The US authorities has been making an attempt to execute a historic pivot with its Bitcoin holdings, shifting from a messy, case-by-case stock of seized crypto right into a strategic nationwide reserve for nearly a 12 months now.
That ambition, usually framed as a βdigital Fort Knox,β is now going through a credibility check after allegations that roughly $40 million in crypto was siphoned from government-linked seizure wallets.
Even when the reported loss is small relative to the roughly $28 billion in Bitcoin the US is broadly believed to regulate, the episode cuts on the core premise of the brand new posture. It raises doubts about whether or not Washington can handle a sovereign-scale Bitcoin steadiness sheet with reserve-grade safety and auditable controls.
The alleged insider breach
Over the weekend, blockchain investigator ZachXBT alleged that greater than $40 million in crypto was siphoned from US government-linked seizure wallets.
ZachXBT linked the alleged theft to John Daghita, popularly generally known as Licks, who he stated maintains household ties to the chief management of Command Providers & Assist (CMDSS), a personal agency contracted to help US Marshals Service (USMS) crypto seizure operations.
Company filings point out that Dean Daghita serves as president of CMDSS. The agency relies in Haymarket, Virginia, and is contracted by the USMS to handle and get rid of particular classes of seized cryptocurrency.
ZachXBT stated he was capable of join John Daghita to the alleged theft after what he described as a βband-for-bandβ argument on Telegram, a dispute wherein two people tried to show their wealth by evaluating pockets balances.
The dispute allegedly culminated in a persona recognized as βLickβ screen-sharing an Exodus pockets and shifting massive sums in actual time.
That screen-shared exercise offered a path ZachXBT stated he used to hint a cluster of addresses that’s linked to greater than $90 million in suspected illicit flows. Of this, roughly $24.9 million moved from a US-controlled pockets in March 2024.
This state of affairs spotlights a vulnerability that has much less to do with subtle protocol exploits and extra with custody governance, contractor entry, and the sorts of human failure modes that are inclined to scale poorly when actual cash and actual operational complexity collide.
In the meantime, that is additionally not the primary time federal crypto custody operations have confronted scrutiny. In October 2024, a pockets linked to the Bitfinex hack proceeds was drained of roughly $20 million, although the funds have been largely recovered.
Fragmentation creates danger
In fashionable creativeness, the US authorities’s roughly $28 billion Bitcoin place feels like a single stockpile sitting behind a single set of controls.
Nonetheless, the operational actuality for these property is much extra fragmented.
Custody preparations for seized crypto are a patchwork of companies, authorized statuses, and storage options. Funds can sit at completely different factors within the forfeiture pipeline, and βUS holdingsβ is just not a single ledger entry however quite a fancy operational system.
That variance issues as a result of safety in a multi-agency mesh will depend on course of self-discipline, constant requirements, and the speedy migration of funds from non permanent seizure wallets into long-term chilly storage.
It is because a single custodian will be defended with fortress-like protocols.
Nonetheless, a system involving a number of distributors and handoffs behaves in another way. It depends on the consistency of controls throughout each node within the community, together with the folks and contractors who contact the method.
So, the paradox round which company holds which keys and when expands the assault floor.
Thus, oversight can slip within the gaps between organizations, between non permanent wallets and long-term storage, and between coverage ambition and day-to-day operational actuality.
In that context, the importance of this reported $40 million loss turns into greater because it implies a course of failure.
Such custody failure suggests unknown publicity elsewhere, particularly if the weak point is rooted in vendor governance or insider entry quite than a one-off technical exploit.
The contractor’s βonerous tailβ vulnerability
Contractors like CMDSS are central to understanding this danger profile as a result of they sit the place the federal governmentβs custody system turns into most intricate.
A Authorities Accountability Workplace (GAO) resolution from March 2025 confirmed that the USMS awarded CMDSS a contract to handle βClass 2β4 cryptocurrencies.β
The GAO doc attracts a distinction between asset lessons that helps clarify why contractors matter.
Class 1 property are usually liquid and will be readily supported by customary chilly storage. Class 2β4 property, against this, are described as βmuch less fashionableβ and require specialised dealing with, usually involving bespoke software program or {hardware} wallets.
That’s the onerous tail of crypto custody, the lengthy checklist of property that aren’t merely Bitcoin and a handful of different liquid tokens, however the messy stock that arrives by means of seizures. Managing these property can require navigating completely different blockchains, unfamiliar signing flows, and sophisticated liquidation necessities.
In sensible phrases, it creates a reliance on exterior experience to handle probably the most difficult facets of custody. Beneath this mannequin, the federal government successfully outsources the messiest nook of crypto operations.
The GAO notes that contractors are strictly prohibited from utilizing authorities property for staking, borrowing, or investing.
However contractual prohibitions usually are not bodily controls. They can not, on their very own, stop misuse of a personal key if human controls are bypassed.
That’s the reason the allegations, framed as contractor ecosystem danger and social engineering quite than protocol failure, carry weight past the precise theft declare. If the systemβs resilience will depend on self-discipline throughout each vendor and handoff, then the weakest node turns into probably the most enticing goal.
Notably, warnings about custody gaps usually are not new. A 2025 report highlighted that the USMS couldn’t present even a tough estimate of its BTC holdings and had beforehand relied on spreadsheets missing sufficient stock controls. A 2022 Division of Justice Workplace of Inspector Normal audit explicitly warned that gaps like these may consequence within the lack of property.
Is the US ready to hodl?
The stakes of those operational gaps have risen as a result of US coverage is shifting.
The White Home has moved to determine a Strategic Bitcoin Reserve and a separate Digital Asset Stockpile, with directives for the Treasury to manage custodial accounts the place Bitcoin βshall not be offered.β
That coverage change shifts the federal governmentβs function from a short lived custodian, traditionally related to auctions and proof disposal, to a long-term holder.
For years, the crypto markets handled the US authoritiesβs stash as a possible provide overhang, a supply of latent promoting strain if seized cash have been liquidated.
Nonetheless, the strategic reserve framing shifts the lens, because the central query turns intoΒ custody credibility.
If Bitcoin is to be handled as a reserve asset analogous to gold, the usual buyers will implicitly demand is vault-grade safety, clear custodianship, constant controls, and auditable procedures.
So, this alleged $40 million theft attracts consideration again as to if the infrastructure supporting this ambition nonetheless resembles an advert hoc proof workflow or is being scaled for long-term stewardship.
It is because a big, well-known authorities Bitcoin hoard may develop into a primary goal for malicious actors in search of to use a porous system. Crypto analyst Murtuza Service provider stated:
βIf criminals imagine seized funds will be siphoned from authorities wallets, they might deal with forfeiture as a short lived inconvenience, not an endpoint, particularly if laundering routes exist by means of exchanges and cross-chain hops.β