Written by: Blockhead

Translated by: Plain Language Blockchain

When Circle founder Jeremy Allaire described USDC as "trustworthy, transparent, and regulated," his implication was that the funds can be frozen. This ability to blacklist and halt trading of coins is the essential difference between regulated stablecoins and purely algorithmic stablecoins. This characteristic not only makes USDC favored by law enforcement but also has raised a volatility issue involving $285 million.

On April 1, the perpetual contract trading platform Drift Protocol, based on Solana, lost $285 million. Reports indicate that a hacker group linked to North Korea drained its treasury over a period extending up to six years through social engineering and technical means. Among the stolen funds, an additional $232 million in USDC was transferred from Solana to Ethereum during the attack via Circle's Cross-Chain Transfer Protocol (CCTP). No intervention measures were taken, with the justification that legal authority could not intervene. However, the question of whether it "should" have the ability or be required to intervene has been answered by existing laws.

The Legal Void in the Debate Over Freezing Authority

Circle's terms allow it to blacklist addresses and freeze USDC involved in suspicious activities. In response to criticisms about why it did not actively freeze the funds, Circle's standard reply is that action is only taken when legally required. This stance is legally reserved and commercially prudent, but critics argue that it has led to a narrow sense of powerlessness.

Salman Banei, the Chief Legal Officer of the asset tokenization network Plume, stated, "We are witnessing a gap between the capability of stablecoin facilities and legal requirements. The releasing party needs a 'safe harbor'—that is, when they reasonably believe that illegal transfers are occurring and freeze assets, they should be exempt from civil liability." Without legislative protection, proactive freezing could involve liability; while waiting for law enforcement to intervene often comes too late.

In rapidly evolving exploit strategies, actual operations are often measured in minutes, while court orders can take days or weeks to process. This structural flaw was vividly illustrated on April 1: during a six-hour attack, $232 million was successfully transferred across chains.

Not a Question, But a Real Problem

The Drift case complicates the moral landscape further. This is not a simple issue of a smart contract vulnerability (where freezing the funds would clearly allow restitution to victims), but involves front-running mining and pre-signed authorizations, making it challenging to definitively determine whether the scenario constitutes illegal trading at the moment a transaction occurs. Any decision made by Circle will involve previous judgments rather than compliance execution.

Ben Levit, founder of Bluechip, said bluntly: "USDC cannot be positioned as a neutral infrastructure while retaining discretionary intervention rights. The market can price 'absolute non-intervention' or 'absolute intervention', but only 'ambiguity' is hard to price."

The DeFi Multisig Problem

The technical root of Drift's hack is not a traditional code vulnerability, but a governance flaw. The attacker spent months building trust with team members and exploited a security committee migration on March 27, which transferred the protocol to a zero-time lock (Zero-timelock) 2/5 multisig mechanism, eliminating the delay in detecting and intercepting anomalies.

The attacker executed 31 withdrawals in about 12 minutes, leveraging a forged token called CarbonVote Token to inject liquidity and conducted wash trading through Drift's own front-running mechanism to disguise it as compliant transactions. This attack did not exploit a smart contract vulnerability, but rather took advantage of human factors and the governance configuration change that eliminated delay mechanisms.

This has become a verifiable pattern in DeFi events. Safety incidents at Radiant Capital and ByBit also involved social engineering attacks on multisig signers, related to rapid asset transfers. Auditing code is one thing, but verifying whether signers are currently purchased or if governance migrations have introduced new vulnerabilities remains a known unresolved problem.

Policy Moment

The GENIUS Act, currently advancing in the United States, along with related stablecoin legislation, aims to bring releasing parties under federal regulatory oversight. However, it must clearly address the issue of discretionary freezing—when releasing parties "can" act, when they "must" act, and the liabilities that come with both.

The Drift case illustrates why this issue is crucial. As stablecoins become massively embedded in DeFi infrastructure, relying solely on individual judgment is no longer sustainable. According to TRM Labs data, $141 billion in stablecoin transactions in 2025 will involve activities such as money laundering and suspensions. As transaction volumes increase, the frequency of dilemmas like the one on April 1 may also rise.

If USDC is to achieve its aim of becoming a "neutral conduit issuance" in the crypto economy, the rules for shutting down these conduits must be louder than they are now. Otherwise, each significant attack will inevitably fall into the same debate: Should the releasing party freeze, can they legally freeze, and who should be held responsible for the gray areas in between.