For almost a 12 months, the U.S. authorities has been present process a historic shift in its Bitcoin holdings, shifting from a messy case-by-case stock of seized cryptocurrencies to a nationwide strategic stockpile.
This ambition, typically framed as a “digital Fort Knox,” is presently present process a take a look at of credibility following allegations that round $40 million in cryptocurrencies had been siphoned off from seized government-linked wallets.
Even when the reported losses are small in comparison with the roughly $28 billion in Bitcoin that the US is broadly believed to manage, this episode cuts into the core premise of the brand new posture. This raises questions on whether or not Washington can handle a sovereign-sized Bitcoin stability sheet with reserve-grade safety and auditable controls.
Suspected insider breach
Over the weekend, blockchain researcher Zach
ZachXBT linked the theft expenses to John D’Aguita, often known as Rix, who maintains household ties to executives at Command Companies and Help (CMDSS), a non-public firm contracted to help the US Marshals Service (USMS) with crypto seizure operations.
Dean D’Aguita serves as president of CMDSS, in keeping with firm filings. The corporate, based mostly in Haymarket, Virginia, contracts with USSMS to handle and eliminate sure forms of digital forex seized.
ZachXBT stated he was capable of join John D’Aguita to the theft expenses after what he known as a “band-on-band” altercation on Telegram. The dispute concerned two people trying to show their wealth by evaluating their pockets balances.
The dispute allegedly culminated when an individual recognized as “Lick” shared screens of his Exodus pockets and transferred massive sums of cash in actual time.
This screen-sharing exercise offered proof that ZachXBT was monitoring a cluster of addresses related to over $90 million in suspected illicit flows. Roughly $24.9 million of this quantity was transferred from U.S.-controlled wallets in March 2024.
This state of affairs has much less to do with exploiting superior protocols and extra to give attention to vulnerabilities associated to custody governance, contractor entry, and forms of human failure modes that are usually much less scalable when actual cash and actual operational complexity collide.
In the meantime, this isn’t the primary time that the federal authorities’s crypto asset custody operations have come beneath intense scrutiny. In October 2024, roughly $20 million was leaked from wallets associated to Bitfinex hack proceeds, however the majority of the funds had been recovered.
Fragmentation creates threat
Within the well-liked creativeness, the US authorities’s roughly $28 billion Bitcoin place appears like a single stockpile behind a single set of controls.
Nonetheless, the truth of working these belongings is rather more fragmented.
Custody preparations for seized cryptocurrencies are a patchwork of presidency businesses, authorized statuses, and custody options. Funds can exist at totally different factors within the forfeiture pipeline, and “US holdings” will not be a single ledger entry, however relatively a posh operational system.
This distinction is vital as a result of safety in a multi-institutional mesh depends on course of self-discipline, constant requirements, and speedy motion of funds from non permanent seizure wallets to long-term chilly storage.
It’s because a single administrator may be protected by a fortress-like protocol.
Nonetheless, programs involving a number of distributors and handoffs behave in another way. This depends on consistency of management throughout all nodes within the community, together with folks and contractors concerned within the course of.
This expands the assault floor on account of ambiguity about which entity holds which keys and when.
Surveillance can due to this fact creep into the gaps between establishments, between non permanent wallets and long-term storage, and between coverage targets and day-to-day operational realities.
In that context, this reported lack of $40 million takes on even better significance because it represents a failure of the method.
Such storage failures counsel publicity in unknown areas, particularly when the vulnerability is rooted in vendor governance or insider entry relatively than a one-time technical exploit.
Contractor “hardtail” vulnerabilities
Contractors like CMDSS play a central position in understanding this threat profile as a result of they’re situated the place authorities storage programs are most advanced.
A March 2025 Basic Accounting Workplace (GAO) resolution confirmed that the USMS awarded CMDSS a contract to handle “class 2-4 cryptocurrencies.”
The GAO doc makes distinctions between asset lessons that assist clarify why contractors are vital.
Class 1 belongings are usually liquid and may be simply supported in normal chilly storage. In distinction, belongings in lessons 2-4 are stated to be “much less well-liked” and require specialised processing involving bespoke software program or {hardware} wallets.
That’s the hardtail of crypto asset administration: not simply Bitcoin or just a few different liquidity tokens, however a protracted record of belongings in a messy stock that arrives through foreclosures. Managing these belongings might require totally different blockchain operations, unfamiliar signature flows, and complicated liquidation necessities.
In observe, this implies counting on outdoors experience to handle essentially the most tough facets of custody. Beneath this mannequin, governments are successfully outsourcing essentially the most laborious components of cryptocurrency operations.
GAO notes that contractors’ use of presidency belongings for staking, borrowing, or funding is strictly prohibited.
Nonetheless, a contractual prohibition will not be a bodily restriction. If human controls are circumvented, personal key misuse can’t be prevented by itself.
That is why this allegation, framed as contractor ecosystem threat and social engineering relatively than a protocol failure, carries extra weight than the precise allegation of theft. When system resiliency is dependent upon self-discipline and handoffs throughout all distributors, the weakest nodes turn out to be essentially the most enticing targets.
Notably, warnings about custody gaps aren’t new. The 2025 report highlighted that the USMS was unable to offer even a tough estimate of its BTC holdings and had beforehand relied on spreadsheets missing correct stock administration. A 2022 Division of Justice Workplace of Inspector Basic audit explicitly warned that such gaps may result in lack of belongings.
Is the US ready to carry on?
Shifting U.S. coverage makes these operational gaps more and more harmful.
The White Home has directed the Treasury Division to handle custodial accounts that “should not promote” Bitcoin and has moved to create a Strategic Bitcoin Reserve and a separate digital asset stockpile.
This coverage change shifts the federal government’s position from non permanent custodian, traditionally related to auctions and disposal of proof, to long-term custodian.
For years, crypto markets have handled the U.S. authorities’s stash as a possible oversupply and a possible supply of promoting stress if the seized cash had been liquidated.
Nonetheless, the strategic reserve framework modifications the angle, because the central problem turns into the reliability of detention.
If Bitcoin is handled as a reserve asset just like gold, normal traders will implicitly demand vault-level safety, clear custody controls, constant administration, and auditable procedures.
This alleged theft of $40 million due to this fact as soon as once more focuses consideration on whether or not the infrastructure supporting this ambition nonetheless resembles an advert hoc proof workflow or is being scaled up for long-term administration.
It’s because the big and well-known authorities holdings of Bitcoin generally is a prime goal for malicious actors trying to exploit a porous system. Cryptocurrency analyst Murtuza Service provider stated:
“If criminals imagine that seized funds will probably be siphoned from authorities wallets, they could deal with forfeiture as a brief inconvenience relatively than an endpoint, particularly if cash laundering routes exist via exchanges or cross-chain hops.”
