Circle had a chance to be a hero. It chose to be a regulated company instead.
When hackers pulled off what may rank among crypto’s biggest heists—draining roughly $280 million from Drift Protocol on Solana—they used Circle’s cross-chain transfer system to move about $232 million in USDC to Ethereum. The attacker’s brazenness was matched only by Circle’s restraint. And that’s sparked a heated debate about what “moving fast” actually means when you’re a regulated stablecoin issuer with billions in customer deposits.
Blockchain investigator ZachXBT and others said Circle could have acted faster to freeze the stolen funds. Fair point on the surface. But here’s what the critics seem to be missing: Circle’s hesitation wasn’t sluggishness. It was caution baked into the regulatory framework that legitimized stablecoins in the first place.
The Hack: Timeline and Scope
Drift announced the attack on Wednesday, April 1, flagging “a highly sophisticated operation” involving unauthorized access and the compromise of multiple multisig signers. The attacker’s social engineering game was tight—likely using targeted phishing or transaction misrepresentation to seize Drift’s Security Council powers.
“Drift is a crypto exchange that offers perpetual futures on the Solana blockchain, and said Wednesday (April 1) post on X that it was experiencing an active attack and had suspended deposits and withdrawals.”
By Friday, $232 million in USDC had already been bridged from Solana to Ethereum. That’s the speed of crypto—and the vulnerability that comes with it. But here’s the uncomfortable truth: Circle’s inability to unilaterally freeze those funds isn’t a bug in the system. It’s a feature (albeit an inconvenient one).
Why Circle Won’t Freeze Funds Without Permission
This is where the debate gets real.
Circle is legally constrained. The company operates under banking regulations in multiple jurisdictions, sanctions compliance regimes, and—most importantly—the expectation that it won’t seize customer assets without a court order or explicit law enforcement directive. Do that unilaterally, and you’ve essentially become a vigilante with $60 billion in customer deposits.
A Circle spokesperson spelled it out: “Circle is a regulated company that complies with sanctions, law enforcement orders, and court-mandated requirements. We freeze assets when legally required, consistent with the rule of law and with strong protections for user rights and privacy.” Translation: We have guardrails, and we’re not breaking them—even when it looks bad.
The legal vulnerability is real. If Circle froze the stolen USDC without a court order, they’d open themselves to lawsuits from the attacker’s end (yes, really) claiming unlawful seizure. And they’d set a precedent that a private company can unilaterally decide what transactions are “bad enough” to reverse. That’s authoritarian money, not free money—just in a different shade.
Is There a Better Way? The Real Problem
The real criticism should land elsewhere. The problem isn’t Circle’s slowness. It’s that crypto’s bridges and cross-chain protocols are inherently fragile, and there’s no unified toolkit for rapid response when they’re exploited.
Drift had to work through third-party attributions before sending on-chain messages to wallets holding the stolen funds. Law enforcement moved at its own pace. And Circle—the one party that could theoretically freeze USDC—had to wait for legal air cover. The entire system is built like a three-legged stool at a standoff.
Compare this to traditional banking. When you wire money through Wells Fargo or JPMorgan, and someone proves it was fraudulently obtained, those banks can freeze it in hours. Why? Because they control the rails entirely and operate under clear banking law that permits rapid response to verifiable fraud. They have established legal frameworks and law enforcement relationships that move quickly.
Crypto doesn’t have that yet. Circle can’t act like a bank because it isn’t legally empowered to. And the decentralized protocols can’t act quickly because there’s no clear authority to act at all. Drift couldn’t unwind the transaction. Solana validators couldn’t reverse the bridge. And Circle couldn’t move without a green light from somewhere official.
The Broader Stakes
This hack reveals something uncomfortable about stablecoins’ current role in the ecosystem: they’re only as useful as the legal infrastructure behind them, but that infrastructure isn’t built for DeFi’s speed.
So what happens next? Probably nothing dramatic. Law enforcement will complete its investigation. A court order will eventually materialize. Circle will freeze the remaining funds. Drift will rebuild or shut down. The crypto community will call for better security practices, faster bridges, and more redundancy.
But the underlying tension won’t go away: either stablecoins remain regulated and slow-moving (and therefore vulnerable to regulatory arbitrage and faster hacks), or they operate with fewer guardrails and become targets for governments. Circle, for now, has chosen the former. And while it looks bad in the short term, it’s probably the bet that keeps them operational in five years.
The critics wanted Circle to move like a crypto native. Instead, Circle acted like what it is: a regulated financial institution caught between two worlds. Neither choice is perfect. But one choice gets you a banking license. The other gets you delisted.
🧬 Related Insights
- Read more: Swiss Banks Are Finally Getting a P2P Money Transfer System—And It Only Took Until 2026
- Read more: Cambodia’s Life Sentence Law Won’t Stop Crypto Scammers—It’ll Just Scatter Them
Frequently Asked Questions
Can Circle actually freeze USDC after it’s moved to another blockchain?
No—not directly. Once USDC is bridged to Ethereum, Circle can’t unilaterally reverse it. They can only freeze new issuances or redemptions through their contracts. Law enforcement or a court order would need to work with exchanges or custodians holding the stolen funds.
Will Drift recover the $280 million?
Unlikely in full. Recovery depends on law enforcement identifying the attacker, tracing the funds through mixers and exchanges, and convincing jurisdictions to cooperate. Crypto’s cross-border nature makes this difficult—some stolen funds may be laundered or lost to jurisdictions with weak enforcement.
Why didn’t Solana validators just reverse the hack?
Solana’s validators can’t selectively reverse transactions without destroying the blockchain’s immutability guarantees. Doing so would set a precedent that could be exploited for censorship. The whole value proposition of blockchain falls apart if validators can undo transactions retroactively.
What does “multisig signer compromise” actually mean?
Multisig signers are individuals or wallets that collectively control sensitive administrative powers (like protocol upgrades). The attacker used social engineering to trick multiple signers into approving malicious transactions, effectively impersonating them or gaining access to their signing keys.
