The two biggest DeFi exploits of the past two months have one thing in common. They used a tool that does not exist on the XRP Ledger.

Thorchain lost roughly $10.8 million on May 15 to a cross-chain attack that drained funds across Bitcoin, Ethereum, BSC, and Base. Drift Protocol, a Solana-based decentralized perpetual exchange, and KelpDAO, a liquid restaking protocol on Ethereum, together accounted for more than $600 million in losses through April alone.

Cross-chain bridges have lost over $2.8 billion to attacks since 2021, per Chainalysis. And a significant share of these exploits used some variant of the same mechanic: flash loans.

A flash loan is a smart contract feature that lets a trader borrow millions of dollars with no collateral, on the condition that the loan is repaid inside the same transaction. The legitimate use cases include arbitrage between exchanges, collateral swaps without unwinding positions, and liquidation bots that maintain solvency in lending markets.

The attack pattern is the same mechanic pointed in the wrong direction.

A borrower takes out the loan, uses the funds to manipulate an oracle or drain a poorly designed pool, profits from the manipulation, and repays the loan, all before the transaction settles. If any step fails, the whole sequence rolls back, so the attacker risks nothing but gas fees.

The XRP Ledger does not let this work. A draft amendment filed on the XRPL standards repository earlier this week, proposing concentrated liquidity and StableSwap-style pools for the chain’s native automated market maker, included a single line in its Security Considerations section: “Flash loan attacks are structurally impossible. XRPL transactions are atomic without composable intra-transaction calls.”

What that means is that XRPL transactions either fully succeed or fully fail, like an Ethereum transaction. But unlike Ethereum, an XRPL transaction cannot call into another contract during its execution. The borrow-manipulate-repay sequence that defines a flash loan attack needs at least three nested operations inside a single transaction envelope.

That is a meaningful architectural choice, and it has a cost. Flash loans are not only an attack tool. They have become a structural component of Ethereum DeFi, with Aave, dYdX, and other major protocols offering them as a product. Arbitrage traders use flash loans to clear price differences between exchanges in a single atomic action.

Liquidation bots use them to keep over-collateralized lending positions solvent. Sophisticated DeFi users use them for collateral swaps that would otherwise require capital that gets tied up for hours. XRPL gives up all of that in exchange for closing the attack class entirely.

For most of XRPL’s history, the tradeoff did not matter because the chain’s DeFi footprint was small. That is changing. Tokenized real-world assets on the XRP Ledger have crossed $3 billion in total value, including the Ripple-JPMorgan-Mastercard-Ondo Finance pilot last month that processed a tokenized U.S. Treasury redemption in under five seconds.

The draft AMM amendment, if it passes, would close the capital-efficiency gap that has held XRPL DeFi behind Ethereum, opening the chain to a wider set of trading and yield strategies.

If the AMM amendment passes and XRPL’s DeFi liquidity grows toward something institutional capital can deploy at scale, the question becomes whether structural exploit resistance is a real competitive advantage or just a feature that institutions ignore in favor of where the liquidity already is.

Bitcoin could fall toward its February yearly low if it fails to maintain support above the $70,000 level, according to a crypto analyst.

“Bitcoin is at a pivotal level, and if it doesn’t hold, we’re buying at <$65K,” MN Trading Capital founder Michael van de Poppe said in an X post on Saturday. Bitcoin (BTC) reached a yearly low of $60,000 in early February before recovering to $73,873 at the time of publication, according to CoinMarketCap.

It comes as crypto market participants are divided over whether Bitcoin’s early February price of $60,000 marked the bottom of the cycle, or if further downside still lies ahead.

Bitcoin may break above $76,000 if the current level holds

Veteran trader Peter Brandt said in March that $60,000 may not be the lowest level for 2026, forecasting that Bitcoin could retest or even move “slightly lower” than the price level in September or October this year.

Van de Poppe said he doesn’t anticipate “new lows.”

Meanwhile, economist Timothy Peterson said in an X post on Saturday that Bitcoin may grind higher “over the summer,” but will top out by the last week of July. “It will still be relatively lackluster, though,” Peterson said.

Source: Timothy Peterson

Van de Poppe said that this structure is “different than the previous breakdown in February.” He said that the range resistance didn’t hold as support in February. “The $71K area remains to be a crucial support level, and that would be required to hold in this particular zone in order to prevent any deeper corrections, in my opinion,” van de Poppe said.

However, van de Poppe said that if the current price level does hold, Bitcoin could break through to $76,600, potentially triggering a broader crypto market uptrend. “If that breaks, new highs are around the corner, and we’re likely going to see a strong Altcoin summer,” van de Poppe said.

Bitcoin ETF flows may suggest market bottom

Meanwhile, crypto analytics firm Santiment Intelligence recently said that the sustained Bitcoin ETF outflows may suggest the market bottom is nearing an end.

Related: Bitcoin retail sentiment still matters, says Swan Bitcoin CEO

Spot Bitcoin ETFs have logged outflows for ten consecutive trading days, with total net redemptions exceeding $2.97 billion since May 15.

Total net assets held across spot Bitcoin ETFs have dropped from $104.29 billion on May 15 to $94.17 billion as of Friday, a decline of roughly $10 billion in two weeks.

Magazine: HYPE chases $100 target, ETH could dump below $1800: Market Moves

Circle has temporarily froze $12.6 million in USDC tied to a confidential, privacy-focused smart contract associated with the Zama protocol. The disclosure came from on-chain sleuth ZachXBT, who noted that the contract is publicly labeled on block explorers and in Zama’s technical documentation. The exact rationale behind the freeze remains unclear at this stage.

According to ZachXBT, the funds were connected to a May 11, 2026 inflow from the Overnight Finance DeFi protocol. He cited a governance-related event around that treasury activity and argued that the move raises questions about the power to intervene in user funds when assets are commingled with a protocol’s users. In his words: “Overnight Finance held a governance vote recently to distribute treasury funds after holders alleged the team was rug-pulling. Regardless, it’s precedent-setting to unilaterally freeze the contracts or addresses of a protocol where funds have been commingled with Zama users.”

“Overnight Finance held a governance vote recently to distribute treasury funds after holders alleged the team was rug-pulling. Regardless, it’s precedent-setting to unilaterally freeze the contracts or addresses of a protocol where funds have been commingled with Zama users.”

Circle has not publicly explained the freeze, and Cointelegraph reached out to Circle for comment but did not receive a response by publication time. The move intensifies long-running debates over how a centralized fiat-backed issuer should handle access to funds tied to privacy-preserving DeFi protocols.

The episode sits against a backdrop of broader criticism aimed at Circle for past actions related to fund freezes. ZachXBT has argued that Circle has repeatedly taken steps to freeze or block the movement of stablecoins in certain circumstances, sometimes to the detriment of legitimate projects. In March, he accused Circle of “wrongfully” freezing 16 stablecoin wallets linked to online casinos and other entities involved in civil litigation, saying the wallets did not appear related to the underlying cases. He later contended that Circle had failed to freeze roughly $420 million across 15 separate cases involving fraudulent transactions or funds stolen via hacks since 2022.

Among the cited incidents, ZachXBT highlighted the Drift Protocol breach in April 2026, where about $232 million worth of user funds were reportedly not frozen in a timely manner despite Circle having a six-hour window to act. The ensuing controversy contributed to a class-action lawsuit alleging that Circle failed to intervene to halt the flow of ill-gotten funds via its Cross-Chain Transfer Protocol (CCTP), a bridge designed to move assets across networks.

These past episodes are often framed by critics as emblematic of a broader tension between the goals of anti-fraud enforcement and the rights of users who rely on permissionless, privacy-enhancing protocols. On one hand, stablecoin issuers like Circle argue that they must act to prevent the circulation of stolen or illicit funds. On the other hand, commentators warn that unilateral freezes can undermine trust in stablecoins and DeFi projects that rely on interoperability and user-owned assets. The Zama case, which centers on a privacy-enabled USDC implementation, underscores how rapidly evolving tech and governance decisions intersect with regulatory and legal risk for issuers, developers, and users alike.

Circle’s track record and the implications for DeFi resilience

The ongoing discourse around Circle’s actions is not limited to a single incident. Critics point to a string of cases cited by observers that purportedly show inconsistency in how Circle handles freezes. The Drift Protocol example, in particular, has become a reference point for arguments that timely intervention matters, especially when funds are routed through Circle’s CCTP bridge. A growing chorus argues that such interventions should be transparent, well-communicated, and subject to governance or external oversight to prevent potential overreach.

For investors and builders, the episode highlights a few practical questions. First, what safeguards exist when a stablecoin issuer takes action against funds that are part of a governance-enabled DeFi protocol? Second, how does the market assess the legitimacy of a freeze when the underlying asset is tied to a privacy-preserving smart contract? And third, what signals should projects that rely on cross-chain bridges and confidential transactions watch for in terms of issuer behavior and regulatory clarity?

Circle’s response—if provided—will likely influence how developers design future integrations with CCTP and other Circle services. Projects building privacy-centric layers on top of USDC may need to reassess risk models, including contingency plans for potential freezes, while users will be watching for clearer criteria around when and why funds could be blocked or moved by a centralized issuer.

It’s also worth noting that the broader market context remains dynamic. Stablecoins continue to face intensifying scrutiny from regulators worldwide, as well as ongoing debates about the balance between privacy, security, and compliance. The Zama case illustrates how these tensions can play out in real time, with a public liquidity channel tied to a confidential protocol suddenly intersecting with a highly regulated fiat-backed asset.

As the dust settles, market participants should monitor whether Circle offers public guidance or a detailed rationale for the freeze, and whether Zama or its users pursue any formal recourse. The outcomes could help shape future expectations for how the crypto ecosystem handles governance, privacy, and the practical realities of operating on permissionless rails while staying within the bounds of existing and evolving rules.

Source context: The details came to light through a post by ZachXBT, who has tracked Circle-related controversies and their implications for users and operators across the DeFi landscape. Cointelegraph has sought comment from Circle but has not received a response at press time.

What comes next remains uncertain: will there be a formal explanation from Circle, a related regulatory statement, or a shift in how privacy-focused protocols interact with fiat-backed stablecoins? Market watchers will want to see not only the immediate accounting of the frozen funds but also any steps that improve transparency and governance around such critical actions in the future.

The United States risks ceding its crypto leadership to other nations if lawmakers don’t push through a comprehensive market framework known as the CLARITY Act. Senior lawmakers and industry observers say passing the crypto market structure bill is pivotal to preventing a future in which Beijing or other cities write the rules of the next financial era. Senator Cynthia Lummis of Wyoming has been a leading advocate, arguing that a clear regulatory path would solidify America’s role in shaping the evolution of digital assets rather than letting the global tide turn elsewhere.

The core argument is simple: a robust, predictable regulatory framework could attract legitimate crypto activity, while leaving room for innovation across sectors from custody to decentralized finance. Lummis has repeatedly framed CLARITY as a gateway to “build the next one” after the dollar-dominated system anchored U.S. financial stability for a century. She emphasized that a clear act would prevent other countries from setting the rules before the United States does, a point she highlighted in statements linked to her social posts on X.

Key takeaways

• The CLARITY Act cleared a procedural hurdle in May when the Senate Banking Committee advanced the bill after months of stagnation, reviving hopes that a comprehensive framework could become law in 2026.
• Industry watchers caution that passage remains uncertain due to political dynamics, a crowded legislative calendar, and opposition from the banking lobby that questions certain provisions for crypto firms.
• JPMorgan Chase CEO Jamie Dimon signaled banks will push back against the current version, arguing it does not impose AML and capital requirements on crypto firms equivalent to banks, and that it still allows crypto companies to offer interest on user deposits.
• Time is a critical factor: if the CLARITY Act isn’t enacted in 2026, supporters warn the next viable window could slip to as late as 2030 amid midterm politics and shifting regulatory priorities.
• Beyond the immediate regulatory mechanics, the debate underscores a broader strategic question: how the U.S. intends to balance crypto innovation with consumer protections and financial stability.

Regulatory momentum: CLARITY Act moves forward

At the heart of the debate is a comprehensive attempt to codify a clear, predictable structure for crypto markets. In May, the Senate Banking Committee voted to advance the CLARITY Act after months of stagnation, rekindling expectations that a fuller passage could occur in 2026. The bill represents one of the most consequential attempts to codify crypto regulation in the United States, aiming to delineate which activities fall under securities, commodities, and banking supervision while setting standards for consumer protections and market integrity.

Senator Lummis has framed CLARITY as a national priority, warning that inaction could leave the United States playing catch-up to other jurisdictions. She has stressed that “America built the dollar-dominated financial system that has anchored global stability for a century. The Clarity Act ensures we build the next one. The time to act is now, before Beijing decides it will.” Her remarks, including social posts, underscore the high stakes of extending U.S. leadership into the next phase of financial technology. For readers seeking a fuller sense of her public messaging, her X posts provide context on the act’s intended trajectory.

Although the committee’s move signaled fresh momentum, the pathway to final passage remains uncertain. The legislative process in the United States is complex, and the CLARITY Act would need broad bicameral approval and a signature from the White House to become law. Observers emphasize that even though the May vote revived optimism, several obstacles linger, including potential partisan divides and a crowded 2026 legislative agenda that often slows major regulatory bills.

Some supporters argue that CLARITY could provide a framework that harmonizes U.S. oversight with global developments, reducing regulatory fragmentation that has characterized crypto policy across different states and agencies. Others caution that the bill’s design must strike a balance between enabling legitimate innovation and guarding against fraud, money laundering, and consumer risk. The bill’s long-term success could hinge on how it treats non-custodial DeFi and other emerging business models, an area highlighted by industry advocates who want to ensure fair treatment for different crypto activity types.

Related context: the full text of the CLARITY Act is available from the U.S. Congress, and reporting has noted its potential to reshape the regulatory landscape for crypto businesses across the board.

Industry pushback and the banking lobby

Even as proponents advocate for clarity, the banking industry has signaled strong opposition to the current draft. JPMorgan CEO Jamie Dimon publicly warned that banks are unlikely to accept a version that allows certain crypto activities to operate without the same oversight they face. Dimon argued that the bill does not impose equivalent anti-money-laundering (AML) and capital reserve requirements on crypto firms, creating a perceived regulatory asymmetry that banks say could undermine consumer protections and financial stability.

Dimon’s remarks, reported in coverage surrounding the CLARITY Act, also touched on the stance of crypto exchange operators. He criticized Coinbase and its CEO, Brian Armstrong, for pursuing the bill’s passage, insisting that “No one is going to bow down to this guy or that company.” The comments illustrate the broader dynamic at play: traditional financial institutions and their advocates are seeking a regulatory asymmetry that favors established banking practices, while crypto firms and their supporters push for a framework they view as essential to competitive parity and market growth.

The clash extends beyond rhetoric. Industry watchers note that the banking lobby’s opposition, coupled with political headwinds and the midterm election cycle, could compress the window for attaining a final law in 2026. If the CLARITY Act does not become law within that timeframe, some lawmakers warn that future opportunities to enact similar regulatory clarity might not surface again for several years, potentially delaying the U.S. framework for the next cycle of innovation.

Beyond the political calculus, supporters argue that a well-crafted CLARITY Act could reduce regulatory uncertainty and provide a unified standard for crypto firms, exchanges, and DeFi projects. Opponents, however, stress the need for strong AML standards and robust capital requirements to prevent systemic risk, a stance often associated with traditional financial incumbents who worry about uneven competition or regulatory arbitrage.

What happens next and why it matters

The debate over CLARITY sits at a crossroads for U.S. competitiveness in crypto and digital finance. Proponents say a clear, comprehensive framework would help attract legitimate participants, reduce compliance fragmentation across agencies, and lay the groundwork for a sustainable digital asset ecosystem. Critics contend that any framework must be rigorous enough to curb misuse and protect consumers, even if that means imposing rules that some crypto firms fear could hamper innovation.

Crucially, the timeline remains a focal point. Lummis has warned that if the CLARITY Act is not enacted in 2026, the chance to pass such legislation could slip until as late as 2030. With midterm dynamics shaping legislative calendars, industry participants are watching closely how the administration and lawmakers navigate lobbying pressure, regulatory philosophy, and the appetite for a bold, standardized regime for digital assets.

Market participants and builders will be keenly watching how the bill addresses core issues such as custody, settlement, and the classification of different asset types. While the ultimate design remains a topic of negotiation, the central question will be whether the United States can craft a framework that preserves financial stability while enabling responsible innovation, rather than ceding ground to jurisdictions that may be more permissive or faster to adapt to new business models.

As the policy debate unfolds, observers will also assess how international developments influence the United States’ approach. If the CLARITY Act lands and is complemented by an effective enforcement regime, it could position the U.S. to set global standards in digital-asset markets. Conversely, a stalled or lopsided framework could intensify competitive pressure from regions already pursuing clearer, more accelerator-friendly regimes for crypto activities.

For readers and practitioners, the most important indicators to watch are: progress in the Senate and House negotiation dynamics, statements from the White House on regulatory alignment, and how major financial institutions calibrate their compliance and lobbying strategies as the midterms approach. The outcome will shape not only regulatory clarity but also the cadence of crypto innovation, capital flows, and the ability of American firms to compete on a global stage.

In the meantime, the CLARITY Act remains a focal point of the broader U.S. regulatory discourse around crypto, with policymakers, bankers, and industry players weighing the balance between consumer protection, financial stability, and the promise of a more orderly framework for digital assets.

Readers should stay tuned to developments as the year progresses, since the regulatory landscape for crypto in the United States could hinge on a few decisive parliamentary moves, with potential implications for how the sector evolves, funds allocate, and solutions build across the digital asset ecosystem.

The United States will lose its leadership position in crypto to other countries, including China, if US lawmakers fail to pass the Digital Asset Market Clarity Act (CLARITY), a crypto market structure bill, according to Wyoming Senator Cynthia Lummis.

Passing a comprehensive crypto regulatory framework would “ensure” that other countries “do not write the rules of the next financial era,” Lummis said. She added in a separate X post:

“America built the dollar-dominated financial system that has anchored global stability for a century. The Clarity Act ensures we build the next one. The time to act is now, before Beijing decides it will.”

In May, the Senate Banking Committee voted to advance the CLARITY Act after the legislation had stalled for months, reviving crypto industry hopes that the bill might be codified into law in 2026.

Source: Senator Cynthia Lummis

The crypto market structure bill is one of the most significant pieces of crypto regulations in the US, but it is unclear if it will be signed into law in 2026 due to opposition from the banking lobby and the looming US midterm elections.

Related: ‘We are so close this time’ — Senator Lummis on market structure bill

JPMorgan CEO says banks will oppose CLARITY, as the window to pass it narrows

JPMorgan CEO Jamie Dimon said on Friday that banks will oppose the latest version of the bill because it still allows crypto companies to pay interest on user deposits.

He added that the current iteration of the CLARITY Act does not impose the same anti-money laundering (AML) and capital reserve requirements on crypto companies that banks must follow.

The full text of the CLARITY Act. Source: US Congress

“The banks will not accept it that way,” Dimon said, adding that the banks would continue to “fight” the bill. Dimon was critical of crypto exchange Coinbase and its CEO Brian Armstrong’s efforts to pass the bill.

“No one is going to bow down to this guy or that company,” Dimon said. Meanwhile, the window to pass the CLARITY Act is narrowing as the US heads into the midterm election season.

If the bill is not signed into law in 2026, the window to pass the legislation may not come again until 2030, Senator Lummis warned.

Magazine: Will the CLARITY Act be good — or bad — for DeFi?

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Gravity Bridge has lost about $5.4 million following an early Saturday drain that security researchers linked to a possible signing key compromise.

On-chain analyst Specter first flagged the unusual withdrawals, saying the pattern suggested that the bridge’s signing keys may have been compromised rather than its smart contract code. Security firm PeckShield later posted a similar assessment and shared a breakdown of the stolen assets.

Gravity Bridge halts operations after fund drain

According to PeckShield, the stolen assets included about $4.3 million in USDC, 274 wrapped ether valued at around $553,000, $434,000 in USDT, and 14.16 PAXG worth around $64,000. The firm said the funds moved to a wallet ending in 7C62da1F9.

Advertisement

Specter identified the affected Gravity Bridge contract as an address ending in 1F2D906. The analyst said the transaction pattern appeared consistent with unauthorized withdrawals approved through compromised authorization rather than a direct exploit of contract logic.

It appears the @gravity_bridge bridge contract key may have been compromised, resulting in the theft of $5.4M.

The attacker drained the following assets:

USDC: $4.3M
WETH: 274 ETH (~$553K)
USDT: $434K$PAYG: $64K

Theft addresses:

Advertisement

0x7B582033061b96cC3F9421e73a749ED7C62da1F9… pic.twitter.com/nX81rsZYGp

— Specter (@SpecterAnalyst) May 30, 2026

The Gravity team later confirmed an incident on X and asked validators to stop their validators and orchestrators while the investigation continues. In another update, the team said the bridge had been halted as it reviewed the attack.

Advertisement

There was an unfortunate incident on Gravity. Validators should halt their validators and orchestrators while this incident is being investigated.

— Gravity Bridge (@gravity_bridge) May 30, 2026

Researchers point to the authorization layer

Gravity Bridge connects Ethereum with the Cosmos ecosystem by locking assets on Ethereum and minting mirrored tokens on Cosmos. Validator signatures authorize asset movement across the bridge.

According to Specter’s early assessment, an attacker who controls enough valid signing keys could make withdrawals appear legitimate to the system. PeckShield’s report also focused on the stolen funds and the movement of assets after the drain.

The Gravity team has not released a postmortem, so the exact entry point remains unconfirmed. Its public updates have only confirmed the incident, the halt, and the ongoing investigation.

Advertisement

Attacker moves funds through swap services

PeckShield said part of the stolen funds had already moved through ChangeNow and Binance after the attack. The firm also reported that the stolen wallet still held about 2,100 ETH, valued near $4.23 million, when it published its update.

A wallet snapshot shared by Specter through Arkham showed a related address holding roughly $4.16 million in ether. These movements show that investigators are tracking the funds across several services and wallets.

Gravity Bridge was built by contributors, including the Althea team, and is secured by the Graviton, or GRAV, token. The protocol has not yet explained whether validator infrastructure, private keys, or another operational weakness allowed the withdrawals.

Advertisement

If the early assessments are confirmed, the Gravity Bridge incident would join other 2026 bridge attacks where key-management failures, rather than audited contract code, played a central role. Similar concerns appeared in the Kelp DAO and Resolv incidents earlier this year, according to security researchers cited in those cases.

TRM Labs has reported that bridge attacks remain a major source of crypto losses in 2026. The Gravity Bridge loss is smaller than some past bridge breaches, including the $190 million Nomad exploit in 2022 and the $81.5 million Orbit Bridge hack in 2024.

Advertisement

The United States faces a strategic crossroads on crypto regulation as lawmakers push the Digital Asset Market Clarity Act (CLARITY) to reshape market structure and regulatory clarity. Senator Cynthia Lummis of Wyoming argues that without a comprehensive framework, the U.S. risks ceding leadership in the global financial system to peers, including China. Her message is clear: passing a robust, clear regime is essential to keep the U.S. at the forefront of the next era of finance.

In May, the Senate Banking Committee moved the CLARITY Act forward after months of stalemate, reviving hopes that the measure could become law in 2026. Yet the road ahead remains uncertain as opposition from the banking lobby and the timing of the upcoming midterm elections complicate prospects for rapid approval. The ultimate decision will hinge on how lawmakers balance investor protection, financial stability, and the competitiveness of U.S. crypto firms.

Key takeaways

• The Senate Banking Committee advanced the CLARITY Act in May, signaling renewed momentum for a comprehensive U.S. crypto regulatory framework.
• Senator Cynthia Lummis emphasizes that timely passage is critical to preserving U.S. leadership and preventing other jurisdictions from setting global standards for the next financial era.
• Industry observers warn that banking sector opposition could shape negotiations, particularly given concerns about AML, capital requirements, and investor protections.
• The political calendar — including midterm elections — increases the risk that a final vote could slip beyond 2026, potentially delaying regulatory clarity.
• Experts note that a failure to enact the framework could leave American markets less competitive and increase cross-border regulatory divergence, with implications for exchanges, banks, and institutional investors.

Regulatory momentum, political risk, and the leadership imperative

According to Senator Cynthia Lummis, the United States must enact a comprehensive crypto regulatory framework to “ensure” that other countries “do not write the rules of the next financial era.” Her framing positions CLARITY as a foundational instrument for U.S. resilience in the face of global competition. In a pair of X posts cited by supporters, Lummis underscored the historical role of the United States in shaping the global financial order and framed the Act as a necessary step to build the next iteration of that system.

“America built the dollar-dominated financial system that has anchored global stability for a century. The Clarity Act ensures we build the next one. The time to act is now, before Beijing decides it will.”

The legislation’s momentum in the Senate reflects an ongoing effort to reconcile the U.S. approach with evolving global markets. In May, the Banking Committee voted to advance CLARITY after an extended period of inactivity, reinforcing the view among supporters that a codified framework could emerge in the 2026 congressional cycle. As reported by regulatory watchers, the bill represents one of the most consequential regulatory efforts in the U.S. crypto space, with potential implications for exchanges, custodians, and financial counterparties that interact with digital assets.

The arguments around CLARITY intersect with broader policy considerations, including cross-border harmonization and the comparative regulatory architecture under the European Union’s Markets in Crypto-Assets framework (MiCA). Proponents contend that a robust U.S. regime would create a competitive baseline for American firms and facilitate lawful, compliant market entry for innovators, while opponents warn of operational burdens and the potential for uneven risk management standards across the sector. The evolving policy environment means institutions need to track not just the final text but the accompanying regulatory interpretations and enforcement priorities that would shape onboarding, risk controls, and supervision.

As Cointelegraph and other industry observers have noted, the path to law remains uncertain. The CLARITY Act’s fate depends on negotiations among lawmakers, the White House’s stance, and the influence of lobbying from traditional banks and fintech participants. The broader regulatory climate — including AML/KYC expectations, capital resilience, and custody standards — will influence the final balance of protections and flexibility in the rules.

Industry pushback and regulatory expectations: bank perspectives

Meanwhile, the banking sector has signaled resistance to the latest revision of CLARITY, arguing that the framework would not subject crypto-native entities to the same anti-money-laundering and capital-reserve requirements that banks must meet. Jamie Dimon, chief executive of JPMorgan Chase, publicly voiced concerns that the current draft would permit crypto firms to offer features such as earning interest on user deposits without parallel risk controls or prudential safeguards.

Dimon’s remarks contribute to a broader debate about supervisory parity between traditional banks and crypto companies. The incumbent financial-services community is mindful of the potential for regulatory gaps to create systemic risk or to blur lines between regulated banks and lighter-touch crypto firms. Critics of the Act may press for more explicit AML/CFT standards, stronger capital and liquidity requirements, and clearer custody and safeguarding obligations for non-banking crypto enterprises. The resulting policy design could influence liquidity preferences, deposit-taking practices, and the structural competitiveness of U.S. crypto firms relative to international peers.

Beyond industry dynamics, the discourse around CLARITY touches on the practical realities facing exchanges, market makers, custodians, and investors. A finalized framework would shape license regimes, ongoing supervision, and the boundaries of permissible activities for digital asset businesses. For compliance teams, the bill’s approach to registration, reporting, and enforcement could determine the level of oversight and the operational costs required to maintain compliant market access in the United States.

Timing, cross-border policy, and implications for institutions

One of the central questions surrounding CLARITY is timing. With the midterm elections approaching and regulatory priorities shifting, there is concern that legislative action could slip beyond 2026. Senator Lummis cautioned that a missed window could push meaningful regulation to 2030, creating a prolonged period of uncertainty for market participants and at least a temporary drift in comparative advantage for foreign regimes with more immediate frameworks in place.

The policy debate is also anchored in a broader context of global regulatory convergence. The European Union’s MiCA framework has established a comprehensive baseline for asset supervision, licensing, and consumer protections across member states. As U.S. policymakers weigh the CLARITY Act, they must consider how U.S. equivalence and mutual recognition arrangements might evolve, and how U.S. standards align with or diverge from MiCA’s principles on market integrity, stablecoins, and governance requirements for issuers and platforms. The cross-border dimension is particularly salient for regulated banks seeking to participate in crypto-related activities and for institutions seeking to operate internationally with consistent risk controls.

From a risk management perspective, the interplay between CLARITY and enforcement priorities will shape the permissible scope of crypto product offerings, custody arrangements, and the treatment of customer funds. For exchanges and custodians, a final statute could define certification processes, permissible product structures, and the conditions under which customers’ assets may be held, rehypothecated, or lent. Compliance programs would need to adapt to any established thresholds for disclosure, reserve requirements, and operational resilience standards to maintain lawful access to U.S. markets.

In this regulatory mosaic, the supply of clarity may influence market structure decisions, including the level of decentralization and the regulatory recognition of non-custodial and decentralized finance (DeFi) arrangements. While the current bill’s text is not fully disclosed in this summary, stakeholders are watching closely for how commissioners intend to address non-custodial activity, user-sovereign control models, and the treatment of programmable assets within a regulated framework.

Closing perspective

As the CLARITY Act progresses through congressional channels, institutional observers should monitor not only the bill’s text but the broader enforcement priorities, compatibility with international standards, and the political dynamics that could shape final passage. The stakes extend beyond regulatory theory: CLARITY could determine the pace at which the United States sustains a leading role in crypto markets, preserves investment continuity for institutions, and aligns with evolving global norms for digital assets.

What to watch next: the trajectory of the CLARITY Act through committees and floor votes, the White House’s position on the final draft, and any adaptations to AML, capital, and custody provisions that could determine the bill’s competitiveness. If the measure clears Congress, expect a cascade of compliance-readiness activity across exchanges, banks, and institutional-investor ecosystems as market participants align operations with the new regulatory reality.

Circle has reportedly frozen about $12.6 million worth of USDC tied to Zama’s confidential contract, a move observed by on-chain researcher ZachXBT. The USDC in question is associated with Zama’s privacy-focused protocol, and the contract is publicly labeled on block explorers as well as in the protocol’s technical documentation. The exact rationale behind the freeze remains unclear, even as researchers note a notable around-the-calance transaction from Overnight Finance into the Zama ecosystem earlier this month.

According to ZachXBT, the Zama contract’s status is well-known in on-chain tooling, and the freeze appears to have occurred despite the lack of an explicit explanation from Circle. ZachXBT pointed to a May 11, 2026 deposit of approximately $12.4 million into the Zama protocol from Overnight Finance, a governance-friendly DeFi platform whose treasury movements have drawn scrutiny in related discussions. The broader point, as ZachXBT framed it, is that unilateral freezes where funds are commingled with a separate protocol’s users set a controversial precedent for custodians acting over interconnected contracts.

“Overnight Finance held a governance vote recently to distribute treasury funds after holders alleged the team was rug-pulling. Regardless, it’s precedent-setting to unilaterally freeze the contracts or addresses of a protocol where funds have been commingled with Zama users.”

Circle confirmed to Cointelegraph that it is reviewing the matter, but the company had not provided a response by the time of publishing. The situation adds to a long-running critique of Circle’s approach to freezing funds, as opposed to simply freezing wallets tied to hacks or to projects the firm deems at fault—an issue that has repeatedly resurfaced in recent coverage.

Circle’s broader track record on asset freezes has become a flashpoint for critics who say the company has, at times, moved too quickly to lock funds linked to legitimate projects while appearing slow to act in other high‑profile security incidents. In March, ZachXBT alleged that Circle wrongfully froze 16 stablecoin wallets tied to online casinos and other legitimate crypto ventures. Those wallets were linked to civil cases in the United States, yet the broader connection appeared tenuous to some observers, according to the researcher.

Beyond those episodes, ZachXBT has compiled a wider list of incidents since 2022 in which Circle’s failure to freeze funds was alleged to have occurred, including situations involving stolen funds or suspicious activity tied to hacks. One notable item cited in the discourse was the Drift Protocol breach in April 2026, where approximately $232 million in user funds were reportedly not frozen in a timely manner, despite Circle’s tools and access to the Cross-Chain Transfer Protocol (CCTP). The matter helped spur a class-action filing against Circle over the handling of the Drift incident and the movement of funds across bridges it operates.

As the Drift case illustrates, the tension between rapid containment of illicit flows and due process protections for legitimate users remains a central theme in Circle’s public-facing strategy. The Drift situation also spotlighted Circle’s CCTP as a bridge facilitating asset transfers across networks, a mechanism that, in hindsight, highlighted how a single platform’s decisions can ripple through multiple ecosystems. Circle’s decision-making around these tools—coupled with governance debates within the broader crypto community—continues to attract regulatory and investor attention.

Key takeaways

• Circle reportedly froze about $12.6 million in USDC connected to Zama’s confidential contract, putting a spotlight on how privacy-focused DeFi constructs intersect with centralized risk controls.
• The precise reason for the freeze remains unclear, underscoring uncertainty around when and why custodians intervene in mixed funds within cross-contract ecosystems.
• The Zama contract is publicly labeled on block explorers and described in the privacy protocol’s documentation, a detail highlighted by on-chain researcher ZachXBT.
• Circle has faced ongoing criticism for its handling of freezes—allegations include failing to freeze funds in high-profile hacks and freezing wallets tied to legitimate projects without clear notice, a pattern that has fed broader debates about governance and user protection.

Context: privacy, custody, and the evolving DeFi landscape

The case against Circle sits at an intersection of two rapidly evolving strands in crypto: privacy-preserving protocols and the responsible management of funds across interconnected on-chain ecosystems. Zama’s model—relying on a confidential USDC contract within a privacy-focused framework—illustrates how modern DeFi assets can travel through multiple layers of abstraction and custody. When a centralized issuer exercises a freeze, it raises questions about how privacy-enabling designs should be reconciled with risk controls and regulatory expectations.

From a policy and investor viewpoint, the episode matters because it signals how custodial actions can affect user trust in stablecoins and cross-chain services alike. If large holders, protocols, or wallets perceive that funds can be immobilized without a clear, auditable process, it could influence how developers design privacy features, governance mechanisms, and treasury management practices. The balance between preventing illicit activity and preserving legitimate user funds remains delicate, and the evolving regulatory environment will likely amplify scrutiny of such moves.

What comes next for Circle and the Zama episode

Readers should watch for Circle’s official statement clarifying the rationale behind the freeze. The timing and specifics of any formal disclosure could influence how market participants assess the risk framework around stablecoins and privacy-enabled DeFi contracts. Regulators may also weigh in on the implications for financial censorship, fund recovery mechanics, and the interaction between custodial actions and user rights in decentralized networks.

For builders and users, this episode underscores the importance of transparent governance and clear risk disclosures when funds flow through multi-layer architectures. As DeFi continues to blur lines between on-chain privacy and centralized oversight, observers will be looking for concrete standards that reconcile privacy with safety, accountability, and predictable responses to security incidents.

Meanwhile, the broader crypto community will be monitoring whether Circle adjusts its policy on freezing funds, especially when tied to legitimate projects, and how the company communicates such actions in the future. The Drift aftermath, ongoing legal considerations, and the interplay with cross-chain tooling like CCTP will all shape future occurrences and investor sentiment in this evolving space.

What remains uncertain is how common such unilateral interventions will become as protocols grow more interconnected and as governance processes mature. Readers should stay tuned for updates on Circle’s position, any formal governance decisions from involved projects, and potential regulatory responses that could redefine expectations around asset freezes and cross-chain custody.

Stablecoin issuer Circle froze $12.6 million in USDC dollar-pegged tokens linked to privacy protocol Zama’s confidential USDC smart contract on Saturday, according to onchain sleuth ZachXBT.

The smart contract is “publicly labeled” on block explorers and the privacy protocol’s technical documentation, ZachXBT said. 

The exact reason for the freeze is “unclear,” he said, adding that wallets linked to the Overnight Finance decentralized finance (DeFi) protocol deposited $12.4 million into the Zama protocol on May 11, 2026. He said:

“Overnight Finance held a governance vote recently to distribute treasury funds after holders alleged the team was rug-pulling. Regardless, it’s precedent-setting to unilaterally freeze the contracts or addresses of a protocol where funds have been commingled with Zama users.”

Source: ZachXBT

“From my understanding, the Zama team does not appear to have been notified of the Circle freeze prior,” he said. Cointelegraph reached out to Circle but did not receive a response by the time of publication. 

The company has come under fire for failing to freeze funds following major hacks of crypto platforms, and freezing wallets of legitimate crypto projects and protocols without giving those projects prior notice. 

Related: Tether freezes over $500M of USDT in 30 days, BlockSec data shows

Circle comes under fire for freezing legitimate user funds, but not stolen crypto

In March, ZachXBT accused Circle of “wrongfully” freezing 16 stablecoin wallets linked to online casinos and legitimate crypto exchanges.

The wallets were frozen in connection with ongoing civil court cases in the United States; however, the businesses and wallets “do not appear related at all,” he said.

He later added that Circle failed to freeze about $420 million in 15 separate cases involving fraudulent transactions or funds stolen through crypto hacks since 2022.

A list of 15 incidents since 2022, in which Circle failed to freeze funds, according to ZachXBT. Source: ZachXBT

These incidents included the failure to freeze $232 million in stolen user funds from the April 2026 Drift Protocol hack, despite having a six-hour window to act, he said.

Following the incident, users filed a class action lawsuit against Circle for failing to freeze the funds, which flowed through Circle’s Cross-Chain Transfer Protocol (CCTP), a bridge that allows assets to move between different blockchain networks.

Magazine: Are DeFi devs liable for the illegal activity of others on their platforms?