Several significant developments broke across the crypto industry in the past 24 hours, each illustrating a different dimension of a sector still navigating its way through institutional growth pains and persistent security vulnerabilities. The most dramatic was the attack on Drift Protocol, a decentralised perpetual futures exchange built on Solana, which saw the DRIFT token fall roughly 40% in the 24 hours following the breach. Funding rates for DRIFT perpetuals surged above 6,000% in the immediate aftermath, with shorts heavily subsidising longs in a chaotic post-exploit environment. The Drift attack has drawn comparisons in structure and scale to the $1.5 billion Bybit breach earlier in the year. Ledger’s CTO noted publicly that signers in the Drift incident had “unknowingly authorised” the drain — suggesting a sophisticated social engineering or supply chain compromise rather than a simple smart contract vulnerability. It is precisely the kind of incident that continues to complicate the industry’s case to institutional capital allocators that DeFi protocols have matured past their Wild West origins. On a more positive note, Coinbase received conditional approval from the Office of the Comptroller of the Currency for a national trust charter, a significant step toward establishing the US’s largest crypto exchange as a federally regulated custodian. The conditional OCC nod still requires compliance milestones and final review before the charter becomes operative, but the direction of travel matters. A federally chartered Coinbase custody operation would likely accelerate institutional adoption by providing a regulatory framework that major pension funds and endowments currently cite as an obstacle to crypto allocation. Separately, X — the platform formerly known as Twitter — announced it would deploy an account-locking mechanism for first-time crypto mentions, requiring identity verification before posting is restored. Product lead Nikita Bier described the move as specifically targeting a wave of phishing attacks using fake copyright violation emails to lure users into connecting wallets. The practical effect may be more disruptive than intended, catching legitimate users in a blunt dragnet, but the intent reflects a genuine and long-overdue attempt to address one of social media’s most persistent crypto-adjacent problems. How these three stories intersect — hacks, regulatory progress, platform safety — is as good a summary as any of where the crypto industry stands heading into the second quarter.
