Audit admin keys, not just code, expert says after $200 million Drift exploit

Your day-ahead look for April 2, 2026

What to know:

If you're not already subscribed to the newsletter email, click here.

By Omkar Godbole (All times ET unless indicated otherwise)

Programmable blockchain Solana's SOL token has hit five-week lows after an exploit at one of its largest perpetual decentralized exchange, Drift, underscored that security risks go beyond just smart contracts.

“If you're building in DeFi, audit the surface area of your admin key. Not only the smart contracts," Omer Goldberg, founder of Chaos Labs, said, explaining what went wrong.

Goldberg explained in his X thread that the attacker compromised Drift’s admin key. This single key gave the attacker god-like control — like handing someone the master password to the entire bank vault with no limits or alarms.

Using this power, the attacker created a fake collateral market for a worthless token called CVT. They maxed out the risk parameters so the system treated hundreds of millions of this junk token as safe, high-value collateral. In the same transaction, they switched the CVT price oracle to one they fully controlled, artificially pumped its value to sky-high levels, lifted the circuit breakers on major assets (removing withdrawal limits) such as USDC, eETH and others, and drained over $250 million worth of tokens.

This also worked because Drift features a single shared liquidity pool that holds everyone's collateral and trading funds, providing a seamless trading experience. (Imagine putting all your money in a single bank account and losing everything in a signature hack).

The real issue wasn’t a bug in the code. It was the enormous “surface area” of that admin key, or the massive damage one compromised signer could cause by rewriting protocol-wide risk rules, assigning oracles, and disabling safety guards.

This isn't the first time a compromised privileged key has led to big losses. Just 10 days earlier, Resolv was drained for $25 million in tokens after attackers compromised a SERVICE_ROLE key.

So, the message is clear: protocol safety now depends as much on strong governance and key controls as it does on smart contract audits.

As for markets, SOL's near 3% drop to $78.30, the lowest since late February, is consistent with the weakness in bitcoin BTC$66,461.06, ether (ETH), XRP (XRP) and the wider market, as represented by the CoinDesk 20 Index.

The culprit once again is President Donald Trump's renewed threat to Iran, which has sent oil prices higher. In the short term, these headlines could continue to lead movements in both traditional and crypto markets. Stay alert!

Read more: For analysis of today's activity in altcoins and derivatives, see Crypto Markets Today

What to Watch

For a more comprehensive list of events this week, see CoinDesk's "Crypto Week Ahead".

• Crypto
  • Nothing scheduled.
• Macro
  • April 2, 8:30 a.m.: U.S. Initial Jobless Claims for week ending March 28 (Prev. 210K)
• Earnings (Estimates based on FactSet data)
  • Nothing scheduled.

Token Events

For a more comprehensive list of events this week, see CoinDesk's "Crypto Week Ahead".

• Governance votes & calls
  • Unlock DAO is voting to transfer 3 ETH to its Base multisig to swap for USDC to cover current and future operational expenses. Voting ends April 2.
  • Aavegotchi DAO is voting to elect nine multi-sig signers, maintain a 5-of-9 signature threshold, and set their quarterly compensation at $1,000 paid in GHST. Voting ends April 2.
  • Arbitrum DAO is voting across two proposals to transition its Code of Conduct and Procedures into living documents managed by OpCo, and to upgrade to ArbOS 60 Elara. Voting ends April 2.
• Unlocks
  • April 2: Ethena (ENA) to unlock 2.18% of its circulating supply worth $16.05 million.
• Token Launches
  • No major launches.

Conferences

For a more comprehensive list of events this week, see CoinDesk's "Crypto Week Ahead".

• Day 4 of 4: EthCC (Cannes, France)
• April 2: Pragma Cannes 2026 (Cannes, France)

Market Movements

• BTC is down 2.53% from 4 p.m. ET Wednesday at $66,459.24 (24hrs: -3.1%)
• ETH is down 4.66% at $2,043.77 (24hrs: -4.16%)
• CoinDesk 20 is down 3.59% at 1,891.30 (24hrs: -3.81%)
• Ether CESR Composite Staking Rate is up 1 bp at 2.77%
• BTC funding rate is at 0.0001% (0.0635% annualized) on Binance

• DXY is up 0.51% at 100.16
• Gold futures are down 3.56% at $4,641.60
• Silver futures are down 6.47% at $71.15
• Nikkei 225 closed down 2.38% at 52,463.27
• Hang Seng closed down 0.7% at 25,116.53
• FTSE is down 0.08% at 10,356.15
• Euro Stoxx 50 is down 1.61% at 5,640.26
• DJIA closed on Wednesday up 0.48% at 46,565.74
• S&P 500 closed up 0.72% at 6,575.32
• Nasdaq Composite closed up 1.16% at 21,840.95
• S&P/TSX Composite closed up 0.58% at 32,957.95
• S&P 40 Latin America closed up 0.95% at 3,658.43
• U.S. 10-Year Treasury rate is up 5.1 bps at 4.372%
• E-mini S&P 500 futures are down 1.17% at 6,540.50
• E-mini Nasdaq-100 futures are down 1.51% at 23,830.00
• E-mini Dow Jones Industrial Average Index futures are down 0.97% at 46,353.00

Bitcoin Stats

• BTC Dominance: 58.58% (+0.04%)
• Ether-bitcoin ratio: 0.03079 (-2.02%)
• Hashrate (seven-day moving average): 1,016 EH/s
• Hashprice (spot): $31.48
• Total fees: 2.55 BTC / $174,507
• CME Futures Open Interest: 107,610 BTC
• BTC priced in gold: 14.4 oz.
• BTC vs gold market cap: 4.44%

Technical Analysis

• The chart shows solana's daily price swings in candlestick format with the Ichimoku cloud, a trend indicator, identified by the shaded area between green and red lines.
• The token's price has crossed back below the cloud, indicating continuation of the broader decline. The pattern is similar to what we saw in mid-January, following which prices dropped sharply.
• Ichimoku cloud, invented by a Japanese journalist, is widely used to spot trend changes. Crossovers above and below the cloud are said to represent bullish and bearish shifts in trends.

Crypto Equities

• Coinbase Global (COIN): closed on Monday at $172.99 (-0.93%), -3.17% at $167.50 in pre-market
• Circle Internet (CRCL): closed at $90.74 (-4.89%), -1.59% at $89.30
• Galaxy Digital (GLXY): closed at $17.37 (-5.85%), -2.42% at $16.95
• Bullish (BLSH): closed at $35.07 (-1.85%), -2.79% at $34.09
• MARA Holdings (MARA): closed at $8.04 (-1.47%), -2.74% at $7.82
• Riot Platforms (RIOT): closed at $12.55 (+1.54%), -4.94% at $11.93
• Core Scientific (CORZ): closed at $15.30 (+2.27%), -3.66% at $14.74
• CleanSpark (CLSK): closed at $8.62 (+1.29%), -3.38% at $8.33
• CoinShares Valkyrie Bitcoin Miners ETF (WGMI): closed at $34.86 (+0.11%)
• Exodus Movement (EXOD): closed at $6.68 (+2.77%)

Crypto Treasury Companies

• Strategy (MSTR): closed at $122.78 (-1.62%), -2.09% at $120.21
• Strive (ASST): closed at $10.16 (+1.40%), -3.44% at $9.81
• SharpLink Gaming (SBET): closed at $6.46 (+0.16%), -3.72% at $6.22
• Upexi (UPXI): closed at $0.99 (+0.20%), -5.16% at $0.94
• Lite Strategy (LITS): closed at $1.13 (-2.59%), -5.31% at $1.07

ETF Flows

Spot BTC ETFs

• Daily net flow: -$173.7 million
• Cumulative net flows: $55.92 billion
• Total BTC holdings ~ 1.29 million

Spot ETH ETFs

• Daily net flow: -$7.1 million
• Cumulative net flows: $11.58 billion
• Total ETH holdings ~ 5.71 million

Source: Farside Investors

While You Were Sleeping

Trump stirs market, political angst with vague timeline for Iran (Bloomberg): The $31 trillion U.S. Treasuries market notched its worst monthly performance since late 2024 in March, with bond investors concerned that the war-driven surge in oil prices would ignite inflation.

‘We are going to hit them hard’: Markets disappointed, oil up again after Trump speech (euronews): Oil rose sharply and European stocks fell after Trump said in his first national address since the Iran war began that the U.S. would continue its attacks on Iran.

Gold, silver fall as investors doubt Trump’s exit plan (The Wall Street Journal): Gold and silver prices swung into the red, alongside industrial metals and equities. Spot gold prices were down 3%, at roughly $4,670 a troy ounce. Spot silver fell more than 5%.

The bitcoin treasury boom is unwinding as some companies and governments sell holdings (CoinDesk): Those who rushed into bitcoin BTC$66,461.06 over the past two years are now heading for the exits and it’s not a great sign for the market.

More For You

Most crypto privacy models weaken as blockchain data grows. Encryption-based models like Zcash strengthen. CoinDesk Research maps the five privacy approaches and examines the widening gap.

Why it matters:

As blockchain adoption scales, the metadata available to machine learning models scales with it. Obfuscation-based privacy approaches are structurally degrading as a result. This report provides a comprehensive comparison of all five major crypto privacy architectures and a framework for evaluating which models remain durable as AI capabilities improve.

More For You

Your day-ahead look for April 1, 2026

What to know:

If you're not already subscribed to the newsletter email, click here.

The ‘wash trading’ bust: Why the feds are finally calling out crypto’s dirty little liquidity secret

28 minutes ago

Crypto markets tumble as oil surges and traders pile into bearish bets: Crypto Markets Today

1 hour ago

The bitcoin treasury boom is unwinding as some companies and governments sell holdings

1 hour ago

Beyond T-bills: OpenEden introduces tokenized high-yield corporate bond

2 hours ago

Metaplanet acquires 5,075 BTC, jumps to third largest bitcoin treasury company

2 hours ago

Ripple Treasury puts XRP and RLUSD inside corporate finance for the first time

4 hours ago

Bitcoin, ether, solana slide further as Trump threatens to hit Iran 'extremely hard'

7 hours ago

Solana DeFi platform Drift confirms 'active attack' as $200M+ leaves platform

16 hours ago

Three key signals to watch as bitcoin whipsaws on Trump’s Iran rhetoric

6 hours ago

Bitcoin’s crashes are shrinking, and Wall Street is starting to notice

22 hours ago

Oil trader takes $17 million hit as tokenized crude rivals bitcoin liquidations

7 hours ago

Some quantum-resistant tokens jump 50% as Google flags risks to Bitcoin security

Apr 1, 2026

In this article

BTCBTC$66,461.06◢3.24%