Quick Insights

  • Circle is facing a class action lawsuit over the $285 million Drift Protocol exploit on Solana.
  • Plaintiffs say stolen USDC moved for about eight hours through Circle’s cross-chain rails without being frozen.
  • Circle says it freezes assets only when legally required, turning the case into a bigger test of what stablecoin issuers owe users during a live hack.

Circle is facing a class action lawsuit over the $285 million Drift Protocol hack, reviving one of the hardest questions in crypto. When stolen funds are moving through a stablecoin issuer’s own system in real time, what is that issuer supposed to do?

The case was filed on April 14 and centres on an eight-hour window after the April 1 exploit, when attackers allegedly moved roughly $232 million in USDC from Solana to Ethereum using Circle’s Cross-Chain Transfer Protocol. According to Decrypt’s report on the filing, the plaintiffs’ argument is not simply that funds were stolen, but that Circle had visibility into the flow and failed to step in while the money was still moving.

Circle Faces Lawsuit Over the $285M Drift Protocol Hack

That makes this about more than the exploit itself. Drift was hit in one of the biggest DeFi hacks of the year, and the fallout has now reached one of the market’s most important stablecoin issuers. The legal complaint turns a technical failure at a Solana trading platform into a broader test of how much responsibility centralised infrastructure providers should carry when hacks spill across chains.

Drift later said the attack was linked to North Korean state-affiliated actors who had allegedly spent months infiltrating the company while posing as a quantitative trading firm. Chainalysis has also described the exploit as a highly coordinated operation with indicators consistent with DPRK-linked tactics, even though formal attribution remained pending.

Plaintiffs Say Stolen USDC Moved for 8 Hours Unfrozen

The heart of the lawsuit is the timeline. Lawyers for affected Drift investors say the attackers were able to use USDC and Circle’s own cross-chain infrastructure to move a large share of the proceeds over several hours instead of being cut off quickly. That is why the case has resonated beyond the usual courtroom noise around crypto losses.

In practical terms, it touches the gap between what users think stablecoin issuers can do and what those issuers say they should do. In the middle of a live exploit, users often assume freeze powers act like an emergency brake. The lawsuit is trying to turn that assumption into a legal expectation.

Why This Matters

Stablecoins are sold as neutral settlement tools in normal conditions, but in a crisis the market tends to expect their issuers to behave more like gatekeepers. That tension is now at the centre of the case against Circle.

Circle Says USDC Freezes Require Legal Authority

Circle has pushed back firmly. In a recent company statement on accountability and open financial systems, Chief Strategy Officer Dante Disparte said the firm freezes USDC only when it is required to do so by law, not because it decides on its own that someone’s assets should be blocked. Circle’s position is that acting outside established legal process would create a different kind of danger, even when the pressure to intervene is intense.

That defence matters because it goes to the design of regulated stablecoins themselves. Circle wants USDC to look like compliant financial infrastructure, not a token whose issuer can arbitrarily reverse flows when public pressure spikes. The company laid that argument out in its April 10 blog post on accountability and rule of law, and the lawsuit now puts that stance under direct legal and reputational strain.

The Drift Hack Could Reshape Expectations for Stablecoin Issuers

This is why the case matters well beyond Circle and Drift. If plaintiffs gain traction, other stablecoin issuers may face growing pressure to intervene earlier and more aggressively in future hacks, especially when stolen funds are moving through systems they operate. If Circle’s defence holds, that would reinforce the idea that freeze powers are a legal tool rather than an on-demand rescue service.

The optics have already become harder for Circle because Drift later secured recovery commitments from other players, including Tether and additional partners. That does not settle the legal issue, but it changes the comparison. In one version of the story, Circle followed the rules. In another, it watched a huge slice of stolen USDC move across chains while competitors looked more responsive.

At a market level, the case also cuts into the long-running contradiction inside crypto. The industry still likes to talk in the language of decentralisation, but in moments of stress it leans heavily on centralised controls, legal authority and issuer discretion. For readers looking at the wider mechanics behind hacks, recoveries and protocol risk, our DeFi guide gives broader context on how these systems work once things go wrong.

That is the bigger significance of this lawsuit. It is not only about whether Circle should have frozen the funds. It is about whether stablecoin issuers can keep presenting themselves as neutral infrastructure when the market increasingly expects them to act as first responders.

Disclaimer: Nakamoto Daily provides information for educational and entertainment purposes only. Nothing published here constitutes financial, investment, or trading advice. Readers should conduct their own research and consult a qualified financial adviser before making any investment decisions.