Share
At 01:08 UTC on Saturday, May 30, Circle blacklisted an Ethereum smart contract address and froze $12.6 million in USDC (USDC) in a single automated action. The target was not a hacker’s wallet or a sanctioned entity.
It was Zama’s publicly labeled confidential USDC contract, a privacy protocol that had nothing to do with the legal dispute that triggered the freeze. The collateral damage was immediate, and the questions it raised about Circle’s freezing powers have not gone away.
ZachXBT: $12.6M in Zama cUSDC Frozen After Circle Blacklisting
ZachXBT revealed that Circle may have blacklisted the contract address of privacy protocol Zama’s confidential USDC (cUSDC) on Ethereum around seven hours ago, freezing approximately $12.6 million in user funds.… pic.twitter.com/CBHDSjfShY
— Wu Blockchain (@WuBlockchain) May 30, 2026
The freeze stems from a class-action lawsuit filed on May 28, 2026, in the US District Court for the Northern District of California. The case, Newton AC/DC Fund LP v. Maxim Ermilov, alleges Ermilov misappropriated more than $15 million from Overnight Finance’s treasury. Judge P. Casey Pitts issued a temporary restraining order on May 29, directing Circle to blacklist assets linked to the alleged transfer.
The complaint alleges that just before a governance vote to liquidate Overnight Finance’s treasury crossed a majority threshold on May 11, Ermilov shifted more than $15.77 million out of treasury wallets into a new address. About $12.5 million of it was USDC, with the bulk landing in Zama’s confidential contract. Ermilov disputed the plaintiffs’ allegations, arguing OVN holders had no right to force a treasury distribution in the first place.
The lawsuit was brought partly by Patagon Management, an activist investor firm with a documented record of forcing decentralized autonomous organization payouts. Patagon secured a $35-million asset freeze in a similar case in 2023. The speed of the legal action, from alleged misappropriation to a federal Temporary Restraining Order (TRO) in under three weeks, reflects a playbook that is becoming more sophisticated with each iteration.
The blacklisted address, “0xe978F22157048E5DB8E5d07971376e86671672B2,” is publicly labeled on Etherscan as “Zama: cUSDC Token,” a proxy contract using Zama’s ConfidentialWrapperV2 architecture deployed 154 days ago.
Zama had no involvement in the Overnight Finance dispute. Its contract was frozen because a third party deposited disputed funds into it.
Zama CEO Rand Hindi confirmed his team is investigating, noting that the vast majority of funds in the contract came from the deposit in question.
Thanks to @zachxbt, we found the root cause and will be taking the appropriate actions to unblock the situation. Tldr; this has nothing to do with Zama, or privacy.
The issue stems from an address related to the Overnight Finance hack, which deposited over ~$12.5m USDC into our… https://t.co/PThaUVEwAH
— Rand (@randhindi) May 30, 2026
Onchain investigator ZachXBT, who first flagged the freeze publicly, said Zama’s team does not appear to have been notified by Circle prior to the blacklist action. Zama subsequently announced plans to isolate the flagged deposit before a June 1 hearing to restore access for unaffected users.
The Zama case would be striking enough in isolation. In the context of Circle’s recent enforcement history, it is part of a pattern that analysts and onchain investigators have been documenting with growing concern.
In March 2026, Circle froze 16 unrelated business hot wallets in response to a sealed civil case, including the Dfinity Foundation’s ckETH Minter contract, a bridge between Ethereum and the Internet Computer Protocol. ZachXBT called it potentially the most incompetent freeze he had seen in five years.
The failures of omission are equally troubling. ZachXBT has compiled a list alleging Circle has failed to freeze roughly $420 million across approximately 15 incidents since 2022. Among them was the April 2026 Drift Protocol hack, in which Circle failed to freeze $232 million in stolen user funds despite having a six-hour window to act.
The emerging portrait is of a freeze mechanism that moves aggressively in response to court orders while failing to respond to some of the most significant theft events in recent decentralized finance (DeFi) history.
The Zama incident crystallizes a tension that sits at the heart of stablecoin design. USDC is marketed as a permissionless, programmable dollar. But Circle holds a master switch that can freeze any address or contract at will, and that switch is exercisable in response to a US federal court order issued with no notice to the affected protocol.
ZachXBT described the freeze as precedent-setting, arguing it was problematic to unilaterally freeze the contracts or addresses of a protocol where funds have been commingled with users who have no connection to the underlying dispute. The legal logic is coherent: Circle received a court order and complied. The DeFi logic is equally coherent: A smart contract that can be switched off by a stablecoin issuer responding to a civil lawsuit is not decentralized infrastructure; it is a centralized service with a blockchain interface.
The June 1 hearing will determine whether the TRO holds, is modified, or is lifted. Whatever Judge Pitts decides, the Zama freeze has already demonstrated that $12.6 million in user funds can be immobilised overnight based on a third party’s allegedly wrongful deposit, without notice to the protocol, and with no mechanism for innocent users to recover access in the interim. That is a risk embedded in every DeFi protocol that touches USDC, and the Zama incident has made it visible in a way that is difficult to ignore.
Share
preferred on
