280 million dollars was stolen: Why did Circle refuse to intervene?

This week in East Eight Time Zone, the Solana ecosystem derivative protocol Drift Protocol was reportedly attacked, resulting in approximately 280 million dollars being stolen, with about 230 million dollars rapidly converted to USDC and transferred across chains (according to a single source). Shortly after the incident was disclosed, Circle CEO Jeremy Allaire publicly stated that without a clear request from a court or law enforcement agency, Circle would not proactively freeze the involved USDC, turning a technical attack into a conflict of systems and values. A pressing question surrounding this event is becoming increasingly sharp in the industry: when centralized dollar tokens are deeply embedded in DeFi, how should the boundaries of the issuer’s freezing authority and the division of responsibility be defined in the event of a hacker attack, so as not to tear the whole industry's expectations between "fund security" and "decentralization"?

280 million evaporated in an instant: The crisis trajectory of Drift's breach

According to current public information, the amount stolen from Drift is approximately 280 million dollars, making it one of the largest DeFi security incidents in recent years. The official has yet to publish an accurate timeline, but from on-chain transfers and community disclosures, it appears that after the attack occurred, contract assets were rapidly extracted within a short time, with the protocol positions and user funds being re-priced instantly, leading not only to financial losses but also to a collective questioning of the security of the entire derivative ecosystem on the chain.

According to a single source, in the migration path after the funds were stolen, approximately 230 million dollars were exchanged or transferred to USDC via cross-chain pathways. This portion of assets has become the core of post-incident disputes: on one hand, its scale is sufficient to influence the attitudes of issuers and regulatory bodies; on the other hand, it clearly exposes the attackers' preemptive assessment of the escape routes for funds and their liquidity reception capabilities. It is important to emphasize that there is still a lack of complete, verifiable public details on the specific cross-chain timelines, which bridges were used, and the specific protocol configurations.

On the technical level, the information from a single source points to two key clues: one is that the attack utilized pre-signed durable nonce transactions, and the other is that operations were conducted around multi-signature system compromises. This means that the attackers may have already obtained reusable signature "ammunition" before formal execution and found ways to bypass, exploit, or induce the multi-signature mechanism. However, there is currently no authoritative disclosure about more granular configurations such as multi-signature thresholds, node deployment, and operational processes. The Drift team and security community have only provided a vague description such as "the security module was breached" and "the durable nonce was misused," with the overall technical review still in progress.

After the incident, the Drift team urgently entered crisis management mode: on one side, they paused or limited key functions of the protocol and reviewed affected positions; on the other side, they teamed up with several security companies, cross-chain bridge operators, and law enforcement agencies to trace and collect evidence of the fund flows (all according to a single source). In the on-chain world, such "chasing-down" processes often mean coordination across jurisdictions and technical stacks, but in the real world, they directly face a complete set of traditional systems including evidence chains, freezing requests, and judicial procedures. This incident thus becomes a case study: when DeFi protocols encounter systemic security strikes, how far can their self-rescue capabilities and external collaboration efficiency go?

The hacker turns chips into USDC: escape routes and regulatory hubs

From the attackers' choices, the massive conversion of stolen assets to USDC is no accident. USDC, as a top market capitalization dollar token that connects multiple public chains and mainstream CeFi platforms, possesses strong liquidity and cross-chain accessibility: whether splitting into smaller amounts to spread across chains or slowly clearing through OTC and off-market channels, USDC is easier to "cash out" than many long-tail assets or low-liquidity tokens. For hackers, choosing USDC means opting for a smoother "money laundering pipeline" along the technical path.

However, this liquidity advantage simultaneously places Circle at the center of the storm. Unlike most decentralized tokens, USDC is issued and custodial by a regulated entity. Circle not only holds freezing and blacklisting permissions on the contract level but must also strictly comply with regulatory requirements in its daily operations. This position leads outside observers to naturally expect it to play the role of a "last line of defense" in hacker incidents; however, it also means that every time it exercises its authority, it must find a balance within the boundaries of law, commercial contracts, and regulatory relationships, and cannot simply "automatically execute" like a completely decentralized contract.

Regarding the approximately 230 million dollars involved USDC, the core controversy is not whether it can be technically frozen—as the contract design clearly allows Circle to freeze and blacklist—but whether legally and commercially it should, and when it should intervene. If Circle unilaterally freezes assets without formal judicial procedures, it may be questioned for arbitrarily exercising its review authority and harming asset predictability; if it waits for formal instructions from courts and law enforcement agencies according to traditional procedures, it will be criticized by the DeFi community for slow responses and missing optimal intervention opportunities. The hacker's act of turning chips into USDC has precisely exposed this tension in public view.

Allaire publicly refuses to freeze: A statement ignites trust tug-of-war

At the height of the debate, Circle CEO Jeremy Allaire made a public statement outlining the company's position: "In the absence of a clear request from a court or law enforcement agency, we will not proactively freeze the relevant USDC." The logic behind this statement is very clear: Circle does not want to nor dare to become an "on-chain judge" making unilateral decisions on fund ownership, but instead, hands over the initiative for fund disposition back to the traditional judicial and law enforcement system, while playing the role of a "technical service provider executing court orders."

This statement continues Circle's consistent emphasis on its regulated identity and legal compliance priority principle. From the company's perspective, if it were to freeze assets based on social media rhetoric or requests from a single party without formal procedures, it would lay great compliance and credit risks for future operations. In the event of collateral damage, ownership disputes, or being utilized as a business competition tool, Circle would not only face potential litigation but might also be viewed by regulators as exceeding its role boundary of "trustee custody and technical operation." Therefore, linking "freezing" with "formal court/law enforcement agency instructions" is a safety line it has drawn for itself.

However, from a more crypto-native perspective, such "caution" can easily be interpreted as passive. Some on-chain analysts and KOLs (such as ZachXBT, whose related comments await further verification) represent another voice: when hacker attacks and security vulnerabilities have already been clearly confirmed through on-chain evidence, and the fund migration paths are visibly clear, the platform and issuers should implement more proactive fund control measures rather than waiting for paper documents and legal processes. For them, technical means and on-chain evidence itself constitute the "fact base" of the modern crypto world.

Thus, a public opinion clash around "compliance caution vs industry oppression" has formed: on one side is Circle, which insists on procedural justice and strictly adheres to traditional financial compliance red lines; on the other side are DeFi users, protocol parties, and on-chain analytical communities who have strong expectations for rapid loss mitigation and raising the costs of hacker attacks. On the surface, both parties dispute "whether to freeze this 230 million now," but the deeper question is: who has the right to press the "pause button" in the contract according to their understanding before there is a court judgment?

The cost of a centralized button: Decentralized narratives are put to the test

Centralized assets like USDC that possess freezing and review capabilities inherently have structural tension with DeFi's long-promoted ideals of "permissionless and unreviewable." In the past, many viewed this tension as a necessary compromise: to bring fiat currency liquidity onto the chain, it is difficult to completely escape constraints such as KYC, compliance, and freezing; a true decentralized paradise is left to permissionless, fair, and neutral protocol layers and native tokens. However, when security incidents like Drift occur, this already existing contradiction is amplified to the extreme.

If stablecoin issuers frequently exercise their freezing rights in hacker incidents, on the surface, it appears to strengthen security protections and increase attack costs, but more deeply it raises concerns about the risks of review expansion and abuse: what scenarios would be regarded as "justified freezes"? Who certifies the facts of the attack? In the future, could "freezing" expand beyond hacker incidents to sanctions lists, political events, or even business conflicts? Once the freezing actions lack transparency, audibility, and appeal mechanisms, users and protocol parties across the entire ecosystem will face an invisible "regulatory hand," and the credibility of decentralized narratives will naturally be compromised.

Conversely, if issuers like Circle firmly refuse to proactively freeze the involved assets without judicial directives, many DeFi participants may feel "abandoned": they originally hoped centralized issuers would provide the last line of defense in extreme security accidents, only to find that this defense is constrained by complex, slow, and opaque real-world legal procedures. Thus, a paradox of reality arises: for the compliance world, Circle's actions maintain boundaries; for some on-chain users, it feels like a departure from "fund security expectations." The existence of a centralized button itself is a form of concentrated power, but when this power is not exercised, it equally ignites new distrust.

What kind of emergency plans does the industry want: From single-point decisions to multi-party processes

After this incident, the market's realistic expectations for issuers like USDC have become more specific—not vague "more secure," but inquiries into clear and predictable freezing trigger conditions and collaboration processes. Protocol developers want to know: under what level of evidence, at what scale of attack, and when requests are made by which parties will the issuer consider freezing? Users hope there can at least be an open "post-event review" channel to understand the basis for the decision to freeze or not freeze, rather than letting a few brief statements fill cognitive gaps.

This also drives the industry to start discussing a more mature "standardized emergency mechanism": conceptually, it no longer relies on a single company's top-level decision but triggers collaboration among courts, law enforcement agencies, compliance teams, and protocol parties. For instance, after a security incident is preliminarily identified, protocol parties and security firms first submit technical evidence and preliminary reports; law enforcement agencies issue temporary directives after a rapid verification; and stablecoin issuers perform phased freezes and information disclosures according to standards. The key in the entire process is not in the minutiae of how it is designed, but in forming a reproducible, auditable, and industry-supervised paradigm.

On a more fundamental technical and institutional level, the Drift incident also serves as a reminder for developers and infrastructure providers:

● On one hand, there is a need for safer multi-signature management and permission design to avoid systemic risks arising from the misuse of critical signatures or the malicious use of durable nonces;

● On the other hand, more stringent controls and monitoring over pre-signed transactions are needed, with smarter risk control thresholds set for abnormal invocation frequencies and authorization scopes;

● Additionally, there is a necessity to build a tighter collaborative firewall between cross-chain bridges and stablecoin issuers: when potential attack paths and suspicious fund flows are identified, warnings can be sent both on-chain and off-chain simultaneously, rather than each party fighting their own battles.

These improvements won't be completed overnight, but each major security incident will push the entire industry one step forward in addressing "who is responsible and how to be responsible."

The next round between DeFi and the compliance world

In summary, the Drift incident involving approximately 280 million dollars symbolizes far more than a single protocol's loss. It has brought to the forefront a long-standing issue that has been set aside: when centralized dollar tokens represented by USDC become the liquidity foundation of the DeFi ecosystem, the regulatory boundaries of stablecoins and the governance deficits of the industry are no longer just theoretical discussions, but real issues concerning actual losses and trust rebuilding.

It is foreseeable that in the coming years, there will be an increasing number of judicial practices surrounding similar incidents, as courts and law enforcement agencies deepen their understanding of on-chain evidence, cross-chain assets, and freezing processes, thereby promoting the formation of clearer freezing rules and compliance guidelines. At the same time, at the protocol level, development teams will also pay more attention to built-in self-rescue tools and risk control modules, rather than placing all their hopes on a centralized issuer's freeze—whether it be multi-signatures, time locks, vault mechanisms, or collaborative plans with security firms and infrastructure providers, they will all become prerequisites rather than additional features.

From a longer-term perspective, it is difficult to achieve a perfect solution that encompasses fund security, review risks, and decentralized ideals all at once. The differing roles and choices of Drift and Circle in this incident are just a microcosm of a larger game: one end is increasingly heavy-handed regulation and real compliance frameworks, while the other end is still attempting to uphold the bottom line of "permissionless and unreviewable" crypto-native order. In the next round, this game will continue to replay across more protocols, jurisdictions, and asset forms, and each choice made today quietly scripts the future's institutional and technical trajectory.

Join our community, let’s discuss together and become stronger!
Official Telegram community: https://t.me/aicoincn
AiCoin Chinese Twitter: https://x.com/AiCoinzh

OKX benefits group: https://aicoin.com/link/chat?cid=l61eM4owQ
Binance benefits group: https://aicoin.com/link/chat?cid=ynr7d1P6Z

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。