The Trump administration says China is trying to raid American AI labs to move faster. A Financial Times report on Thursday said the White House accused China of carrying out industrial-scale theft of US AI intellectual property and warned it would crack down.
The report cited a memo by Michael Kratsios, director of the White House Office of Science and Technology Policy.
Kratsios wrote that the US government has information showing foreign entities based in China are engaged in deliberate, industrial-scale campaigns to distill US frontier AI systems.
He said the operations are using tens of thousands of proxy accounts to avoid detection and jailbreaking methods to expose proprietary information. He also said Washington will alert American AI companies to unauthorized attempts at distillation and will consider steps to hold the actors accountable.
White House accuses China of stripping US AI systems while H200 chip sales remain stalled
The fight over stolen AI work is unfolding beside another dispute over advanced chips. Nvidia’s H200 chips are in heavy demand, and supply for the Chinese tech sector had been expected, but US officials say those chips still have not been sold to Chinese companies.
Commerce Secretary Howard Lutnick said Nvidia’s artificial intelligence chips have not yet been sent to Chinese firms, citing difficulties obtaining permission from the Chinese government.
The Trump administration formally approved China-bound sales of H200 chips in January, though with conditions. That decision stirred concern among China hawks in Washington, who fear Beijing could use the technology to strengthen its military.
Even so, shipments have been blocked by disagreements over sale terms in both the United States and China. Asked at a Senate hearing about the delayed sales, Howard said:
“The Chinese central government has not let them, as of yet, buy the chips, because they’re trying to keep their investment focused on their own domestic industry.”
Howard added, “We have not sold them chips as of yet.” The continued delay is likely to please US hardliners who reject the administration’s argument that such sales could discourage Chinese rivals, including heavily sanctioned Huawei, from pushing harder to catch up with American AI chip designers.
But Howard also appeared to step back from a prior pledge to restore in November a rule that would restrict US tech exports to Chinese companies.
China offers massive embodied AI pay packages as export curbs and trade talks stay tangled
The affiliates rule was delayed for one year last November as part of a trade negotiation with China. Howard said, “I agree that the affiliates rule is a smart thing for the United States of America to consider, but it is part of the balance of that full trade agreement.”
He also said the US trade relationship with China is led by President Trump, Treasury Secretary Scott Bessent, and US Trade Representative Jamieson Greer. Howard added, “I focus on the rest of the world.”
China’s embodied AI sector is in a fierce talent war. Some companies are failing to attract qualified workers even after offering CNY1 million (about $138,000) a year. Job listings show entry-level algorithm engineers in embodied intelligence can earn around CNY30,000 a month, or $4,140.
Expert-level engineers are offered about CNY50,000 per month, while world-class engineers can get around CNY60,000. Other roles in demand include motion-control algorithm engineers and embedded software engineers, and most technical jobs require at least a master’s degree.
The pay rises. Ubtech Robotics, the world’s first humanoid robot maker to go public, launched a search this month for a chief scientist focused on humanoid robots and embodied intelligence.
The annual pay range is CNY15 million to CNY124 million, or about $2.2 million to $18 million. Last year, Volcano Engine, the cloud unit of ByteDance, began hiring a senior expert in algorithm manipulation for embodied robotics research, with a monthly pay of CNY95,000 to CNY120,000, or about $13,110 to $16,560.
Don’t just read crypto news. Understand it. Subscribe to our newsletter. It’s free.
Top prediction market platforms, including Kalshi and Polymarket, are rushing to offer highly leveraged crypto derivatives at the exact moment state and federal authorities are clashing in court over whether the industry’s core products constitute illegal betting or legitimate financial instruments.
Over the past year, these companies have gained national prominence by facilitating wagers on discrete, real-world occurrences, ranging from political races to macroeconomic data releases.
Now, by preparing to list perpetual futures, which are complex contracts that never expire and allow traders to multiply their market exposure using borrowed funds, these platforms are blurring the line between niche forecasting hubs and full-service digital asset exchanges.
Against this backdrop, this shift drastically expands their potential customer base, but it also amplifies the legal risks associated with the platforms.
Historically, platforms like Kalshi operated on a cyclical, event-driven basis, with traffic and trading volume spiking around major catalysts such as a presidential debate or a championship sporting event and then plummeting once the outcome was settled.
In this kind of market, a user purchased a binary “Yes” or “No” share, and the contract expired upon the event’s resolution.
Perpetual futures fundamentally alter that business model. Because these derivatives lack an expiration date, participants can maintain their market positions indefinitely, provided they meet ongoing margin requirements.
The instruments frequently allow users to leverage their bets up to 50 times their initial capital, attracting aggressive speculators seeking rapid returns from minute price fluctuations.
By rolling out these derivatives, Polymarket and Kalshi are abandoning their siloed event-contract operations to compete directly with centralized exchanges and retail brokerages. The underlying strategy for both platforms is to convert occasional political bettors into daily, high-frequency traders.
While Kalshi has explicitly stated its intention to enter the perpetuals arena, Polymarket’s exact roadmap remains guarded, including which specific assets it will cover and whether it will restrict access for US customers.
Why prediction markets are moving into perpetual futures
Why perps, why now?
The motivation to embrace this new feature comes down to basic market structure.
Traditional crypto spot trading, which is the simple buying and holding of digital assets, has decelerated from the frenzied peaks of previous market cycles, logging $18.6 trillion in volume last year.
Meanwhile, perpetual futures generated more than three times that amount. Data from CryptoQuant show that the global trading volume for crypto perpetual futures hit $61.7 trillion last year.
That volume disparity dictates corporate strategy. Platforms recognize that to maintain engagement during periods of low volatility, they must offer instruments that allow users to short the market, hedge portfolios, and employ leverage.
While prediction markets currently command significant capital, with all-time notional volume surpassing $150 billion, the episodic nature of event contracts cannot match the continuous, around-the-clock fee generation of a highly active derivatives order book.
Moreover, the broader financial technology sector is experiencing a rapid collapse of operational boundaries, with centralized platforms like Robinhood, Coinbase, and Gemini all embracing event-based offerings.
Mo Shaikh, co-founder of the Aptos blockchain network, noted that financial applications have historically trended toward consolidation, citing the expansions of legacy platforms like PayPal. However, he warned that forcing disparate user bases into a single application rarely succeeds seamlessly.
“The trader, the bettor, the long-term investor, the payments user, they show up for different reasons,” Shaikh said, adding that true value lies in controlling the underlying infrastructure. “Clearing, liquidity, identity, settlement, data, those layers can unify even if the frontends remain fragmented.”
Meanwhile, the shift among prediction market players is partially defensive.
Offshore decentralized exchange Hyperliquid, a dominant force in perpetual futures, recently encroached on the prediction sector by revealing plans to list its own event contracts.
As a result, the market is split on who holds the strategic advantage in the ensuing turf war.
Jiani Chen, a growth officer with the Solana Foundation, noted the technical disparities, arguing that decentralized derivatives exchanges have a much easier time adding prediction markets to their backend than prediction platforms do spinning up complex futures trading engines.
However, Kyle Samani, chairman of Forward Industries, dismissed the technical hurdles, arguing that customer acquisition is the true bottleneck for digital asset platforms. He said:
“It’s way harder to bootstrap liquidity and acquire normie users for prediction markets. Kalshi perps are going to crush.”
The legal fight is still about who gets to call it gambling
Legal battle over prediction markets
The aggressive product expansion coincides with an existential legal threat as state regulators are launching coordinated efforts to classify the prediction platforms as unlicensed casinos, rejecting the premise that event contracts are sophisticated financial tools.
On April 21, New York Attorney General Letitia James filed sweeping lawsuits against digital asset firms Coinbase and Gemini, demanding $3.4 billion in combined penalties and restitution.
James alleged the companies bypass state taxes and consumer protection laws by offering prediction markets to retail users, including minors.
State officials pointed to research by the National Institutes of Health linking early exposure to mobile betting with heightened risks of anxiety and financial distress, while noting American Psychological Association data showing severe mental health risks associated with gambling disorders.
James said:
“Gambling by another name is still gambling, and it is not exempt from regulation under our state laws and Constitution.”
The industry firmly rejects the gambling label, countering that the contracts are vital instruments for hedging geopolitical and economic risks.
The judiciary is already untangling the overlapping claims. A federal appeals court in Philadelphia ruled against New Jersey gaming regulators earlier this year, determining the CFTC held sole regulatory authority over Kalshi’s election and sports-related contracts.
This sequence of litigation reflects a deeply fractured regulatory perimeter that companies must navigate as they deploy new derivative products.
A bigger market, and a bigger regulatory target
The move into perpetual futures would further position prediction markets as part of mainstream financial infrastructure rather than a niche corner of online speculation.
That shift is already drawing attention from traditional finance. The Intercontinental Exchange, parent of the New York Stock Exchange, recently invested $2 billion in Polymarket, a sign that major market operators see commercial value in platforms built around event-driven pricing.
Supporters of the model argue that prediction markets are proving useful as both forecasting tools and trading venues.
In high-liquidity markets, Brier scores, a standard measure of probabilistic accuracy, have fallen as low as 0.0247 shortly before resolution, suggesting pricing errors narrow sharply as capital and participation deepen. Industry estimates also show that about 10% of proprietary trading firms are already active in event contracts, using them in part to hedge macro and policy risk.
That combination of data value and trading activity helps explain why platforms are racing to broaden their product mix.
Rob Hadick, managing partner at Dragonfly, framed the commercial logic bluntly:
“Owning your customer will be the only way to have longevity in this new world of broad financialization.”
However, not everyone sees perpetual futures as the natural next step.
Alex Momot, chief executive and co-founder of Peanut Trade, told CryptoSlate that the current push looks more like a response to tightening legal pressure than a durable product strategy.
He noted that regulators and some jurisdictions are moving against prediction markets, and as a result, these operators appear to be shifting closer to the crypto-exchange model, where the rules are clearer, and the risk of being classified as gambling is lower.
Momot argued that strategy may offer only limited relief. In his view, the deeper problem is liquidity. Without more depth, many of the sector’s most promising use cases, including hedging and insurance against real-world event risk, remain too small to scale.
He said the stronger long-term path may lie in index-style products, market aggregation, and pooled liquidity across events, structures that could make prediction markets look more like traditional derivatives or synthetic exposures.
That viewpoint points to a broader tension now shaping the industry. One camp sees perpetual futures as the fastest way to capture more trading volume and keep users active between headline-driven events. Another sees them as a tactical detour from the harder task of building deeper, more resilient liquidity.
Either way, the legal risk is rising. Dyma Budorin, founder and chief executive of CORE3, said the merging of prediction and derivatives markets is likely to draw closer scrutiny from regulators already struggling to define the sector.
He said:
“What we’re really seeing is a convergence toward perp-like behavior without the corresponding risk controls. If this trend continues, regulators won’t treat prediction markets as harmless forecasting tools, they’ll treat them as derivatives platforms operating outside the rules. And historically, that doesn’t end quietly.”
The New York litigation has already ensured that the fight over jurisdiction will remain central to the industry’s future. That battle could eventually reach the U.S. Supreme Court or force Congress to step in with a clearer statutory framework.
Until then, prediction-market operators appear willing to keep expanding through the uncertainty, betting that the commercial upside of perpetual futures is worth the legal exposure.
Admiral Samuel Paparo, commander of US Indo-Pacific Command, told the Senate Armed Services Committee that his command is running a Bitcoin (BTC) node and conducting operational tests with the protocol.
The April 21 testimony marked the first time a sitting US combatant commander publicly framed Bitcoin as a national security asset during congressional proceedings.
Bitcoin as a ‘Power Projection’ Tool
Responding to questions from Senator Tommy Tuberville (R-AL), Paparo described Bitcoin as “a peer-to-peer, zero-trust transfer of value” and said that anything supporting all instruments of national power “is to the good.”
He characterized the research as focused on computer science rather than monetary policy.
Proof-of-work, he said, “has got really important computer science applications for cybersecurity,” including protecting data and raising the real-world cost for adversaries conducting cyber operations.
“We have a node on the Bitcoin network right now. We’re doing a number of operational tests to secure and protect networks using the Bitcoin protocol,” he said.
The admiral offered to provide classified details on the tests if requested.
Meanwhile, Major Jason Lowery’s “Softwar” thesis previously proposed proof-of-work as a form of cyber power projection.
Tuberville framed the exchange around competition with China, noting that Beijing’s top monetary think tank has published its own strategic Bitcoin research.
INDOPACOM oversees approximately 380,000 personnel across the Asia-Pacific theater, the primary front for US-China strategic competition.
No official follow-up from the Department of Defense has clarified the scope of the tests as of April 22.
Immigration and Customs Enforcement bureaucrats are reportedly planning to use specialty facial recognition glasses to collect data on Americans in real time, independent journalist Ken Klippenstein revealed.
Financial statements viewed by Klippenstein point to the development of a facial recognition platform modeled after commercially available AI smart glasses, like Meta’s widely-panned “pervert glasses.” ICE’s in-house model, it seems, will allow agents to monitor video and reference vast federal databases of biometric information on subjects regardless of if they’ve been arrested, or even charged with a crime.
“The project will deliver innovative hardware, such as operational prototypes of smart glasses, to equip agents with real-time access to information and biometric identification capabilities in the field,” read an ICE budget document leaked to Klippenstein.
Perhaps most alarmingly, Department of Homeland Security insiders told the investigative journalist that the technology involved isn’t limited to immigration enforcement.
“It might be portrayed as seeking to identify illegal aliens on the streets,” one anonymous DHS attorney told Klippenstein, “but the reality is that a push in this direction affects all Americans, particularly protestors.”
That reveal comes just a few months after an incident in Maine in which an ICE agent admitted to scanning protestors’ faces with his phone. “We have a nice little database, and now you’re considered domestic terrorists,” the agent tells a couple who were out documenting the immigration agents in their community.
In October, 404 Media reported that ICE agents were scanning peoples’ faces in order to check whether they were citizens. These targets for surveillance are often chosen at random — we now know that many of ICE’s arrests over the past year have been circumstantial, a far cry from the targeted enforcement of known criminals the Trump administration promised.
Taken together, what began as surveillance infrastructure marketed for catching illegal immigrants now seems to be coming for residents as well. ICE’s smart glasses represent the next iteration of a creeping panopticon that, once in place, will be nearly impossible to uproot — as the history of US immigration enforcement and domesticsurveillance has shown us time and again.
Arbitrum’s Security Council Seizes $71M in Stolen ETH After KelpDAO Bridge Hack
BREAKING · APRIL 21, 2026 · ARBITRUM · DEFI ANALYSIS
Arbitrum’s Security Council Seizes $71M in Stolen ETH After KelpDAO Bridge Hack
Arbitrum’s Security Council just immobilized $71 million in stolen ETH. One emergency vote.
Nine signatures. And a question that won’t go away: can a “decentralized” network
really freeze your funds?
ETH Frozen30,766 ETH ≈ $71M
Original Exploit$292M rsETH
Council Vote9 of 12 in favor
Suspected ActorLazarus Group (DPRK)
$292MTotal Exploit Value
$71METH Frozen by Arbitrum
18%rsETH Supply Drained
$230MPotential Aave Bad Debt
§ 01 — The Attack
How 116,500 rsETH Materialized Out of Thin Air
On Saturday, April 18, 2026, at precisely 17:35 UTC, someone
did something extraordinary: they minted 116,500 rsETH tokens on Ethereum mainnet
with zero legitimate backing behind them. Worth roughly $292 million
at the time, this wasn’t a flash loan attack or a smart contract reentrancy bug.
The contracts ran exactly as written. The verification layer was the weapon.
KelpDAO is a liquid restaking protocol built on EigenLayer. Users deposit ETH,
which earns compounding yield across EigenLayer’s Actively Validated Services,
and receive rsETH — a tradeable liquid restaking token representing
their position. To enable rsETH to move across the multi-chain ecosystem, KelpDAO
deployed a LayerZero-based bridge architecture using the OFT
(Omnichain Fungible Token) standard. As of the exploit, that bridge held the
backing reserve for rsETH deployed across more than 20 networks — Arbitrum, Base,
Linea, Blast, Mantle, Scroll, and more. The protocol had roughly $1.07 billion
in total value locked, making it the second-largest participant in EigenLayer’s
ecosystem. This was the reserve that was drained.
// Forged origin packet → EID 30320 (Unichain)
→ 116,500 rsETH released from escrow
→ Single Transfer · One OFTReceived · One PacketDelivered
→ ~$292,000,000 exited the protocol
The Technical Root Cause: A 1-of-1 DVN
LayerZero’s security model is built on Decentralized Verifier Networks
(DVNs) — independent entities that verify and attest to the authenticity
of cross-chain messages. When a message travels from Chain A to Chain B, one or
more DVNs must observe the packet on the source chain and deliver a signed
attestation to the destination. The critical configuration choice is how many
DVNs must agree.
KelpDAO’s rsETH bridge was configured with a 1-of-1 DVN setup —
LayerZero Labs itself as the sole verifier. A single signature was all that stood
between the bridge’s escrow and the open internet. The attackers, preliminarily
attributed to North Korea’s Lazarus Group (TraderTraitor unit),
exploited this exactly.
April 18 · 10:20 AM PT
RPC Node Compromise Begins
Attackers compromise two of LayerZero’s downstream RPC nodes, swapping out
op-geth binaries with malicious versions engineered to selectively lie to the DVN
while reporting accurate data to all other querying IP addresses.
April 18 · ~11:30 AM PT
DDoS Triggers Failover
Attackers DDoS the uncompromised RPC nodes, forcing LayerZero’s DVN to failover
to the poisoned endpoints. The malicious nodes confirm fraudulent cross-chain
transactions that never occurred on the source chain.
April 18 · 17:35 UTC
The Drain — 116,500 rsETH Released
A forged LayerZero packet claiming origin from KelpDAO’s Unichain deployment
passes the single compromised DVN. The OFT Adapter releases 116,500 rsETH
from escrow to the attacker’s address. ~$292M exits in a single transaction.
April 18 · 18:21 UTC
KelpDAO Emergency Pause (46 Minutes Later)
Kelp’s emergency multisig freezes core contracts. Two subsequent follow-up
attacks at 18:26 and 18:28 UTC — each attempting another 40,000 rsETH (~$100M)
— both revert. The pause held.
April 18–19
DeFi Contagion Spreads
Attackers weaponize stolen rsETH as Aave v3 collateral, borrowing $196M in WETH.
Aave WETH markets hit 100% utilization. Aave, SparkLend, and Fluid freeze rsETH
markets. $6.6B in TVL collapses within 48 hours across affected protocols.
§
§ 02 — The Intervention
Arbitrum’s Security Council Acts: A Race Against the Bridge
As stolen funds began moving through the ecosystem, blockchain security firm
PeckShield flagged a critical development: the exploiter had
already initiated a native bridge withdrawal from Arbitrum back to Ethereum
mainnet. The clock was ticking. If the 30,766 ETH that had been consolidated
on Arbitrum One completed the withdrawal, it would enter Ethereum’s base layer —
far harder to intercept.
The Arbitrum Security Council — a 12-member body elected by
the Arbitrum DAO through semi-annual elections — convened an emergency session.
According to council member Griff Green, the deliberation involved
“countless hours of debates, technical, practical, ethical and political.”
Nine of the twelve members voted to act. The council coordinated with law enforcement,
who provided input on the exploiter’s identity. Security researchers later linked
the operation to North Korea’s Lazarus Group.
“The Security Council identified and executed a technical approach to move
funds to safety without affecting any other chain state or Arbitrum users.”
— Arbitrum Security Council · April 21, 2026
Using the 0x0000000000000000000000000000000000000DA0 precompile
— a standard native ETH transfer mechanism — the council moved 30,766 ETH
to a protocol-controlled intermediary address. The freeze was confirmed by
Lookonchain approximately 20 minutes after execution. The
funds were intercepted before the bridge withdrawal completed.
Represents ~24% of the total $292M stolen PARTIAL RECOVERY
Remaining ~$220M moved via other chains UNRECOVERED
Lazarus Group suspected to be routing remainder LAUNDERING
For observers watching the situation unfold in real time, the move carried a weight
that went beyond the mechanics of a single freeze. Dylan Dewdney, Founder of Kuvi AI,
was among those who felt the historical echo immediately.
“It’s a fascinating moment for crypto governance — reminds me actually of the same
gravitas as TheDAO, in a way. On one hand, decentralization purists will hate it.
On the other, a DAO effectively looked at a state-sponsored hacking group and said:
not this time. Arbitrum just demonstrated that onchain systems can defend themselves
in real time. In a strange way, they out-coordinated one of the most sophisticated
adversaries in the world. Legitimately onchain gangster moves.”
— Dylan Dewdney, Founder, Kuvi AI
§
§ 03 — The Blame Game
LayerZero vs. KelpDAO: Who Owns a $292M Default?
Even as funds were being frozen, a parallel battle erupted between the two parties
at the center of the exploit. LayerZero moved first with a post-mortem attributing
responsibility squarely to KelpDAO’s configuration choices. Kelp fired back with
documentation. The dispute cuts to the heart of modular DeFi architecture.
LayerZero’s Position
LayerZero stated that KelpDAO “chose to utilize a 1/1 DVN configuration”
despite the protocol’s consistent recommendation of multi-DVN redundancy.
The firm argued that a properly hardened setup would have required consensus
across multiple independent verifiers, making the attack ineffective even with
a single node compromised. LayerZero announced it would stop signing
messages for any application using a single-validator setup going forward,
forcing a broad migration across its ecosystem.
KelpDAO’s Counter
Kelp pushed back hard. The team argued the 1-of-1 DVN was not a rogue customization
but LayerZero’s own documented default. The protocol’s
V2 OApp Quickstart — including the sample layerzero.config.ts — wires
every pathway with one required DVN and no optional DVNs. Kelp added that approximately
40% of protocols currently on LayerZero use the same configuration,
and that in the direct communications channel with LayerZero open since July 2024,
there was no specific recommendation to change the rsETH DVN setup.
@cryptogoblin · April 19, 2026
“The KelpDAO exploit (~$290M) is NOT a LayerZero protocol bug. It’s a configuration
issue and a case study every project with a cross-chain token needs to look at today.
The smart contracts weren’t broken. The verification layer was.”
@FishyCatfish · April 19, 2026
“There is no security floor. A configuration can be a 1/1 DVN and the DVN you chose
can be a single node ran by a single entity. This is a design flaw.”
Independent analysis from Blockaid confirmed: “The KelpDAO exploit will be studied
as the definitive case study in bridge DVN configuration risk. It did not require a
zero-day. It exploited a weak governance policy and limited controls.” Chainalysis
put it more bluntly: the attack proves that detecting malicious code isn’t
enough — protocols must detect when a system enters an impossible state.
§
§ 04 — DeFi Implications
The Contagion Map: From rsETH to Aave to the Whole Ecosystem
The KelpDAO exploit did not stay contained. Within 46 minutes of the drain, the
attackers began weaponizing the stolen rsETH across DeFi’s interconnected lending
infrastructure. The mechanics were straightforward and devastating.
Attackers deposited the minted rsETH on Aave v3 as collateral and
borrowed $196 million in WETH against it. Aave’s WETH market hit
100% utilization, rendering deposits inaccessible
and triggering a $5.4 billion liquidity withdrawal cascade. Total DeFi TVL collapsed
by $6.6 billion within 48 hours. Aave, SparkLend, and Fluid all froze
their rsETH markets. Lido disclosed approximately $21.6 million in rsETH exposure
through its EarnETH product and signaled it may deploy a $3 million loss buffer.
Scenario A: Losses socialized across all rsETH holders across chains
$123.7M bad debt · ~15% depeg
Scenario B: Losses isolated to L2 markets (Arbitrum, Mantle)
Up to $230.1M impact
Aave treasury backstop available $181M treasury
Umbrella model available in certain cases Active
April 2026 has become the worst month for crypto hacks since February 2025,
with over $606 million lost in just 18 days.
The KelpDAO incident came on the heels of the Drift Protocol breach
($285M, April 1) — also linked to Lazarus Group — suggesting a sustained,
coordinated campaign targeting DeFi infrastructure rather than isolated opportunistic
attacks.
The structural lesson is uncomfortable: liquid restaking tokens (LRTs)
as collateral on money markets create systemic amplification. When an
LRT loses peg or backing, lending protocols don’t just feel the impact of the
token — they absorb the entire downstream leverage built atop it. This is the
second time in 2026 that an LRT collateral accepted on Aave has produced a
nine-figure incident downstream of a non-Aave failure.
§
§ 05 — The Core Tension
The Decentralization Paradox: Safety Valve or Fatal Contradiction?
Arbitrum’s intervention was precise, effective, and — for many in the crypto
community — deeply troubling. In a single emergency session, a 12-person council
immobilized 30,766 ETH that an external party held in their address.
The funds were moved without a DAO vote, without the standard governance delay,
and without consulting the broader community before execution. The legality, the
ethics, and the precedent are all contested.
“A 12-person committee — elected by ARB token holders, sure — just demonstrated
it can immobilize any funds on the network given sufficient justification. For a
technology built on the promise of permissionless transactions, that’s either a
necessary safety valve or a fundamental contradiction.”
— Blockchain.news analysis · April 21, 2026
The Arbitrum Security Council is defined in the Constitution of the
Arbitrum DAO as a 12-member body divided into two cohorts, with members
elected in semi-annual elections by ARB token holders. The council is bound by
the Constitution to use its emergency powers only when necessary for
declared security emergencies, and must issue a transparency report when those
powers are invoked. The frozen ETH can only move through further governance action —
ARB holders will ultimately vote on its fate.
The Community Splits
For the Freeze
$71M recovered, likely from state-sponsored thieves
Zero impact on legitimate users or applications
Law enforcement coordination adds legitimacy
Funds remain under governance — not taken
DPRK laundering would have made recovery impossible
Security Council acted within its constitutional mandate
Against the Freeze
Permissionless transactions is the core value proposition
Council can theoretically freeze any funds on the network
Sets precedent for future, potentially non-consensual freezes
“Decentralized” becomes a marketing term, not a guarantee
Who decides what justification is “sufficient”?
Ethereum community has concerns about L2 centralization
@Leonidas (DOG creator) · April 21, 2026
“Decentralized has become a marketing term. Only Bitcoin is actually decentralized.”
@baeyeee · April 21, 2026
“WLFI is accused of wrongfully freezing user assets, while ARB froze stolen funds
linked to DPRK hackers. One is ethically accepted, the other is criticized — but both
prove the same point. When it matters most, governance overrides decentralization.”
@JoelKatz (Ripple CTO David Schwartz) · April 21, 2026
“They can make the chain claim that they did whatever they want to all of the funds
on the chain. But they cannot compel anyone to listen to those claims. Everyone else
can make different claims and choose which set of claims to honor.”
The Stage 2 Problem
The Arbitrum DAO’s own governance documentation asks the question directly:
“Can the governance process be further decentralized? How and when can the
Security Council’s power be further minimized, or eliminated entirely?”
These don’t have easy answers. Arbitrum achieved Stage 1 decentralization
with permissionless fraud proofs via the BoLD upgrade. But Stage 2
— which would limit the Security Council to adjudicating only demonstrable bugs —
remains a future aspiration, not a current reality.
The irony is sharp: the same emergency power that just recovered $71M in stolen funds
is precisely the mechanism that prevents Arbitrum from claiming Stage 2 decentralization.
Security and trustlessness are in direct tension, and today’s events demonstrated
that tension is not theoretical.
§
§ 06 — What Comes Next
Open Questions & The Road Forward
As of April 21, 2026, the 30,766 ETH remain locked in the protocol-controlled
address at 0x000...0DA0. No timeline has been
set for final disposition. The ARB community will vote on what happens to the funds
— options range from returning them to affected KelpDAO users to holding them pending
law enforcement proceedings. KelpDAO’s rsETH contracts remain paused. Founders
Amitej G and Dheeraj B have not announced a recovery timeline.
Open Questions as of Publication
How will ARB governance vote to allocate the frozen $71M? PENDING VOTE
Will other chains with similar emergency powers freeze their portions? UNCERTAIN
Who bears legal liability — KelpDAO, LayerZero, or both? DISPUTED
Will Aave deploy its Umbrella backstop for rsETH bad debt? MONITORING
Will LayerZero’s forced DVN migration affect other protocols? IN PROGRESS
Can the remaining $220M be traced before laundering completes? UNLIKELY
The KelpDAO exploit has accelerated three structural conversations that DeFi has
been deferring: bridge configuration standards (who sets them, who
enforces them, and who is liable when defaults cause catastrophic losses);
LRT collateral risk in money markets (the second $100M+ incident
in 2026 with restaked ETH tokens as the vector); and Layer 2 emergency
powers (the legitimate tension between user protection and permissionless
guarantees).
Chainalysis’s recommendation cuts through the noise: protocols must build systems
capable of detecting when they have entered an “impossible state” —
where issued tokens exceed locked collateral. For a cross-chain bridge, that means
real-time consistency monitoring across every deployed chain. For DeFi as a whole,
it means acknowledging that the “code is law” principle has never been fully true —
and deciding what replaces it.
“The Lazarus Group, if indeed responsible, has already moved the remaining $220 million
through various chains. Arbitrum caught what it could. The rest is likely gone.”
Most crypto investors develop convictions through price charts and market cycles. XRP Bags, a widely followed XRP enthusiast on X, holds his through something else entirely, which is a documented paper trail connecting Ripple to nearly every major institution currently building a new financial system.
XRP Bags’ conviction on XRP is mostly due to its access. Ripple, he notes, was the only crypto company invited to the Federal Reserve’s payments task force, the only one featured by the World Bank’s Better Than Cash Alliance, and the first ISO 20022 member focused on distributed ledger technology.
In July 2025, the US Federal Reserve officially adopted ISO 20022 for its FedWire Funds Service, requiring all financial institutions using FedWire to send and receive messages in the new format.
Ripple had already positioned itself ahead of that transition. In 2020, it became the first blockchain company to join the ISO 20022 Standards Body and has since aligned its infrastructure, particularly RippleNet, to meet the standard’s requirements.
The analyst also pointed to Ripple’s seats on the IMF’s fintech advisory board, the World Economic Forum, the Digital Dollar Project, the Digital Pound Foundation, and the Digital Euro Association as reasons why he keeps holding XRP through everything.
The mention of Ripple’s participation in the Federal Reserve’s Faster Payments Task Force is often cited within the XRP community as a key milestone. These partnerships were also noted at WEF 2026 in Davos, where Ripple CEO Brad Garlinghouse participated in discussions around blockchain, CBDCs, and cross-border payments.
The Talent Strategy Behind Ripple
XRP Bags is not relying on Ripple’s partnerships alone on its conviction, but also on the talent behind Ripple’s workings and who the company has chosen to hire.
Over time, Ripple has brought in individuals with backgrounds tied to regulators. The list he cited includes former US Treasury officials, former Federal Reserve attorneys, former SWIFT board members, former SEC chairs, former BlackRock digital asset executives, and former Obama and Clinton administration advisors.
According to the pundit, this list is composed of people who were chosen to build the new financial system before most people knew a new financial system was being built. He summed it up by asserting that “the people building the future already made their choice.”
There’s no denying the fact that Ripple is positioning itself as a top contender in the future of finance. In 2025, Ripple engaged in an acquisition spree, spending nearly $4 billion in total ecosystem investments and strategic deals, including almost $3 billion on major acquisitions.
These moves are expected to strengthen the foundation of XRP’s long-term value. According to CEO Brad Garlinghouse, improving XRP utility is Ripple’s North Star, and some of its major acquisitions from last year have already surpassed internal projections.
Bitcoin’s price was halted at its multi-month peak at over $78,000 on Friday, and the subsequent conflicting actions and statements from Iran and the US have led to another retracement to under $75,000 as of press time.
The latest set of blame-throwing came minutes ago, as reports emerged that Iran believes they are “facing deception” from US President Donald Trump due to “inconsistency with what is actually happening.”
Moreover, Iranian officials said they believe the two sides are “on the verge of a new round of escalation,” as reported by The Kobeissi Letter.
However, the US blockade remained in place, and Iran decided to close the Strait just a day later. Trump started to threaten once again, while also saying that both nations’ delegations will meet again in Pakistan for another round of peace talks. In contrast, Iran’s Tasnim news agency said there were no such plans.
Trump then alleged that there’s a “divide” in the Iranian government and threatened to “blow up” the entire country if the two nations fail to reach an agreement.
This rather escalating uncertainty, with just a few days left until the ceasefire deal ends, led to a weekend correction for BTC, as the asset just slipped below $75,000. It’s now down by almost $4,000 since the Friday peak.
However, more volatility is to be expected later this evening when the futures legacy markets open and tomorrow morning, as it has happened in previous instances following major weekend developments.
The cryptocurrency sector has been clamoring for regulatory clarity, but concerns about the contents of the CLARITY Act have risen.
Galaxy Digital’s (NASDAQ: GLXY) research head, Alex Thorn, highlighted sanctions data and surveillance concerns, warning that the CLARITY Act may not be all good news as the community is hoping.
Is the CLARITY Act a surveillance bill in disguise?
The U.S. Senate has returned from its recess, and debates regarding the Digital Asset Market CLARITY Act have begun; however, Alex Thorn, head of research at Galaxy Digital (NASDAQ: GLXY), has urged caution.
He warned in a January 2026 client note that while the industry has long wished for regulatory clarity, the current version of the bill contains “fine print” that represents the largest expansion of financial surveillance since the USA PATRIOT Act.
According to an analysis shared by Thorn, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) has historically sanctioned 518 Bitcoin addresses. These addresses have cumulatively received 249,814 BTC, sent 239,708 BTC, and currently hold a net balance of approximately 9,306 BTC, worth roughly $707 million.
OFAC-sanctioned addresses. Source: Alex Thorn via X/Twitter
Thorn notes that OFAC’s Specially Designated Nationals (SDN) list is just one tool the Treasury uses today. However, the CLARITY Act would expand these powers significantly, giving the department new tools to intercept illicit assets.
Thorn warned in March that if the CLARITY Act does not pass committee by the end of April 2026, the odds of passage this year become “extremely low.” Reports indicate that negotiators are close to a deal on stablecoin yields, but other hurdles remain.
Supporters on the Senate Banking Committee argue the CLARITY Act is designed to “crack down on illicit finance” while protecting software developers and promoting innovation. The official summary states the bill gives law enforcement “new, targeted tools to combat money laundering, terrorist financing, and sanctions evasion.”
Aside Thorn, Cardano founder Charles Hoskinson argues the language goes too far. Hoskinson has warned that the legislation’s broad provisions could be exploited by future political administrations, regardless of which party is in power.
The fact that the bill automatically classifies new digital tokens as securities with virtually no pathway to reclassification is also an issue, as it stifles competition.
One independent analysis of a previous draft noted that while the bill includes a “Keep Your Coins Act” preventing bans on self-custody, it contains loopholes that still allow for government intervention regarding illicit finance.
The introduction of “Distributed Ledger Application Layers” in the draft could also create compliance obligations for software applications that could force DeFi interfaces to monitor users.
Who benefits from the new rules?
Wall Street giants, including JPMorgan Chase & Co. (JPM) and Citadel LLC, are actively lobbying the SEC to ensure tokenized securities do not receive special treatment.
In a recent letter to the SEC, Thorn argued that “forcing a new architecture to clone the old one” is not technology neutrality. Instead, he suggests that a decentralized automated market maker (AMM) should not be classified as an exchange because it is “autonomous code” and not an organization of persons operating a marketplace.
Thorn argues that liquidity providers (LPs) on AMMs are simply traders using their own balance sheets, not dealers serving customers.
He warns that banks and brokerages are playing a cynical game where they publicly back Bitcoin but use their Washington lobbyists to delay real integration that would threaten their control over market structure.
According to JPMorgan analysts, the legislative disputes have narrowed to two or three core questions, primarily revolving around stablecoin rewards.
The tentative compromise would ban passive “idle yield” on stablecoins, because banks fear it would drain deposits, while allowing activity-based rewards. However, critics like Ryan Adams argue that if banks succeed in killing yield provisions, it proves the Senate is prioritizing bank interests over the public.
For most of its life, crypto lived outside the financial system. If you wanted to move dollars in or out of an exchange, that money still had to pass through a regular bank somewhere along the way. Most people assumed it would stay that way until Washington finally decided how to regulate it.
But that assumption is now breaking down. In March 2026, a regional Federal Reserve bank approved a limited account for Kraken, the first time a crypto exchange has ever been allowed to plug directly into the US central bank’s payment system. More approvals could follow, and the GENIUS Act, passed last year, has cleared a path for ordinary banks to start issuing their own digital dollars.
None of this needed a sweeping “crypto law”: it was a series of smaller, technical decisions that have added up and changed the picture entirely.
Crypto may not be waiting for permission anymore. It may already be finding a way in.
What a “backdoor into the system” actually means
The US financial system runs on a set of payment networks operated by the Federal Reserve. Banks use them to move money between each other, settle transactions at the end of the day, and tap dollar liquidity when they need it. The most important, called Fedwire, moves trillions of dollars between banks every single day.
To use those networks, an institution needs an account at the Fed, which was historically reserved for licensed banks. Everyone else had to rent access by going through a partner bank that already had one.
That’s what just changed. Kraken’s banking unit now has its own direct line into the Fed’s payment system, without routing dollars through another bank first. The account is limited, which means it won’t have interest on reserves or access to the Fed’s emergency lending, but it lets Kraken settle its own dollar transactions on the same infrastructure banks use.
Think of the difference this way: instead of using a third-party app to talk to your bank, you have your own connection to the bank’s back end. Faster, cheaper, and no longer dependent on a middleman that can say no.
For years, US crypto policy has moved slowly, pulled between agencies that didn’t agree on the basics. At the same time, demand for crypto services from big institutional investors hasn’t gone away. They want cleaner, regulated ways to touch the asset class.
So the system is adapting practically, not politically.
The GENIUS Act gave digital dollars their first real federal rulebook and effectively invited regulated banks into the market. Regulators began handing out special charters that let nonbank firms like Circle operate with bank-like privileges.
The Fed opened a public comment period on a lighter-weight account designed for payment-focused firms. Wyoming’s crypto-friendly bank charter, once treated as an experimental oddity, became the legal vehicle that carried Kraken through the door.
All of this means that your bank’s exposure to digital assets is going up, either through partners, products, or its own tokens. Citi has said it’s targeting a 2026 launch of crypto custody. A group of major global banks, including JPMorgan, Bank of America, and Goldman Sachs, has explored a jointly-backed digital dollar. Even if you never buy crypto, it will now sit on the edges of the account you already have.
This comes with quite a few risks for markets, though. When the pipes between crypto and traditional finance get wider and shorter, money moves faster in both directions, and so do shocks.
For crypto, direct access to payment systems is a stamp of legitimacy that would have been unthinkable a few years ago. But it also means it loses the “outside the system” identity that defined it, and takes on some of the same responsibilities.
The more connected crypto becomes, the less isolated its risks are.
The real tension: stability or contagion for crypto?
One view (call it the normalization case) is that pulling crypto inside the regulated perimeter makes everyone safer. Companies with direct Fed access have to meet stricter standards, and reserves get easier to monitor. This is a net positive for users, as they end up with fewer opaque middlemen between their dollars and the exchange. When seen through this lens, integration reduces risk rather than creating it.
The other view is hard to ignore, as the scares from the 2008 financial crisis are still fresh for many.
The US banking lobby reacted to the Kraken decision by warning that lightly regulated companies like this with direct access to the payment system introduce all kinds of money-laundering and operational risks. However, they would also open a Pandora’s box of new risks: in a panic, money could actually flood into these new accounts, draining deposits from the community banks and credit unions that fund the real economy.
The Bank Policy Institute, representing the country’s largest banks, said the approval happened before the Fed Board had even finished writing its own rulebook for these accounts.
The question underneath this fight is pretty simple: if crypto becomes part of the system, does it make the system stronger or more fragile?
Financial crises are rarely about the risk everyone is watching. They’re a result of the connections no one modeled, and many believe that the new direct connection between crypto markets and the Fed’s payment rails is exactly that kind of linkage.
The subtle part
Part of what makes a huge shift like this hard to see is that nobody is announcing it as one.
There’s no press conference where “crypto joins the banking system,” because there doesn’t need to be. A regional Fed approval here, a stablecoin rulebook there, and a charter granted to a firm most people have never heard of.
Each of these items is boring on its own terms, which is why they clear without the kind of political fight that most comprehensive crypto laws have been stuck in for years.
More crypto firms will almost certainly follow Kraken once the Fed finalizes its lighter-weight account framework, and the approvals will be granted one at a time, in different Federal Reserve districts, with conditions that take pages of legal language to unpack.
Big banks will keep rolling out custody services and their own digital dollars as ordinary product launches, not ideological statements, while the Kraken cybersecurity incident this spring (an extortion attempt built around insider access) hands the banking lobby exactly the kind of material it needs to argue that lightly regulated firms shouldn’t be sitting on the same rails as JPMorgan.
A comprehensive crypto market-structure law may still pass, and probably will eventually, but by the time it does, the thing it’s meant to govern will already have been built around it, and the interesting question will no longer be what the rules say but how much of the system has stopped needing them.
The numbers are in, and they are not pretty for everyday traders who bet on prediction markets.
Despite handling tens of billions of dollars in trades, these platforms appear to be leaving the overwhelming majority of users worse off financially.
Prediction markets have grown fast. By 2025, platforms like Polymarket and Kalshi were processing $28 billion in trading volume.
The idea behind them is simple: people bet on future events, and the odds that form are supposed to reflect what the public genuinely believes will happen.
Arizona Democrat Yassamin Ansari recently targeted both Polymarket and Kalshi, calling them “casinos where the rich and powerful are the house and everyone else is the chips.”
She posted on X that 99.96% of users lose everything while the top 0.04% walk away with billions.
Ansari slams the prediction market as a rigged casino Source: @RepYassAnsari
Her claim comes from a December 2025 on-chain analysis by a blockchain researcher known as DeFi Oasis.
That study found that less than 0.04% of Polymarket wallet addresses captured more than 70% of all realized profits, totaling $3.7 billion.
Analysts, however, pointed out that Ansari’s wording mixes up two separate figures. The 0.04% refers to who captured most of the winnings, not simply who won anything at all.
Ansari is co-sponsoring a bill called the BETS OFF Act alongside Sen. Chris Murphy of Connecticut and Reps. Greg Casar and Rashida Tlaib of Texas and Michigan, respectively. The bill would ban betting on events like war, terrorism, assassination, and government decisions.
Whatever the exact interpretation of the 0.04% figure, more recent data puts the problem in sharper focus.
The sharp drop, according to Sergeenkov, is tied to a flood of new and inexperienced users drawn in by the buzz around the November 2024 U.S. presidential election. “Less experienced users tend to trade less successfully,” he noted.
The 84.1% figure is also higher than what a 2025 study from researchers Felix Reichenbach and Martin Walther found.
Their paper put the losing share at around 70%. The difference, Sergeenkov explains, comes down to how the math is done.
His method accounts for wallet splits and merges, which earlier analyses left out. “When splits are left out, an address looks more profitable because one category of expenses is simply invisible,” he said.
The numbers behind the losses
A deeper look at the data shows just how rare meaningful earnings are on these platforms. Of 2.5 million wallets studied, only 2% had ever made more than $1,000 in total. Just 0.32% had cleared $10,000, and only 840 wallets, that is 0.033%, had earned more than $100,000.
The average trade on Polymarket is $89, and 80% of traders never place a bet larger than $500 on average.
The idea of replacing a regular paycheck through trading appears almost out of reach. The average monthly salary in the United States is roughly $5,000. Only 0.98% of traders ever hit that mark in a single month.
The number who managed it for 12 months straight: just 35 out of 2.5 million people.
The findings carry weight at a time when major financial institutions have moved in.
The Intercontinental Exchange, which owns the New York Stock Exchange, completed a $2 billion deal with Polymarket in March. Kalshi recently raised $1 billion, pushing its valuation to $22 billion.
The BETS OFF Act and a separate bill called the Death Bets Act, introduced by Rep. Mike Levin, are not widely expected to pass in the current Congress. Still, observers say the push for stronger protections for everyday users is not going away.
