- Circle was accused of failing to freeze exploit-related transmissions.
- Approximately $230 million of the stolen funds were routed through Circle’s USDC.
- Drift plans to recoup $147.5 million based on future earnings.
Circle Internet Group, issuer of the USDC stablecoin, is being sued in a class action lawsuit for failing to prevent the movement of stolen funds related to the Drift Protocol exploit.
The lawsuit, filed by Drift investor Joshua McCollum in U.S. District Court in Massachusetts on behalf of more than 100 affected users, focuses on whether the company had the ability and duty to intervene as the attack unfolded.
The lawsuit takes aim at Circle’s role in the fund transfers.
The legal action stems from the April 2026 breach of Drift Protocol, a decentralized exchange based on Solana, in which attackers exfiltrated approximately $285 million.
A significant portion of those funds, estimated at approximately $230 million, were quickly converted to USDC.
From there, funds were moved between chains, primarily from Solana to Ethereum, using cross-chain infrastructure.
The transfer was not instantaneous. This occurred over several hours and was split into over 100 transactions.
This detail is at the center of the lawsuit.
Plaintiff asserts that Circle had an opportunity to act.
According to the claim, the company could have limited the damage by freezing affected wallets or stopping transfers. Instead, the money kept moving until it was completely out of reach.
The case alleges Circle was negligent and accuses it of indirectly facilitating the loss by failing to take action despite having the technical ability to do so.
This argument is strengthened by previous cases where companies have frozen wallets linked to illegal activities, showing that such interventions are not only possible, but are already part of their operational toolkit.
At its core, the lawsuit raises difficult questions: When a centralized entity operates within a decentralized system, where does its responsibility begin and end?
Drift’s Recovery Plan
In response to the exploit, Drift Protocol outlined a structured recovery plan to address the loss of users while rebuilding the liquidity and operations of the platform.
The protocol seeks to mobilize up to $147.5 million, a significant portion of which will be supported by Tether and other ecosystem partners.
However, this number should not be considered an immediate reward.
A significant portion of the funding will come in the form of a revenue-linked credit facility estimated at approximately $100 million.
This means that the protocol withdraws funds over time and repays them using future trading fees and platform revenues, rather than distributing the entire amount up front.
To manage user claims, Drift plans to issue a new recovery token, but its official name and final structure have not yet been confirmed.
This token is distributed to affected users and represents their share of the recovery pool.
It is expected that these will be transferable, allowing users to hold them and await gradual repayment, or sell them on the secondary market for immediate liquidity at a discounted price.
The recovery pool itself does not rely solely on external funding.
It is designed to be continuously replenished through a variety of sources, including protocol revenue, partner contributions, and funds recoverable from attackers.
This creates a system where redemptions are directly tied to the platform’s ability to resume operations and generate consistent trading activity.
Despite these measures, clear shortfalls still remain.
Total losses are estimated at around $285 million, and recovery efforts are targeting up to $150 million, leaving a significant portion of user funds uncompensated immediately.
This gap highlights that users are unlikely to receive full repayment in the short term and that recovery will largely depend on Drift’s long-term performance.
To support relaunch, part of the recovery framework is also focused on restoring liquidity.
Incentives and financial support are being put in place for market makers to rebuild order books and improve trading conditions once the platform resumes full operations.
Without sufficient liquidity, even a technically sound relaunch will have a hard time attracting users back.
Another major change is the protocol’s decision to move away from USDC as its primary payment asset and adopt USDT instead.
This change comes after approximately $230 million of the stolen funds were converted to USDC and moved through the chain during the exploit.
The transition signals a risk reassessment and reflects broader efforts to reorganize the platform’s core infrastructure following the incident.
Overall, Drift’s recovery plan is built around gradual compensation rather than immediate payouts.
Success will depend on how quickly the platform can regain user trust, restore liquidity, and generate enough revenue to sustain long-term repayment.