Drift Protocol suffered an exploit totaling $285 million on Solana, rekindling concerns about security risks across decentralized finance.

Ripple Labs has returned 700 million XRP to escrow, relocking 70% of the 1 billion tokens it unlocked in April 2026. The blockchain payments firm sent the tokens back in two transactions—500 million and 200 million—on April 1, effectively making about $945 million worth of XRP temporarily unavailable. A social media post by MarketSleek highlighted the 500 million XRP tranche, estimating its value at $675,337,377. Even with the relock, Ripple still added 300 million XRP to the market, lifting circulating supply by tokens valued at roughly $384 million as of April 2. On-chain data from XRPSCAN shows escrow balances at about 33.344 billion XRP, with net circulating supply near 66.626 billion. The latest moves suggest Ripple may follow a similar pace to Q1 in the second quarter, after releasing 900 million XRP during the first three months of 2026. Market impact: XRP slid more than 4% over the past 24 hours, changing hands around $1.30 at the time of publication. Ripple has long argued that its monthly sales support company growth and broader adoption of the XRP Ledger, though recurring selloffs have often been cited as a drag on price. David Schwartz, a founding member of the XRP Ledger, defended the approach, saying Ripple's model relies heavily on monthly escrow sales to stay profitable. In a post dated April 2, 2026, Schwartz added that Ripple's close relationship with XRPL can be mutually beneficial, but may not necessarily translate into profits for other companies adopting Ripple's payment products.

A large Solana unstaking event is drawing renewed scrutiny from traders as crypto markets remain volatile and SOL prices stay under pressure. Blockchain tracking data shows that more than 2.6 million SOL were unlocked within minutes on April 2, worth over $211 million at the time. While staking unlocks are a normal feature of proof-of-stake ecosystems, the size and timing of this release have fueled debate over whether large holders are changing their stance. Market watchers often view staking as a signal of longer-term conviction and network support. Unwinding a position during a downturn can be read as a strategic shift, especially with SOL already trading weak amid broader market softness. The unlocked SOL was released via two separate transactions when Solana was trading near $79, suggesting the holder acted during the selloff. Large-scale unstaking can precede liquidity repositioning rather than immediate selling, but the return of such a sizable supply to circulation increases the potential for near-term market pressure. One of the transactions highlighted by Whale Alert involved 1,258,800 SOL, valued at $100,147,265, moving to an unknown wallet. Sentiment remains fragile as whale-driven moves tend to amplify reactions during uncertain conditions. Solana has continued to slide, recently changing hands around $77, down more than 6% on the day. Overall, the release of more than $200 million in previously staked SOL adds another layer of uncertainty to an already weak tape. The move is not inherently bearish, but its scale and timing are prompting speculation that major holders may be reassessing exposure as downside pressure persists.

Hyperliquid is continuing to take perpetuals trading share from centralized exchanges, according to ChainThink citing The Block. In March, the decentralized perpetuals platform accounted for nearly 6% of total perpetuals volume, up from about 3.5% a year earlier, with monthly trading volume close to $200 billion. The gains come even as Hyperliquid's overall trading activity has been trending lower since peaking in August 2025, suggesting the platform is capturing share rather than simply riding a broader rise in volumes. Hyperliquid has widened its lead among decentralized perpetuals venues, while onchain rivals dYdX and GMX have not matched its pace in volume growth or product expansion. A key driver is the push into noncrypto markets: commodities such as oil now trade on Hyperliquid 24/7, and noncrypto volume is taking a larger share of overall activity. The shift underscores a structural edge for decentralized venues. Traditional traders often must wait for the CME to reopen on Sunday evening to adjust oil exposure, leaving them vulnerable to weekend gap risk. Hyperliquid's around-the-clock market removes that constraint.

On-chain data shows a transfer of 194,405,381 USDC, valued at 194,409,987 USD, from the USDC Treasury to Coinbase Institutional.

Circle, issuer of the world's second-largest stablecoin USDC, is facing criticism after blockchain investigator ZachXBT alleged the firm failed to act as more than $230 million in stolen USDC moved through its own cross-chain bridge. The funds trace back to the Drift Protocol exploit on April 1, a theft estimated at $280 million to $285 million, now among the largest DeFi hacks on record. ZachXBT said the attacker moved USDC from Solana to Ethereum via Circle's Cross-Chain Transfer Protocol (CCTP), splitting the transfers across more than 100 transactions over roughly six hours. Drift exploit: admin access, not a smart-contract bug ZachXBT's write-up describes an operational-layer compromise rather than a typical smart-contract vulnerability. The attacker allegedly gained administrative permissions and used pre-signed transactions enabled by durable nonces to line up withdrawals and execute them rapidly. The exploit unfolded in about 12 minutes. Following the incident, the DRIFT token collapsed, falling about 98% from its $2.65 all-time high and trading around $0.041 to $0.06 afterward. Why Circle's response is the focus USDC differs from decentralized stablecoins in a critical way: Circle can freeze USDC at the wallet level. The company has previously frozen about $110 million in USDC across wallets, typically tied to law enforcement requests or sanctions compliance. ZachXBT argues that the Drift exploit was public while the funds were still moving, and that the bridging activity occurred during regular business hours. In that window, he says Circle had time to flag and freeze the stolen USDC as it passed through CCTP. Instead, more than $230 million crossed chains without interruption. The allegation is drawing added scrutiny because, according to observers, Circle had blacklisted other wallets only days earlier under circumstances some in the industry viewed as questionable—suggesting the capability to move quickly when it chooses. Broader implications for USDC and DeFi The incident is resonating beyond Drift because of USDC's scale. USDC processed $9.6 trillion in on-chain volume in February 2025 alone and is widely used across DeFi lending, trading, and liquidity infrastructure. Critics argue the episode highlights a long-running tension around centralized stablecoins: the freeze function is marketed as a safety feature, but it also concentrates discretion in a single issuer. If freezes occur for compliance reasons but not during a high-profile theft, skeptics say the mechanism can look more like selective enforcement than user protection. For institutional participants, the episode may challenge assumptions that centralized stablecoin issuers act as an effective backstop during crises. Risk frameworks that treated USDC as quasi-insured could face renewed scrutiny. Circle has not publicly detailed why it did not intervene. Possible explanations include internal requirements for specific law enforcement requests before action is taken, even in apparent theft cases. Still, the optics have fueled debate over what the compliance apparatus is designed to accomplish, a conversation likely to surface in ongoing stablecoin policy discussions in the U.S. and abroad. The event could also sharpen interest in alternative stablecoin models, including decentralized options such as DAI and newer collateralized designs, as protocols reassess issuer risk. For Drift Protocol, the outlook remains difficult. A 98% token drawdown undermines treasury value, compensation capacity, and the ability to retain users and developers, with recoveries from exploits of this magnitude historically rare. Bottom line The Drift Protocol theft was already a landmark DeFi exploit. The allegation that Circle had a multi-hour window to freeze over $230 million in stolen USDC moving through CCTP—and did not—has turned it into a broader test of what centralized stablecoin control is meant to deliver in a crisis.

Hyperliquid continues to gain traction against centralized exchanges, with its share of the perpetual futures market climbing toward 6%.

Ripple has executed a burn of nearly 40 million RLUSD on the Ethereum network.

Circle, the issuer of major stablecoins, said in a post on X that it will soon launch a wrapped Bitcoin product called cirBTC. The token will be backed 1:1 by Bitcoin, with reserves verifiable on-chain. Circle said cirBTC is designed to plug directly into its existing infrastructure and the broader DeFi ecosystem, aiming to provide a neutral base layer for new on-chain applications.