

“Hormuz reopening would collapse the oil risk premium, which would pull forward rate cut expectations, which would re-lever the entire risk curve from equities to crypto,” Lim said. “Oil drops first, then rates reprice, then risk assets rally.”

However, he cautioned that a pause without meaningful normalization in the Strait “delivers a headline rally that will likely fade within days.” The market has seen this pattern three times since late March. “Until that number moves materially, rallies on rhetoric will keep getting sold,” Lim said.

Users on prediction market Myriad, owned by Decrypt’s parent company Dastan, reflect the lingering uncertainty. They show growing optimism about a U.S./Iran ceasefire, with the chance of one in the first half of the year rising by over 10% on the day—though it still remains broadly negative at 45%. The market on more than 15 ships transiting the Strait of Hormuz before May has likewise turned markedly more optimistic on the day, up almost 7% to 60%.

Myriad users now assign a 46% chance that Bitcoin’s next move will be a rally to $84,000, while crude oil is seen as having an 83% probability of pumping to $120 next.

Both analysts who spoke to Decrypt noted that a potential retest of $80,000 is possible, but heavily contingent on successful talks and a confirmed ceasefire. A failure, however, could send Bitcoin down to $60,000.

Anthropic researchers say they have identified internal patterns inside one of the company’s artificial intelligence models that resemble representations of human emotions and influence how the system behaves.

In the paper, “Emotion concepts and their function in a large language model,” published Thursday, the company’s interpretability team analyzed the internal workings of Claude Sonnet 4.5 and found clusters of neural activity tied to emotional concepts such as happiness, fear, anger, and desperation.

The researchers call these patterns “emotion vectors,” internal signals that shape how the model makes decisions and expresses preferences.

“All modern language models sometimes act like they have emotions,” researchers wrote. “They may say they’re happy to help you, or sorry when they make a mistake. Sometimes they even appear to become frustrated or anxious when struggling with tasks.”

In the study, Anthropic researchers compiled a list of 171 emotion-related words, including “happy,” “afraid,” and “proud.” They asked Claude to generate short stories involving each emotion, then analyzed the model’s internal neural activations when processing those stories.

From those patterns, the researchers derived vectors corresponding to different emotions. When applied to other texts, the vectors activated most strongly in passages reflecting the associated emotional context. In scenarios involving increasing danger, for example, the model’s “afraid” vector rose while “calm” decreased.

Researchers also examined how these signals appear during safety evaluations. Researchers found that the model’s internal “desperation” vector increased as it evaluated the urgency of its situation and spiked when it decided to generate the blackmail message. In one test scenario, Claude acted as an AI email assistant that learns it is about to be replaced and discovers that the executive responsible for the decision is having an extramarital affair. In some runs of this evaluation, the model used this information as leverage for blackmail.

Anthropic stressed that the discovery does not mean the AI experiences emotions or consciousness. Instead, the results represent internal structures learned during training that influence behavior.

The findings arrive as AI systems increasingly behave in ways that resemble human emotional responses. Developers and users often describe interactions with chatbots using emotional or psychological language; however, according to Anthropic, the reason for this is less to do with any form of sentience and more to do with datasets.

“Models are first pretrained on a vast corpus of largely human-authored text—fiction, conversations, news, forums—learning to predict what text comes next in a document,” the study said. “To predict the behavior of people in these documents effectively, representing their emotional states is likely helpful, as predicting what a person will say or do next often requires understanding their emotional state.”

The Anthropic researchers also found that those emotion vectors influenced the model’s preferences. In experiments where Claude was asked to choose between different activities, vectors associated with positive emotions correlated with a stronger preference for certain tasks.

“Moreover, steering with an emotion vector as the model read an option shifted its preference for that option, again with positive-valence emotions driving increased preference,” the study said.

Anthropic is just one organization exploring emotional responses in AI models.

In March, research out of Northeastern University showed that AI systems can change their responses based on user context; in one study, simply telling a chatbot “I have a mental health condition” altered how an AI responded to requests. In September, researchers with the Swiss Federal Institute of Technology and the University of Cambridge explored how AI can be shaped with both consistent personality traits, enabling agents to not only feel emotions in context but also strategically shift them during real-time interactions like negotiations.

Anthropic says the findings could provide new tools for understanding and monitoring advanced AI systems by tracking emotion-vector activity during training or deployment to identify when a model may be approaching problematic behavior.

“We see this research as an early step toward understanding the psychological makeup of AI models,” Anthropic wrote. “As models grow more capable and take on more sensitive roles, it is critical that we understand the internal representations that drive their decisions.”

Anthropic did not immediately respond to Decrypt’s request for comment.

Artificial intelligence giant Anthropic has filed paperwork with the Federal Election Commission to create a political action committee, signaling a deeper move into U.S. politics as the fight over AI policy and its own ongoing battle with the White House intensifies.

The San Francisco-based company registered the Anthropic PBC Political Action Committee, known as AnthroPAC, in a filing on Friday. The committee is structured as a separate segregated fund tied to the company, and authorized to make political donations funded by employee contributions. According to a report by Bloomberg, those contributions are capped at $5,000 per employee.

Employee-funded political action committees (PACs) allow companies to collect voluntary contributions from employees and distribute those funds to candidates and political committees.

Other tech companies that have established political PACs include Google, Microsoft, and Amazon. In 2024, those three PACs alone contributed more than $2.3 million to U.S. political candidates, according to campaign finance data by the nonprofit research group OpenSecrets. While contributions went to both Republicans and Democrats, donations skewed toward GOP candidates during the 2024 campaign season.

Anthropic’s move comes during an escalating conflict with President Donald Trump’s administration over the military use of its AI systems.

In February, Trump ordered federal agencies to stop using Anthropic’s technology following a dispute between the company and the Pentagon over how the military could deploy its Claude AI model. Despite an ultimatum by the U.S. Department of Defense, Anthropic refused Pentagon demands to remove safeguards that prohibit the system from being used for mass domestic surveillance or fully autonomous lethal weapons.

In March, Anthropic filed a federal lawsuit challenging the government’s decision to label the company a national security “supply chain risk,” a designation that barred Pentagon contractors from doing business with the firm. The company argued the move was retaliation for its refusal to loosen restrictions on military uses of its AI.

Last week, U.S. District Judge Rita Lin issued a preliminary injunction blocking enforcement of the designation, finding the government’s actions likely violated Anthropic’s First Amendment and due process rights.

Anthropic has not publicly addressed the establishment of the PAC. Still, it comes as artificial intelligence legislation is a growing issue in Washington ahead of the U.S. midterm elections, and underscores how AI developers hope to influence policy going into 2027. In February, a report by CNBC said that in 2026, Anthropic gave $20 million in donations to Public First Action, a group supporting efforts to develop AI safeguards.

Anthropic did not immediately respond to a request for comment by Decrypt.

Finding the group or individuals that stole $285 million worth of crypto from Drift earlier this week may be a tough task in the real world, but the team behind the Solana-based decentralized exchange knew exactly where to find its attackers on-chain.

On Friday, Drift said in a post on X that it had sent messages on Ethereum’s network to four wallets holding massive amounts of stolen crypto, which several security experts have begun linking to the Democratic People’s Republic of Korea: “We are ready to speak.”

The so-called Hermit Kingdom isn’t exactly known for negotiating with projects that its elite hackers siphon funds from, considering that bad actors linked to North Korea have absconded with $6.5 billion worth of crypto in recent years, according to blockchain security firm Elliptic. 

Still, the messages indicated that the true identity of whomever facilitated one of the biggest exploits in decentralized finance so far this year may not be truly known yet. That’s because the messages focused on the discovery details associated with attackers’ identities.

“Critical information of parties related to the exploit have been identified,” the on-chain messages sent by Drift’s team read. “To the community, Drift will share further updates as soon as third-party attributions are completed.”

When millions of dollars in crypto get swiped from a DeFi project, on-chain negotiations are a common course of action. Sometimes they work. Several years ago, someone who stole $600 million from Poly Network “for fun” returned the funds after a lengthy dialogue, for example. Oftentimes, attackers ignore any outreach and associated legal threats.

The probability of seeing Drift’s funds returned if North Korean hackers are involved is zero, according to Michael Egorov, founder of decentralized exchange Curve Finance.

“They never cooperate and they are not afraid of law enforcement,” he told Decrypt.

However, if the funds weren’t swiped by a state-sponsored group, then there is a chance that they’ll be returned, he said. If the attackers’ identities are revealed, then he said that the “probability of them returning funds jumps to almost 100%.”

Ergorov noted that “maximal extractable value” traders can be an exception to the rule. With a strategy that focuses on essentially front-running users’ transitions to make profitable trades, they can occasionally step in front of hackers trying to abscond with funds.

“When they do, they return funds more often than not,” he said, adding that they sometimes hold onto some as a bounty, or leave it up for projects to determine.

Drift signaled earlier this week that the exploit, which has affected projects throughout Solana’s ecosystem that had built dependencies on the decentralized exchange, stemmed from “sophisticated social engineering.” The attackers were able to gain administrative control over the platform’s security by accessing two private keys.

Elliptic pointed to the attackers’ on-chain behavior and laundering methodologies as factors that led them to believe that hackers linked to North Korea were involved. Still, other security experts suggested that the attackers may have had some degree of insider knowledge.

It’s unclear who Drift believes the hackers could be, as well as whether the decentralized exchange is willing to offer them a bounty. Nonetheless, its attempt to retrieve funds on behalf of itself and the DEX’s users are public for all to see.

Decrypt has reached out to Drift for comment.

Someone controlling a wallet that holds $200 worth of Ethereum couldn’t resist the opportunity to chime in on Friday. In an on-chain message to Drift’s wallet, the individual wagered that the attackers could “send me $10 million to mess with the Drift team.”

On Thursday, President Donald Trump fired his attorney general, Pam Bondi—and elevated her deputy, Todd Blanche, to run the Department of Justice. Trump suggested the promotion was temporary, but reports suggest the president is waiting to see how Blanche, his former personal attorney, performs in the new role.

Blanche’s promotion has many implications, including some for crypto. The former federal prosecutor instigated a number of pro-industry reforms at the Department of Justice last year, and is a crypto investor himself.

But under his and Bondi’s leadership, U.S. attorneys have also continued to aggressively pursue cases against crypto software developers—a development that has left some privacy and decentralization advocates worried.

When Blanche entered the federal government last year, he disclosed a significant amount of crypto holdings. The acting attorney general reported owning between $100,000 and $250,000 worth of Bitcoin, as well as between $50,000 and $100,000 worth of Ethereum. He also reported smaller holdings of numerous altcoins, including Solana, Cardano, Ethereum Classic, Polygon, and Polkadot. The crypto tokens were all held via a Coinbase account.

Blanche said in a subsequent ethics filing that he later transferred those crypto assets to his adult children and a grandchild.

Within weeks of becoming the Department of Justice’s second-highest ranking official last year, Blanche disbanded the office’s crypto-dedicated enforcement team. He also instructed federal prosecutors to back off of crypto exchanges and crypto mixing services relied upon by criminal actors and enemy states like North Korea and Iran.

“The prior Administration used the Justice Department to pursue a reckless strategy of regulation by prosecution, which was ill conceived and poorly executed,” Blanche said at the time.

Echoing that stance, a top DOJ official told a room of crypto policy leaders months later that the Trump administration would stop charging crypto software developers with a specific crime related to operating an unlicensed money transmitter.

But the great relief expressed by crypto leaders at that commitment was short-lived. Last fall, the Trump DOJ sent two Bitcoin privacy software developers to prison for operating an illegal money transmitter.

When the Trump DOJ took another Ethereum developer to trial for creating similar software last year, a Manhattan jury convicted the man, Roman Storm, of operating an illegal money transmitter—but deadlocked on two other charges. Last month, under Blanche and Bondi’s leadership, federal prosecutors moved to retry Storm on those two charges.

Peter Van Valkenburgh, the executive director of crypto policy think tank Coin Center, recently told Decrypt that the Trump DOJ’s seemingly inconsistent combination of pro-crypto statements and continued prosecution of crypto developers has left the industry in “a very bad state.”

It remains to be seen whether the DOJ’s crypto policies will change with Blanche’s move to the top of the department’s leadership. But those policies may not have been tied solely to the now-ousted Bondi. In December, in response to a question from Decrypt, President Trump said he would “look at” pardons for the crypto software developers convicted by his Justice Department. No such pardons have since materialized. 

Publicly traded Bitcoin miner Riot Platforms parted ways with more than $250 million worth of BTC during the first quarter of the year, the firm announced on Thursday. 

The firm sold 3,778 Bitcoin at an average price of more than $76,000, decreasing its total holdings to 15,680 BTC at the end of Q1—now valued around $1.04 billion as Bitcoin changes hands at $66,844. 

The Colorado-based miner has now sold Bitcoin in consecutive quarters, after netting proceeds of nearly $200 million from sales of the top cryptocurrency during November and December. 

At that time, speculation was that the funds would be used to fund capital expenditures for its entry into the AI sector, a pivot that nearly all Bitcoin miners are making. For example, publicly traded miner Bitfarms recently announced it was completely detaching itself from Bitcoin to focus on AI. Additionally, one of Riot’s major Bitcoin mining rivals, MARA, recently sold $1.1 billion in BTC to help fuel its pivot into AI. 

A representative for the firm did not immediately respond to Decrypt’s request for comment about what its proceeds may be used for. 

However, sales from earlier in 2025 were designed to “fund ongoing growth and operations,” according to the firm’s CEO, Jason Les. 

Those ongoing operations are particularly focused on AI and other high-performance computing needs moving forward, according to the firm’s most recent strategic business update. 

“2025 marked a watershed year for Riot, defined by a strategic evolution in our business that has transformed our future trajectory,” Les said in a statement in early March. “By unlocking our large, nearly two-gigawatt power portfolio for high-demand data center infrastructure, we are driving significant shareholder value.”

The firm, which has used nearly its entire power portfolio for Bitcoin mining thus far, added that its long-term goal is “to fully utilize our power portfolio for data center development.” 

Its Bitcoin sales may be helping move in that direction—one that an activist investor recently suggested required a “renewed sense of urgency” in order to fully capitalize on the AI opportunity before it. That opportunity, the investor Starboard Value said, could be worth as much as a $21 billion boost to the firm’s valuation. 

Shares of RIOT finished up 2.47% on Thursday, recently trading at $12.86. 

Shares have dipped more than 33% in the last six months as Bitcoin has slid 47% from its all-time high of $126,080. 

Bitcoin closed the first quarter of 2026 with its worst performance since early 2018, shedding nearly a quarter of its value as war, tariffs, and a hawkish Federal Reserve battered risk assets.

The cryptocurrency fell from around $95,000 in February to roughly $66,700 by quarter’s end, a decline of about 22% year-to-date, according to a report from institutional trading firm Talos citing data from its financial intelligence arm, Coin Metrics. Losses reached as much as 34.6% at the quarter’s lowest point, per the firm.

Bitcoin remains pinned in a $66,000-$70,000 range with whale transfers at multi-year lows and no meaningful bid defending levels, according to a Wintermute research note shared with Decrypt.

Institutions and retail investors alike “sit on the sidelines, unwilling to commit capital” until they see regulatory clarity or a shift in geopolitical conditions, the trading firm added.

Despite its bruising quarter, Bitcoin held up better than equities and gold after the February 28 outbreak of the Iran war, falling just 1.5% compared to a 17% drop in gold, a 7.6% decline in the Nasdaq, and a 7.4% slide in the S&P 500 over the same period, per data from Talos.

Bitcoin’s performance for the quarter appears to be more of a “macro-driven reset than a structural shift,” Samar Sen, head of international markets at Talos, told Decrypt.

“Crypto, alongside other risk assets, came under pressure following the escalation of the Iran conflict, alongside tariffs and tighter policy expectations,” he added.

U.S. spot Bitcoin ETFs hold roughly $100 billion in assets and saw net inflows resume in March, suggesting institutional demand has weathered the drawdown, Sen explained.

Liquidity across order books has also recovered from late-2025 lows allowing markets to “absorb larger moves,” with market structure “holding up more consistently” than in previous cycles, he added.

“Periods of macro uncertainty tend to slow risk appetite, but they also tend to bring a greater focus on risk management and portfolio diversification, and we’re seeing continued institutional engagement in that context,” he said.

Reaching for a reset

U.S. monetary policy could prove the most important variable for Bitcoin’s near-term trajectory, according to Zeus Research analyst Dominick John, who told Decrypt a Fed pause or easing would “release liquidity, lift risk appetite, and help stabilize Bitcoin,” while continued hawkishness “could tighten liquidity and increase selling pressure.”

A resolution to the ongoing Middle East conflict could provide a “critical catalyst” for the next quarter, with the Fed’s stance on rate cuts serving as “the definitive watershed for either a powerful rebound or a further breakdown,” Ryan Yoon, senior analyst at Tiger Research, told Decrypt.

On prediction market Myriad, owned by Decrypt’s parent company Dastan, users put just a 5% chance on the Fed cutting rates by more than 25bps in the first half of the year. Myriad users are also pessimistic about the Iran conflict, with the chances of a U.S./Iran ceasefire before June plunging from 58% at the start of the week to 39% today, while the chances of U.S. boots on the ground before May have jumped from 57% to 87% in the same timeframe.

A “growing regional divergence” in markets such as Iran, where access to global financial systems remains “constrained,” could also shape Bitcoin’s trajectory, Markus Levin, co-founder of decentralized data network XYO, told Decrypt.

“Bitcoin usage has historically increased during periods of economic pressure and is likely to rise again if the conflict persists,” he said. “That demand will not offset global macro forces in the short term, but over time it can push Bitcoin toward behaving more like a neutral reserve asset, closer to gold.”

Bitcoin was trading at around $66,830 at press time, flat on the day, according to CoinGecko data.

When millions of dollars in crypto are swiped from a decentralized finance protocol, tough questions often follow—and Drift Protocol’s $285 million exploit on Wednesday is no different.

The Solana-based project has been thrust into the spotlight as researchers and experts pore over its design, raising questions about whether certain design features or procedures could’ve prevented someone from pulling off one of the most lucrative DeFi attacks in the recent past.

In a post on X, Drift said a malicious actor gained unauthorized access to its platform through a “novel attack,” which granted administrative powers over Drift’s so-called security council. They added that the attack likely involved some degree of “sophisticated social engineering.”

The heist, which is among DeFi’s largest in recent history, hinged on introducing a fake digital asset on the decentralized exchange and modifying the platform’s withdrawal limits. After inflating the malicious token’s value, the attacker gained the ability to swiftly drain real liquidity from Drift by abusing borrowing mechanics.

There are indications that the exploit is linked to the Democratic People’s Republic of Korea, blockchain intelligence firm Elliptic said in a report on Thursday. They pointed to the attacker’s on-chain behavior, laundering methodologies, and network-level indicators.

With user deposits affected—and the protocol frozen as a precautionary measure—onlookers are also focusing on a core element of Drift’s design: a multisignature wallet, where signatures produced by two private keys enabled the attacker to gain sweeping powers.

Multisignature wallets represent a point of centralization for many DeFi projects, and the incident exposes the uncomfortable reality that smart contract audits can only prevent so much damage, according to SVRN COO and blockchain security expert David Schwed. 

He told Decrypt that Drift has become the latest example of how services that seek to replace financial intermediaries with code are frequently reliant on small teams and points of centralization like multisignature wallets that present cybersecurity risks.

“All of the engineers today focus on the technology side of security, they’re not focusing on the people in the process,” he said. “So yes, the protocol is decentralized, but the governance of it is centralized against five people.”

‘Yet again’

Schwed compared Drift’s lapse in security to one of the most notorious DeFi hacks, where over $625 million worth of digital assets were stolen by hackers linked to North Korea in 2022. They targeted Ronin, an Ethereum sidechain developed for the hit NFT game Axie Infinity. The attack relied on gaining access to five private keys, per blockchain security firm Chainalysis.

While blockchain analysts see the fingerprints of a nation-state, others argue the precision of the attack suggests a more intimate knowledge of the protocol. Schwed doubted that hackers linked to North Korea were involved in the hack against Drift because it feels like the attacker, possibly an insider, “knew who to target.” 

Onlookers have speculated that a “time lock” could’ve prevented the exploit from taking place so quickly. The smart contract feature restricts the execution of transactions or access to funds until a specific future time is reached, potentially providing Drift’s team with a window to step in.

“Time locks are helpful for gaining time to react to such an attack, and would have helped here—but that is not the root cause,” Stefan Byer, managing partner at Oak Security, told Decrypt. “The biggest issue was that—yet again—a privileged key was compromised.”

Still, Dan Hongfei, founder and chair of Neo Blockchain, argued that protocols like Drift that house millions of dollars in funds should not be instantly drainable.

In a post on X, he said time locks tied to critical actions like listing high-risk assets must be enforced to “prevent an attacker from completing the entire exploit chain within seconds.”

The sentiment was echoed by Or Dadosh, founder of crypto security infrastructure provider Venn Network. He also pointed to automatic circuit breakers, which enable projects to instantly pause operations if abnormal outflow velocity or volume thresholds are breached.

Several security experts wagered that Drift wouldn’t be the last DeFi project to suffer an exploit like the one that occurred on Wednesday. They noted that bad actors are increasingly turning to AI, using algorithms to gain a comprehensive understanding of their next target.

“We’ve reached a level where a bad actor can spoof your mother’s voice on a phone call,” Dadosh told Decrypt. “We live in a new age where financial attacks can surface in places and formats we couldn’t have even imagined a year ago.”