Category: Blockchain

• Binance launched a USD1 rewards campaign, distributing $40m in WLFI tokens through weekly airdrops.
• WLFI payouts are based on users’ net USD1 balances, with higher rewards for USD1 used as collateral.
• USD1’s market cap has surpassed $3 billion, while WLFI activity has increased across DeFi and payroll uses.

Binance has rolled out a new rewards campaign for users holding USD1, offering weekly WLFI token airdrops with a total of $40 million in WLFI earmarked for distribution.

The exchange said eligible accounts that maintain a USD1 balance between Jan. 23 and Feb. 20 will receive rewards throughout the programme.

The initiative ties WLFI payouts directly to net USD1 balances on Binance, using a snapshot-based system to calculate qualifying amounts.

Binance is positioning the campaign as an incentive for users who hold or deploy USD1 across supported products, while both USD1 and WLFI continue to see growing activity across the wider crypto ecosystem.

How Binance will distribute WLFI rewards

Binance said WLFI rewards will be paid once a week, starting Feb. 2.

Each weekly distribution will cover activity from the previous seven days.

The campaign is structured to release roughly $10 million worth of WLFI tokens per week, spread across four consecutive weeks, which brings the total allocation to $40 million in WLFI.

The exchange said the rewards are designed to reflect users’ qualifying USD1 balances over time, rather than a single moment in the campaign window.

Which USD1 balances count for eligibility

Eligibility is based on users’ net USD1 balances held on Binance, with multiple account types included in the calculation.

Binance confirmed that USD1 stored in Spot, Funding, Margin, and USDⓈ-M Futures accounts will all count toward the campaign’s rewards calculation.

However, borrowed funds are excluded. Binance said reward calculations are based on net USD1 balances, meaning any USD1 that has been borrowed does not qualify for WLFI rewards.

The exchange also said that USD1 used as collateral in margin or futures accounts earns a higher reward rate.

This introduces an added incentive for users who allocate USD1 into collateral-based trading products, rather than keeping it entirely idle in standard wallets.

Snapshot and rate system used for payouts

Binance said it will take hourly snapshots of user balances throughout the campaign period. However, the rewards calculation does not rely on an hourly average.

Instead, Binance will use the lowest USD1 balance recorded each day to determine a user’s qualifying amount for that day.

For each weekly payout, Binance will then calculate rewards using a seven-day average balance.

This ties distributions to consistency because a single daily dip in holdings could reduce the qualifying amount for that day and then affect the overall weekly average.

Binance also said payouts will use an effective annualised rate, which will be set at the time of each distribution.

As a result, the rate applied could vary between weekly drops depending on the conditions Binance sets when rewards are released.

USD1 growth and WLFI activity in early 2026

USD1, launched in April 2025, is described as a multichain stablecoin that is fully backed one-to-one by US dollars and money market funds.

Since its launch, it has recorded sharp growth. According to data from DeFiLlama, USD1’s market capitalisation now exceeds $3 billion.

The stablecoin is available across several blockchains, including Monad, Ethereum, Solana, and Aptos.

WLFI, the main token of the World Liberty Financial ecosystem, has also seen increased activity in early 2026.

It has recently been added to payroll services, decentralised finance lending platforms, and on-chain liquidity venues.

The token has drawn new interest and partnerships in recent weeks, though its connection to US President Donald Trump has also faced criticism, with some pointing to concerns around a potential conflict of interest.

Binance said users must complete identity verification and live in eligible jurisdictions to take part in the programme.

The exchange added that broker accounts are excluded and noted that reward timing may vary due to operational conditions.

• Group-IB published its report on Jan. 15 and said the method could make disruption harder for defenders.
• The malware reads on-chain data, so victims do not pay gas fees.
• Researchers said Polygon is not vulnerable, but the tactic could spread.

Ransomware groups usually rely on command-and-control servers to manage communications after breaking into a system.

But security researchers now say a low-profile strain is using blockchain infrastructure in a way that could be harder to block.

In a report published on Jan. 15, cybersecurity firm Group-IB said a ransomware operation known as DeadLock is abusing Polygon (POL) smart contracts to store and rotate proxy server addresses.

These proxy servers are used to relay communication between attackers and victims after systems are infected.

Because the information sits on-chain and can be updated anytime, researchers warned that this approach could make the group’s backend more resilient and tougher to disrupt.

Smart contracts used to store proxy information

Group-IB said DeadLock does not depend on the usual setup of fixed command-and-control servers.

Instead, once a machine is compromised and encrypted, the ransomware queries a specific smart contract deployed on the Polygon network.

That contract stores the latest proxy address that DeadLock uses to communicate. The proxy acts as a middle layer, helping attackers maintain contact without exposing their main infrastructure directly.

Since the smart contract data is publicly readable, the malware can retrieve the details without sending any blockchain transactions.

This also means victims do not need to pay gas fees or interact with wallets.

DeadLock only reads the information, treating the blockchain as a persistent source of configuration data.

Rotating infrastructure without malware updates

One reason this method stands out is how quickly attackers can change their communication routes.

Group-IB said the actors behind DeadLock can update the proxy address stored inside the contract whenever necessary.

That gives them the ability to rotate infrastructure without modifying the ransomware itself or pushing new versions into the wild.

In traditional ransomware cases, defenders can sometimes block traffic by identifying known command-and-control servers.

But with an on-chain proxy list, any proxy that gets flagged can be replaced simply by updating the contract’s stored value.

Once contact is established through the updated proxy, victims receive ransom demands along with threats that stolen information will be sold if payment is not made.

Why takedowns become more difficult

Group-IB warned that using blockchain data this way makes disruption significantly harder.

There is no single central server that can be seized, removed, or shut down.

Even if a specific proxy address is blocked, the attackers can switch to another one without having to redeploy the malware.

Since the smart contract remains accessible through Polygon’s distributed nodes worldwide, the configuration data can continue to exist even if the infrastructure on the attackers’ side changes.

Researchers said this gives ransomware operators a more resilient command-and-control mechanism compared with conventional hosting setups.

A small campaign with an inventive method

DeadLock was first observed in July 2025 and has stayed relatively low profile so far.

Group-IB said the operation has only a limited number of confirmed victims.

The report also noted that DeadLock is not linked to known ransomware affiliate programmes and does not appear to operate a public data leak site.

While that may explain why the group has received less attention than major ransomware brands, researchers said its technical approach deserves close monitoring.

Group-IB warned that even if DeadLock remains small, its technique could be copied by more established cybercriminal groups.

No Polygon vulnerability involved

The researchers stressed that DeadLock is not exploiting any vulnerability in Polygon itself.

It is also not attacking third-party smart contracts such as decentralised finance protocols, wallets, or bridges.

Instead, the attackers are abusing the public and immutable nature of blockchain data to hide configuration information.

Group-IB compared the technique to earlier “EtherHiding” approaches, where criminals used blockchain networks to distribute malicious configuration data.

Several smart contracts connected to the campaign were deployed or updated between August and Nov. 2025, according to the firm’s analysis.

Researchers said the activity remains limited for now, but the concept could be reused in many different forms by other threat actors.

While Polygon users and developers are not facing direct risk from this specific campaign, Group-IB said the case is another reminder that public blockchains can be misused to support off-chain criminal activity in ways that are difficult to detect and dismantle.

• London Stock Exchange has launched Digital Settlement House.
• DiSH is a platform for post-trade settlement with 24/7 tokenized commercial bank deposits.
• LSE has welcomed multiple crypto ETPs, the latest a Bitcoin and Gold ETP by 21Shares.

London Stock Exchange Group has announced the launch of its digital settlement hub, a blockchain platform designed to offer 24/7 settlement for tokenized commercial bank deposits.

The LSEG officially unveiled the Digital Settlement House (LSEG DiSH) platform via a press release on Thursday, January 15, 2026.

DiSH is a blockchain-enabled platform that will offer instantaneous and around-the-clock settlements for both on-chain and off-chain payment networks.

Big move for LSEG

According to LSEG, the innovative service bridges traditional finance and digital asset ecosystems, with real-time Payment-versus-Payment (PvP) and Delivery-versus-Payment (DvP) transactions.

DiSH will support multiple currencies and jurisdictions, with these capabilities available on open-access under the London Stock Exchange Group’s Post Trade Solutions division.

“LSEG DiSH expands the tokenised cash and cash-like solutions available to the market, and for the first time, offers a real cash solution tokenised on the blockchain utilising cash in multiple currencies held at commercial banks,” said Daniel Maguire, group head of LSEG Markets and chief executive officer of LCH Group.

Maguire added that the service brings benefits such as reduced settlement risk and integration of existing cash, securities and digital assets into the current market infrastructure.

Institutional adoption of blockchain solutions

Global financial markets continue to see institutions eyeing blockchain solutions for efficient, resilient, and interoperable post-trade processes.

The introduction of LSEG DiSH adds to this momentum, with this set to address challenges such as delayed settlements, fragmented liquidity, and limited operating hours.

LSEG wants to be at the forefront of the evolving tokenized economy, with broader adoption of digital assets ramping up amid regulatory milestones.

DiSH Cash offers additional features, including dynamic intraday borrowing and lending tools.

Users can also tap into optimized liquidity management, synchronized settlement processes, reduced timelines, and enhanced collateral availability.

LSEG’s launch of the platform builds on a successful Proof of Concept (PoC) conducted in collaboration with Digital Asset and a consortium of leading financial institutions.

The PoC was executed on the Canton Network.

Earlier moves, including the announcement of a blockchain trading platform in 2023.

In September 2025, LSEG unveiled Digital Markets Infrastructure, a platform for private funds powered by Microsoft Azure.

DMI delivers a blockchain-powered solution that taps into the benefits of scalability and efficiency to bolster asset issuance, tokenisation and distribution.

This also includes post-trade asset settlement and servicing, with usage and support cutting across multiple asset classes.

Post Trade Solutions recently received strategic investment from 11 major global banks as integration of traditional and digital finance gains traction.

Crypto ETPs launch on LSE

Recently, the London Stock Exchange listed the 21shares Bitcoin Gold ETP (BOLD), a new crypto exchange-traded product that adds to the rising number of crypto ETPs on stock exchanges.

Other firms, including Bitwise, have also expanded access to digital asset investment products via LSE listings.

Regulatory approval from the UK’s Financial Conduct Authority is among the key developments boosting adoption.

• Some crypto community members accused the project team of removing liquidity, sparking rug pull fears.
• Rune flagged data suggesting $3.4 million was drained from the token’s liquidity pool.
• Bubblemaps showed $2.5 million in USDC removed near the peak, with $900,000 not returned after partial additions.

Former New York City Mayor Eric Adams has launched a Solana-based meme coin that he said is aimed at fighting antisemitism and supporting the next phase of innovation in the city.

The token, called the New York City token (NYC), was announced in a Jan. 13 post on X and quickly went live for trading on the Solana decentralised exchange Jupiter.

In the post, Adams shared a link to the token’s official website and said the project was built to fight the spread of antisemitism and anti-Americanism across the US and New York City.

The NYC token initially saw strong momentum after it began trading.

It rallied to a high of $0.58 and briefly reached a market cap of $580 million, according to DEXScreener data.

Liquidity movements trigger rug pull allegations

As the price fell, accusations surfaced online that the team behind the token may have removed liquidity, adding to fears of a potential rug pull.

Crypto analyst Rune flagged data indicating that at least $3.4 million had been drained from the token’s liquidity pool.

Separately, analytics posted by Bubblemaps suggested that a wallet linked to the token’s deployer removed $2.5 million in USDC liquidity when the token was trading near its peak.

After the price had already plunged by more than 60%, about $1.5 million in USDC was added back.

Still, roughly $900,000 was not returned, which further fuelled suspicion among some community members and investors.

The allegations have not been confirmed, but the timing and size of the liquidity movements quickly became a central focus of discussion.

Team cites TWAP strategy to manage volatility

In response to the concerns, the NYC token X account released a statement claiming the project is using Time-Weighted Average Price (TWAP) mechanisms to manage price stability.

The account said funds were being added to the liquidity pool gradually to reduce the risk of further disruption after the initial volatility seen during the launch.

Despite that explanation, the episode has kept attention on how liquidity is handled for newly launched meme coins, especially when trading activity accelerates rapidly across decentralised markets.

Website details token split and proposed use cases

While the token’s official website offers limited detail about the project’s long-term direction, Adams said in a Fox Business interview that proceeds from the NYC token would go toward nonprofits focused on raising awareness about antisemitism and anti-Americanism through educational campaigns.

Other proposed use cases include funding blockchain and crypto education, along with scholarships for students in underserved communities.

Adams officially stepped down as mayor on Jan. 1, after being replaced by Zohran Mamdani.

• More than $107,000 in total losses have already been identified through on-chain analysis.
• No specific wallet provider or exploit vector has yet been confirmed by investigators.
• Attackers are siphoning small amounts under $2,000 per wallet, delaying detection and spreading risk widely.

A new on-chain alert has drawn attention to a discreet but wide-reaching crypto theft campaign affecting hundreds of users across EVM-compatible blockchains.

The warning, shared by blockchain investigator ZachXBT, points to a coordinated wallet-draining operation that has already resulted in more than $107,000 in cumulative losses.

What sets this incident apart is not the size of individual thefts, but how they are carried out. Instead of targeting large balances, the attacker appears to be siphoning relatively small sums from a large number of wallets.

Most losses remain under $2,000 per address, allowing the activity to spread quietly without drawing immediate attention from victims or monitoring systems.

A stealthy pattern emerges

The affected wallets span several EVM-compatible networks, confirming that this is not limited to a single chain or ecosystem.

Transaction data reviewed by investigators shows consistent timing and similar transfer amounts, indicating a coordinated effort rather than isolated incidents.

So far, no specific wallet provider, decentralised application, or smart contract vulnerability has been identified as the entry point. There has also been no official confirmation linking the drains to compromised software updates or phishing campaigns.

What has been established is that the stolen funds are being funnelled into related addresses, suggesting a single actor or closely connected group is responsible.

This lack of a clear exploit vector has complicated efforts to contain the issue.

Without knowing how access is being gained, users and developers are left with limited immediate options beyond heightened vigilance.

Why small losses create big risks

While the financial impact on individual users may appear limited, the method itself raises broader concerns.

By spreading theft across many wallets, attackers can delay detection and reduce the likelihood of rapid, coordinated responses.

Victims may notice missing funds days or weeks later, if at all.

The approach also underlines the persistent risks facing self-custody users who interact with multiple chains, protocols, and permissions.

Each interaction increases the surface area for potential compromise, particularly within the interconnected EVM ecosystem.

The timing of the incident has added to unease in the crypto community.

It follows a series of security breaches in late 2025 that renewed scrutiny around wallet approvals, private key management, and cross-chain activity.

Exploits remain a constant threat

This episode fits into a wider pattern of ongoing security issues across the digital asset sector.

Data from blockchain security firm PeckShield shows that December saw around 26 major crypto exploits, resulting in losses of roughly $76 million.

While that total was significantly lower than November’s $194 million, it confirms that exploit activity remains persistent.

One of the most prominent incidents during the period involved Trust Wallet, which disclosed a security issue linked to a specific version of its browser extension.

The breach, which occurred over the Christmas period, led to about $7 million in losses.

The company has since started compensating affected users and introduced updates to strengthen verification and reimbursement processes.

ZachXBT has said the wallet-draining case is still developing, with fund movements continuing to be tracked.

There is currently no confirmed explanation for how the wallets were compromised, and no single product or service has been publicly blamed.

• An unauthorised contract upgrade enabled direct withdrawals from the protocol.
• Funds were bridged to Ethereum and laundered through Tornado Cash.
• Assets affected included WIP, USDC, WETH, stIP, and vIP.

A governance failure at Unleash Protocol has resulted in a major security breach, with attackers draining around $3.9 million in user funds.

The incident was first identified by blockchain security firm PeckShieldAlert and later confirmed by the Unleash team.

While the exploit did not affect the wider Story ecosystem, it has renewed attention on how governance mechanisms can become a critical point of failure in decentralised finance.

Unleash Protocol is a decentralised platform built on Story Protocol.

The project said the incident was limited to its own contracts and administrative controls, with no signs of compromise across Story Protocol’s validators or core infrastructure.

Even so, the event shows how vulnerabilities at the application level can still lead to significant losses.

Governance controls bypassed

On-chain analysis indicates the attacker targeted Unleash Protocol’s multi-signature governance system.

By exploiting weaknesses in how admin permissions were enforced, the attacker gained unauthorised access normally reserved for approved signers.

This access was then used to push through a contract upgrade that had not been sanctioned by the core team.

The unauthorised upgrade altered how the protocol handled withdrawals. With standard governance checks effectively bypassed, the attacker was able to move funds directly out of the protocol.

According to Unleash, these actions occurred outside its established governance framework and were not detected until after the funds had already been removed.

Laundering through bridges and mixers

After extracting the assets, the attacker bridged the funds to Ethereum. From there, the assets were broken into multiple transactions, a strategy often used to make tracking more difficult.

Blockchain data shows that 1,337.1 ETH was later deposited into Tornado Cash. The deposits were made in varying sizes, ranging from small transfers to batches of up to 100 ETH.

This pattern suggests a deliberate attempt to obscure transaction trails and reduce the effectiveness of on-chain monitoring tools.

Tokens impacted

In an official incident notice, Unleash Protocol confirmed that several assets were affected during the exploit.

These included WIP, USDC, WETH, stIP, and vIP.

The team reiterated that all affected withdrawals took place through the unauthorised contract upgrade rather than through normal user interactions.

The clarification that Story Protocol itself was not compromised is significant.

It indicates that the breach stemmed from Unleash’s internal governance design, not from flaws in the underlying blockchain or its validator set.

Emergency measures taken

Following confirmation of the breach, Unleash Protocol paused all platform operations to prevent further losses.

The team said it is working with independent security experts and forensic investigators to determine how the governance safeguards were bypassed and whether additional vulnerabilities remain.

Users have been advised to avoid interacting with Unleash Protocol contracts until further updates are issued.

The project has stated that future communications will be shared only through official channels as the investigation continues.

• The fund targets infrastructure and scalable blockchain use cases, with a focus on emerging markets.
• Market makers have reduced activity since the Oct. 10 crash, while ETF flows signal lower institutional participation.
• The raise follows HashKey’s $206 million IPO on the Hong Kong stock exchange.

Institutional capital is taking a longer view of crypto markets as short-term liquidity thins out.

That shift is reflected in the first close of a new fund by HashKey Capital, which has secured $250 million in commitments despite choppier trading conditions.

The rise highlights how large investors are repositioning after a volatile period marked by heavy liquidations, ETF outflows, and retreating market makers.

Rather than chasing near-term price moves, capital is increasingly being directed toward infrastructure, financial technology, and real-world blockchain applications with longer-run potential.

Fund strategy and scale

HashKey Capital said its fourth crypto-focused vehicle, the HashKey Fintech Multi-Strategy Fund IV, exceeded expectations at its first close and is targeting a final size of $500 million.

The fund is designed to deploy capital across multiple strategies, with a focus on core infrastructure and scalable use cases aimed at broader adoption.

According to the firm, emerging markets are expected to play a central role, as these regions are increasingly acting as testing grounds for blockchain-based financial services and applications.

Institutional conviction on the back foot

The timing of the close is notable. Crypto markets have been adjusting after a sharp sell-off earlier in October, when a major liquidation event triggered widespread deleveraging.

In a Tuesday post on X, 10x Research said many traders and market makers had reduced activity following the Oct. 10 crash, contributing to thinner liquidity.

Since early November, the 30-day moving average of net flows into US spot Bitcoin and Ether ETFs has turned negative, suggesting that capital is being redeployed or held on the sidelines as conditions tighten.

Track record and expansion

Fund IV builds on HashKey Capital’s established presence in Asia’s digital asset sector.

Since launching in 2018, the firm has grown to manage more than $1 billion in assets and has invested in over 400 projects globally.

Its first fund recorded a distributed-to-paid-in ratio of more than 10x, underlining the scale of returns achieved in earlier cycles.

The firm is headquartered in Singapore and operates across Hong Kong and Japan.

It is part of the broader HashKey Group, which was among the first in Hong Kong to secure a crypto exchange licence.

The group has also been involved in launching the city’s first spot Bitcoin and Ether ETFs, adding to its regulatory and market footprint.

The fundraise comes shortly after HashKey’s entry into public markets.

Last week, the company made its trading debut on the Stock Exchange of Hong Kong following a $206 million initial public offering.

The listing adds another layer of visibility at a time when scrutiny of crypto firms remains high and access to traditional capital markets is becoming more selective.

• The collaboration follows the launch of the Monad mainnet in November 2025.
• Chorus One secures more than $3.5 billion across 30 blockchains.
• More than $6 million was staked during the first week of the programme.

Chorus One has partnered with cryptocurrency exchange Bitget to expand access to Monad staking at a global scale.

The collaboration focuses on simplifying how users interact with the Monad network, which launched its mainnet in November 2025.

The move places emphasis on infrastructure growth, user access, and the broader shift toward staking services.

Both companies confirmed that Bitget’s more than 120 million users will be able to access staking tools through Chorus One’s platform, creating new pathways for participation in the growing staking economy.

Validator expansion

The Monad network is a layer one blockchain that emphasises high throughput.

It supports Ethereum contracts without requiring any code changes, according to its technical documentation.

The focus of the integration between Bitget and Chorus One is to support a validator environment that can grow with decentralisation, geographic diversity, and long-term stability.

Chorus One already secures assets across more than 30 blockchains and reports securing over $3.5 billion in staked assets.

The platform also holds ISO 27001 certification, which is a standard used to assess security practices.

This places the partnership inside a broader trend where staking providers with stronger compliance frameworks are becoming central to blockchain infrastructure.

User access

Monad allows users to unstake assets in around 5.5 hours. Chorus One’s staking model supports flexible terms, which means both institutional and retail users on Bitget can stake or restake Monad tokens based on their preferences.

The partnership creates a direct path for Bitget users to enter the Monad ecosystem.

Within the first week of the staking programme launch, Chorus One released figures showing that more than $6 million worth of assets had been staked on the network.

The rapid participation signals interest in Monad’s performance-focused design and the integration with a major exchange ecosystem, reflecting a wider demand for accessible staking opportunities worldwide.

Market expansion

Bitget operates in several regions, including the Asia Pacific and African markets.

The platform’s presence in these regions gives the new staking programme a wider reach, especially in places where digital asset demand is growing.

Chorus One has already worked with the Avalanche Foundation to expand validator infrastructure across Africa, which positions the company to contribute to similar regional development for the Monad network.

The companies stated that the partnership aims to support cryptocurrency adoption in emerging markets by providing tools that reduce entry barriers and increase access to blockchain-based services.

With the expansion of new networks such as Monad, staking options are becoming a way for users in developing regions to take part in blockchain activity without needing a complex technical setup or advanced hardware.

• Silk Road-tagged wallets sent $3.14 million in Bitcoin across 176 transfers this week.
• The transactions are the most significant Silk Road-linked activity in five years.
• The wallets sent funds to a new address beginning with bc1qn.

Silk Road-linked cryptocurrency activity has resurfaced, drawing attention to long-quiet Bitcoin wallets connected to the darknet marketplace.

The movement comes less than a year after US President Donald Trump granted a full pardon to Silk Road founder Ross Ulbricht.

While the pardon focused global attention on Ulbricht’s legal case, blockchain analysts are now tracking renewed activity that marks the highest level of transfers in years.

The latest movement, recorded on Tuesday, is raising fresh questions about dormant coin reserves linked to the marketplace and how much Bitcoin remains undiscovered or untouched across older blockchain addresses.

Silk Road wallets show renewed Bitcoin flows

Silk Road-tagged wallets transferred about $3.14 million worth of Bitcoin BTC $92,626, according to Arkham. The activity involved 176 transactions, making it the most significant movement from these addresses in five years.

Earlier this year, the same wallets carried out only three small test transactions, suggesting that substantial activity had been paused.

The transfers this week were sent to an unknown cryptocurrency wallet with the address prefix bc1qn.

The primary Silk Road-associated wallets still hold about $38.4 million in Bitcoin.

The newly created address holds only the transferred $3.14 million.

Pardon puts focus back on historic Silk Road funds

Interest in the wallets has intensified since January, when Trump issued a full pardon to Ulbricht.

Before the pardon, Ulbricht had been serving a double life sentence without parole for creating and operating Silk Road, which allowed anonymous trading of illicit goods using Bitcoin.

The pardon also sparked new activity around the Free Ross campaign.

Supporters have contributed about $270,000 in Bitcoin donations since the announcement, based on on-chain data.

Unseized Bitcoin linked to Ulbricht gains attention

Alongside the renewed transfers, discussions have shifted to older cryptocurrency holdings believed to be connected to Ulbricht but never seized by authorities.

The US government previously confiscated at least $3.36 billion in Bitcoin from Silk Road, marking one of the largest recoveries in the history of digital asset enforcement.

Yet blockchain analysts tracking historical movements have identified additional reserves that remain untouched.

Coinbase exchange director Conor Grogan highlighted that 430 BTC, worth about $47 million, has not moved for more than 13 years.

These tokens are held in wallets thought to be linked to Ulbricht.

Dormant Bitcoin wallets remain a focal point

Another Silk Road-tagged wallet likely controlled by Ulbricht contains about $8.3 million in Bitcoin.

This wallet has seen only three small test transactions over the past 10 months and has otherwise remained inactive for 14 years, according to Arkham.

The transfers observed this week have therefore shifted attention back to dormant Bitcoin reserves that could hold substantial amounts.

Experts monitoring historical blockchain activity note that movements involving older darknet-linked wallets often prompt speculation about ownership, recovery efforts, or changes in operational control.

The recent activity does not clarify why these wallets began moving again or who controls the receiving address.

However, the timing, extended periods of inactivity, and historical significance of the addresses have made the transfers notable within the crypto community.

As blockchain analysis tools improve and more historical data becomes searchable, renewed activity from legacy darknet sources continues to shape conversations about unseized assets and the long-term movement patterns of early Bitcoin holdings.

• The fund is seeded with $100 million and requires a minimum investment of $1 million.
• Tokenized money-market funds offer faster settlement, continuous trading, and onchain ownership visibility.
• The tokenized money-market sector has grown to $9 billion in assets over the past year.

JPMorgan Chase is preparing to deepen its push into blockchain-based finance through a tokenized money-market fund on Ethereum, according to a Wall Street Journal report published on Monday.

The bank has not formally announced the product, but the report suggests JPMorgan is moving closer to offering onchain versions of traditional cash-management tools as institutional interest in tokenization grows.

The reported initiative comes as large investors look for ways to deploy idle cash more efficiently while maintaining regulatory compliance.

With about $4 trillion in assets under management, JPMorgan’s reported plans highlight how tokenization is evolving from experimental pilots into investment products associated with major global balance sheets.

The proposed fund would enter a fast-growing segment of digital finance where money-market products are increasingly viewed as a bridge between traditional markets and blockchain infrastructure.

Tokenized money-market fund rollout

The fund, known as My OnChain Net Yield Fund, or MONY, has been seeded with $100 million from JPMorgan’s asset management division, the Wall Street Journal stated.

The product is expected to open to external, qualified investors this week, although no official confirmation has been issued by the bank.

The minimum investment is set at $1 million, keeping the fund focused on institutional participation rather than retail investors.

MONY is designed to operate in line with conventional money-market funds, holding short-term debt instruments and paying interest on a daily basis.

Investors would be able to redeem their shares either in cash or through Circle’s USDC stablecoin, reflecting the growing use of regulated stablecoins in institutional settlement and liquidity management.

Why Ethereum and tokenization matter

JPMorgan has built the reported fund on Kinexys Digital Assets, its in-house tokenization platform, with Ethereum selected as the underlying blockchain, according to the Wall Street Journal.

Tokenized funds record ownership onchain, allowing faster settlement, real-time visibility, and continuous trading beyond standard market hours.

These features are attracting attention from asset managers, trading firms, and treasury desks seeking operational efficiency while continuing to rely on low-risk instruments.

Tokenized money-market funds are also increasingly used within decentralised finance ecosystems as reserve assets and as collateral for trading and asset management.

Competition among financial giants

JPMorgan’s reported plans place it alongside other large financial institutions that have already launched tokenized money-market products.

Franklin Templeton introduced its BENJI fund in 2021, becoming one of the earliest traditional asset managers to adopt blockchain-based fund infrastructure.

BlackRock followed in 2024 with its BUIDL fund, developed with tokenization specialist Securitize, which has since attracted about $2 billion in assets, according to data from RWA.xyz.