TL;DR
- An alleged $40M theft from US seizure wallets exposes essential vulnerabilities in authorities crypto custody.
- The breach is linked to a contractor, highlighting dangers in fragmented, multi-agency administration.
- The incident undermines the credibility of the US plan to construct a “digital Fort Knox” Bitcoin reserve.
The US authorities has been trying to execute a historic pivot with its Bitcoin holdings for practically a yr, shifting from a messy, case-by-case stock of seized crypto right into a strategic nationwide reserve.
The ambition, typically framed as a “digital Fort Knox,” now faces a credibility check after allegations that roughly $40 million in cryptocurrency was siphoned from government-linked seizure wallets.
Even when the reported loss seems small relative to the roughly $28 billion in Bitcoin the US is extensively believed to regulate, the episode cuts on the core premise of the brand new posture. It raises severe doubts about whether or not Washington can handle a sovereign-scale Bitcoin stability sheet with reserve-grade safety and auditable controls.
Over the weekend, blockchain investigator ZachXBT alleged that greater than $40 million in crypto was stolen from US government-linked seizure wallets. ZachXBT linked the alleged theft to John Daghita, popularly referred to as Licks, who he stated maintains household ties to the manager management of Command Providers & Assist (CMDSS), a personal agency contracted to help US Marshals Service (USMS) crypto seizure operations.
Company filings point out that Dean Daghita serves as president of CMDSS. The agency is predicated in Haymarket, Virginia, and is contracted by the USMS to handle and eliminate particular classes of seized cryptocurrency.
Insider Breach Exposes Vulnerability in Authorities Custody
ZachXBT indicated he was in a position to join John Daghita to the alleged theft after what he described as a “band-for-band” argument on Telegram, a dispute through which two people tried to show their wealth by evaluating pockets balances. The dispute allegedly culminated in a persona recognized as “Lick” screen-sharing an Exodus pockets and transferring giant sums in actual time.
The screen-shared exercise supplied a path ZachXBT stated he used to hint a cluster of addresses linked to greater than $90 million in suspected illicit flows. Of the sum, roughly $24.9 million moved from a US-controlled pockets in March 2024.
The situation spotlights a vulnerability that has much less to do with refined protocol exploits and extra with custody governance, contractor entry, and human failure modes that are likely to scale poorly when actual cash and actual operational complexity collide.
In the meantime, this isn’t the primary time federal crypto custody operations have confronted scrutiny. In October 2024, a pockets linked to the Bitfinex hack proceeds was drained of roughly $20 million, although the funds had been largely recovered.
The operational actuality for these property is much extra fragmented
Custody preparations for seized crypto are a patchwork of companies, authorized statuses, and storage options. Funds can sit at completely different factors within the forfeiture pipeline, and “US holdings” isn’t a single ledger entry however slightly a fancy operational system.
The variance issues as a result of safety in a multi-agency mesh relies on course of self-discipline, constant requirements, and fast migration of funds from momentary seizure wallets into long-term chilly storage. A single custodian will be defended with fortress-like protocols, however a system involving a number of distributors and handoffs behaves in a different way.
The system relies on the consistency of controls throughout each node within the community, together with the individuals and contractors who contact the method. The anomaly round which company holds which keys and when expands the assault floor. Oversight can slip within the gaps between organizations, between momentary wallets and long-term storage, and between coverage ambition and day-to-day operational actuality.
Within the context, the importance of the reported $40 million loss turns into larger because it implies a course of failure. The custody failure suggests unknown publicity elsewhere, particularly if the weak point is rooted in vendor governance or insider entry slightly than a one-off technical exploit.
Contractors like CMDSS are central to understanding the danger profile as a result of they sit the place the federal government’s custody system turns into most complex. A Authorities Accountability Workplace (GAO) choice from March 2025 confirmed that the USMS awarded CMDSS a contract to handle “Class 2-4 cryptocurrencies.”
The GAO doc attracts a distinction between asset courses that helps clarify why contractors matter. Class 1 property are usually liquid and will be readily supported by commonplace chilly storage. Class 2-4 property, in contrast, are described as “much less in style” and require specialised dealing with, typically involving bespoke software program or {hardware} wallets.
The lengthy tail of crypto custody contains the lengthy record of property that aren’t merely Bitcoin and a handful of different liquid tokens, however the messy stock that arrives by seizures. Managing the property can require navigating completely different blockchains, unfamiliar signing flows, and complicated liquidation necessities.
In sensible phrases, it creates a reliance on exterior experience to handle probably the most difficult points of custody. Below the mannequin, the federal government successfully outsources the messiest nook of crypto operations.
The GAO notes that contractors are strictly prohibited from utilizing authorities property for staking, borrowing, or investing. However contractual prohibitions aren’t bodily controls. They can’t, on their very own, forestall misuse of a personal key if human controls are bypassed.
That’s the reason the allegations, framed as contractor ecosystem danger and social engineering slightly than protocol failure, carry weight past the particular theft declare. If the system’s resilience relies on self-discipline throughout each vendor and handoff, then the weakest node turns into probably the most engaging goal.
Warnings about custody gaps aren’t new. A 2025 report highlighted that the USMS couldn’t present even a tough estimate of its BTC holdings and had beforehand relied on spreadsheets missing ample stock controls. A 2022 Division of Justice Workplace of Inspector Normal audit explicitly warned that gaps like these may outcome within the lack of property.
The stakes of those operational gaps have risen as a result of US coverage is shifting. The White Home has moved to determine a Strategic Bitcoin Reserve and a separate Digital Asset Stockpile, with directives for the Treasury to manage custodial accounts the place Bitcoin “shall not be offered.”
The coverage change shifts the federal government’s position from a momentary custodian, traditionally related to auctions and proof disposal, to a long-term holder. Nonetheless, the strategic reserve framing shifts the lens, because the central query turns into custody credibility.
If Bitcoin is to be handled as a reserve asset analogous to gold, the usual buyers will implicitly demand is vault-grade safety, clear custodianship, constant controls, and auditable procedures.
The alleged $40 million theft attracts consideration again as to whether the infrastructure supporting this ambition nonetheless resembles an advert hoc proof workflow or is being scaled for long-term stewardship. A big, well-known authorities Bitcoin hoard may turn out to be a prime goal for malicious actors looking for to use a porous system.
