Besides the mention of specific crypto assets, Trump’s post doesn’t actually appear to announce anything new, and instead reiterates that his “Executive Order on Digital Assets directed the Presidential Working Group to move forward on a Crypto Strategic Reserve” [I75]. (I will note that the actual wording of the EO was more guarded, directing the working group not to “move forward on” a strategic reserve, but rather to “evaluate the potential creation and maintenance of a national digital asset stockpile”.) Nonetheless, crypto prices rallied a bit, with bitcoin returning to around $93,000. This was still somewhat of a subdued recovery, only juicing bitcoin back to around its February 25 price, leaving me wondering how many promises Trump has left in the tank to keep bitcoin prices pumped up as they are now. Without the actual government infusion of cash into bitcoin markets via this “strategic reserve” gambit — something that may yet be a ways off, could take various forms, and could fail to materialize entirely — words alone seem to be running out.

Bybit CEO Ben Zhou was quick to try to reassure customers that “Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss.”14 Many customers weren’t satisfied with his promises,b and they withdrew a combined more than $5.5 billion from the exchange after the theft was announced. Bybit was able to satisfy the withdrawals, and has since said they “closed the gap” in ETH supplies to back client assets through a combination of OTC purchases and loans from exchanges and crypto VCs.15 The lack of skepticism around Bybit’s solvency is a little odd to me. For one, it’s clear that the assets were not 1:1 backed at the time of Zhou’s tweet, given that 400,000 ETH had just been stolen. Bybit later issued a press release boasting that they were “Fully Backed Within 72 hours”, acknowledging themselves that customer balances weren’t fully backed for those three days.16 Furthermore, much of the “gap” has been papered over with loans rather than the firm’s own assets. As we saw with Genesis’s $1.1 billion “loan” to try to cover losses in 2022 [I74], a company’s ability to secure a loan to cover a hole does not magically make that hole disappear. While Bybit’s proof-of-reserves demonstrates that the company now holds a sufficient quantity of ETH to back customer balances, these reports do not evaluate Bybit’s ability to repay the loans or provide any information about the terms of those loans.

The Lazarus group is an extremely sophisticated cybercrime group that has been responsible for many of the chart-topping attacks in the crypto world, including the previously recordbreaking thefts of $625 million from the Axie Infinity game in March 2022 [W3IGG], and the the $300 million and $235 million hacks of the exchanges DMM [W3IGG] and WazirX [W3IGG] in May and July 2024. Their expertise means that they know how best to launder the stolen funds without causing serious impacts to the ETH price or risking the funds being frozen by exchanges and other centralized entities, and they have successfully laundered more than half of the stolen assets thus far by swapping it across various chains and into different crypto assets.9 While a substantial $43 million in stolen assets was frozen and recovered by the mETH Protocol, as was around $181,000 in Tether, that amounts to less than 3% of the total.10 To put this theft in perspective, the $1.5 billion stolen from Bybit alone surpasses the North Korean cyberattackers’ entire 2024 profits from crypto heists: around $1.34 billion from across 47 separate attacks throughout 2024. It’s more than double what they stole the year prior.11 According to the United Nations and the US government, these thefts have been a substantial source of funding for the country’s nuclear and ballistic missile programs.1213

Adding to pre-existing market jitters, the crypto world has just experienced a new record-shattering hack of the cryptocurrency exchange Bybit. Bybit is less known in the United States, as it is not permitted to serve US customers, which is probably why this hack has not earned the media attention of some of the other major industry disasters. However, Bybit is the second-largest exchange globally, ahead of Coinbase and behind Binance. On February 21, attackers stole more than 400,000 ETH (priced at around $1.5 billiona) from one of the company’s so-called “cold wallets”. Cold wallets are crypto wallets that are not routinely connected to the internet, making them less vulnerable to thefts. As a result, crypto exchanges often store substantial quantities of assets in cold wallets, transferring smaller amounts as needed to online “hot wallets” to satisfy withdrawals and purchases. However, any time these transfers happen, there’s some degree of vulnerability, and that’s what North Korea’s state-sponsored Lazarus cybercriminals were able to exploit.7 They were able to manipulate the Safe Wallet multisignature system used by Bybit to authorize transfers from the cold wallet to the company’s hot wallet, and when the Bybit employees signed off on what they thought was a routine transfer, the wallet was drained. Bybit and Safe are now pointing fingers at one another, with Bybit claiming that Safe’s infrastructure was compromised, allowing an attacker to manipulate the transaction s

A case against Consensys, the makers of the MetaMask crypto wallet, will be dropped shortly by the agency, according to the company.25 Consensys contributed $800,000 to crypto-focused super PACs. Simultaneously, ongoing investigations of companies including Gemini, OpenSea, Robinhood, and Uniswap have been dropped, despite the agency previously having sent Wells notices signaling impending enforcement action. Gemini’s Winklevoss twins contributed $4.9 million to crypto-focused super PACs and $2.6 million to Trump directly; Robinhood contributed $2 million to Trump’s inauguration fund.

SEC Trump’s nominee for SEC Chair, Paul Atkins [I71], has not even been confirmed yet, but that hasn’t stopped the agency from barreling ahead with the new administration’s promises to the industry that all their problems would go away. Most notably, the SEC case against Coinbase was dismissed with prejudice, meaning the SEC cannot refile the case in the future. CEO Brian Armstrong was explicit with his thanks when announcing the dismissal on Twitter: “I have to give credit here to the Trump administration, for winning the election”. He insisted that he believed “we would have won this case in the courts either way”, but noted that Trump’s election “certainly helped accelerate the process”.23 Coinbase has spent $75 million on contributions to crypto-focused super PACs, some apparently in violation of federal election law, and contributed $1 million to Trump’s inauguration fund. A case against Justin Sun and his Tron project, opened in March 2023 and alleging fraudulent market manipulation “through extensive wash trading”, “orchestrating a scheme to pay celebrities to tout TRX and BTT without disclosing their compensation”, and unregistered securities offerings, has been stayed as parties “consider a potential resolution”.24 As a foreign national, Sun is not permitted to make contributions to American political candidates or committees. However, he has spent $75 million purchasing World Liberty Financial’s WLFI tokens, and Trump personally gets a 75% cut of that project’s re