Following the $285 million attack on the Drift protocol last week, the cryptocurrency market focused on the movement of a significant portion of funds through Circle’s issued USDC and the company’s response capacity. Companies in the field of blockchain security determined that the attacker captured approximately $71 million worth of USDC. After the remaining assets were quickly converted to USDC, $232 million USDC was transferred from Solana to Ethereum using Circle’s cross-chain transfer protocol CCTP. This move made it difficult to track and recover assets.
Circle’s powers and criticisms
The developments sparked debate in the crypto community about whether Circle could have acted more quickly or effectively during the incident. In particular, blockchain researcher ZachXBT criticized the company for not providing sufficient support, despite the high total amount of assets locked in the project. Circle has the right to blacklist wallet addresses associated with suspicious transactions and freeze USDCs in these addresses, according to its terms of use.
Some industry representatives have argued that timely freezing of wallets linked to the attack could greatly limit the attacker’s room for action. However, some experts pointed out that intervening without any court order or official request from law enforcement carries both legal risks and could open Circle to possible compensation lawsuits.
Salman Banei, general counsel of Plume company, stated that in such cases, digital asset issuers should be provided with legal protection to freeze suspicious transactions with reasonable justification, and shared his opinion that regulators should introduce new guiding rules in this field.
“Legislators should provide protection against civil liability for such interference if a digital asset issuer reasonably believes there has been an illegal transfer,” he explained.
Regulation, technological jurisdiction and gray areas
This case sparked controversy because fixedcoins like USDC issued by centralized and regulated entities are programmable and tamperable. USDC plays an important role in global money transfers and crypto trading. However, such tokens can also be used in dubious and illegal activities. For this reason, whether issuer institutions should act quickly or not is questioned again after every major event.
According to findings provided by blockchain analysis companies, North Korea-related hacker groups may be behind the Drift attack. Since USDC and similar fixedcoins have the technical infrastructure to respond to monitoring or blocking requests of legal authorities, they face both the expectation of rapid intervention and discussions of excessive use of authority.
Ben Levit, founder and CEO of the fixedcoin rating company Bluechip, emphasized that technical intervention in the incident is not as simple as it is often thought.
“It is a very superficial approach to suggest that Circle should intervene. What happened is not a classic hack, but rather related to the abuse of the market and Oracle operation. Therefore, every decision the company takes is based on initiative, not an absolute legislative requirement,” he shared his assessment.
Levit also argued that the lack of clear policy in an environment where USDC is positioned as a neutral infrastructure increases the market’s perception of uncertainty.
At the midpoint, issuer companies are accused of facilitating illegal activities if they act too slowly; It is stated that if they take hasty steps, they may be criticized for being too intrusive or unlawful. In rapidly developing attack scenarios, the range of action can often be limited to just minutes.
