Security of the US government’s $28B Bitcoin reserve threatened after weekend theft reveals flaw
The US authorities has been making an attempt to execute a historic pivot with its Bitcoin holdings, shifting from a messy, case-by-case stock of seized crypto right into a strategic nationwide reserve for almost a year now.
That ambition, typically framed as a “digital Fort Knox,” is now dealing with a credibility check after allegations that roughly $40 million in crypto was siphoned from government-linked seizure wallets.
Even if the reported loss is small relative to the roughly $28 billion in Bitcoin the US is broadly believed to regulate, the episode cuts at the core premise of the new posture. It raises doubts about whether or not Washington can handle a sovereign-scale Bitcoin stability sheet with reserve-grade safety and auditable controls.
The alleged insider breach
Over the weekend, blockchain investigator ZachXBT alleged that greater than $40 million in crypto was siphoned from US government-linked seizure wallets.
ZachXBT linked the alleged theft to John Daghita, popularly often known as Licks, who he mentioned maintains household ties to the government management of Command Services & Support (CMDSS), a personal agency contracted to assist US Marshals Service (USMS) crypto seizure operations.
Corporate filings point out that Dean Daghita serves as president of CMDSS. The agency is predicated in Haymarket, Virginia, and is contracted by the USMS to handle and dispose of particular classes of seized cryptocurrency.
ZachXBT mentioned he was capable of join John Daghita to the alleged theft after what he described as a “band-for-band” argument on Telegram, a dispute through which two people tried to show their wealth by evaluating pockets balances.
The dispute allegedly culminated in a persona recognized as “Lick” screen-sharing an Exodus pockets and shifting massive sums in actual time.
That screen-shared exercise supplied a path ZachXBT mentioned he used to hint a cluster of addresses that’s linked to greater than $90 million in suspected illicit flows. Of this, roughly $24.9 million moved from a US-controlled pockets in March 2024.
This situation spotlights a vulnerability that has much less to do with subtle protocol exploits and extra with custody governance, contractor entry, and the sorts of human failure modes that are likely to scale poorly when actual cash and actual operational complexity collide.
Meanwhile, that is additionally not the first time federal crypto custody operations have confronted scrutiny. In October 2024, a pockets linked to the Bitfinex hack proceeds was drained of approximately $20 million, though the funds were largely recovered.
Fragmentation creates danger
In common creativeness, the US government’s roughly $28 billion Bitcoin position appears like a single stockpile sitting behind a single set of controls.
However, the operational actuality for these belongings is way extra fragmented.
Custody arrangements for seized crypto are a patchwork of businesses, authorized statuses, and storage options. Funds can sit at completely different factors in the forfeiture pipeline, and “US holdings” is just not a single ledger entry however slightly a fancy operational system.
That variance issues as a result of safety in a multi-agency mesh is dependent upon course of self-discipline, constant requirements, and the speedy migration of funds from short-term seizure wallets into long-term chilly storage.
This is as a result of a single custodian could be defended with fortress-like protocols.
However, a system involving a number of distributors and handoffs behaves in another way. It depends on the consistency of controls throughout each node in the community, together with the individuals and contractors who contact the course of.
So, the ambiguity round which company holds which keys and when expands the assault floor.
Thus, oversight can slip in the gaps between organizations, between short-term wallets and long-term storage, and between coverage ambition and day-to-day operational actuality.
In that context, the significance of this reported $40 million loss turns into larger because it implies a course of failure.
Such custody failure suggests unknown publicity elsewhere, particularly if the weak spot is rooted in vendor governance or insider entry slightly than a one-off technical exploit.
The contractor’s “laborious tail” vulnerability
Contractors like CMDSS are central to understanding this danger profile as a result of they sit the place the government’s custody system turns into most intricate.
A Government Accountability Office (GAO) resolution from March 2025 confirmed that the USMS awarded CMDSS a contract to handle “Class 2–4 cryptocurrencies.”
The GAO doc attracts a distinction between asset lessons that helps clarify why contractors matter.
Class 1 assets are generally liquid and could be readily supported by customary chilly storage. Class 2–4 belongings, against this, are described as “much less common” and require specialised dealing with, typically involving bespoke software program or {hardware} wallets.
That is the laborious tail of crypto custody, the lengthy listing of belongings that aren’t merely Bitcoin and a handful of different liquid tokens, however the messy stock that arrives via seizures. Managing these belongings can require navigating completely different blockchains, unfamiliar signing flows, and sophisticated liquidation necessities.
In sensible phrases, it creates a reliance on exterior experience to handle the most difficult facets of custody. Under this mannequin, the authorities successfully outsources the messiest nook of crypto operations.
The GAO notes that contractors are strictly prohibited from utilizing authorities belongings for staking, borrowing, or investing.
But contractual prohibitions usually are not bodily controls. They can not, on their very own, forestall misuse of a personal key if human controls are bypassed.
That is why the allegations, framed as contractor ecosystem danger and social engineering slightly than protocol failure, carry weight past the particular theft declare. If the system’s resilience is dependent upon self-discipline throughout each vendor and handoff, then the weakest node turns into the most engaging goal.
Notably, warnings about custody gaps usually are not new. A 2025 report highlighted that the USMS couldn’t present even a tough estimate of its BTC holdings and had beforehand relied on spreadsheets missing satisfactory stock controls. A 2022 Department of Justice Office of Inspector General audit explicitly warned that gaps like these might lead to the loss of belongings.
Is the US ready to hodl?
The stakes of these operational gaps have risen as a result of US coverage is shifting.
The White House has moved to ascertain a Strategic Bitcoin Reserve and a separate Digital Asset Stockpile, with directives for the Treasury to manage custodial accounts the place Bitcoin “shall not be offered.”
That coverage change shifts the government’s function from a brief custodian, traditionally related to auctions and proof disposal, to a long-term holder.
For years, the crypto markets handled the US government’s stash as a possible provide overhang, a supply of latent selling pressure if seized coins were liquidated.
However, the strategic reserve framing shifts the lens, as the central query turns into custody credibility.
If Bitcoin is to be handled as a reserve asset analogous to gold, the customary traders will implicitly demand is vault-grade safety, clear custodianship, constant controls, and auditable procedures.
So, this alleged $40 million theft attracts consideration again as to whether the infrastructure supporting this ambition nonetheless resembles an advert hoc proof workflow or is being scaled for long-term stewardship.
This is as a result of a big, well-known government Bitcoin hoard might grow to be a chief goal for malicious actors looking for to use a porous system. Crypto analyst Murtuza Merchant said:
“If criminals imagine seized funds could be siphoned from authorities wallets, they could deal with forfeiture as a brief inconvenience, not an endpoint, particularly if laundering routes exist via exchanges and cross-chain hops.”
The publish Security of the US government’s $28B Bitcoin reserve threatened after weekend theft reveals flaw appeared first on CryptoSlate.
