a newsletter by Molly White
Sign in Subscribe
Crypto recaps

Issue 84 – Rogue overseas support agents

Coinbase’s substantial data breach coincides with a convenient terms of service update, while the GENIUS Act stablecoin bill regains momentum in the Senate

Molly White

Molly White

16 min read
Collage of passports, drivers licenses, phone numbers, monetary amounts, and masked social security numbers, with the Coinbase logo above
audio-thumbnail
Issue 84 – Rogue overseas support agents
0:00
/1346.246531
Listen to me read this post here (not an AI-generated voice!), subscribe to the feed in your podcast app, or download the recording for later.

Coinbase followed up its jubilant announcement that it would be joining the S&P 500 by almost immediately having to disclose a significant customer data breach — just as new customer terms came into effect to introduce additional barriers to filing class action lawsuits against the company.

Meanwhile, the GENIUS Act stablecoin bill advanced in the Senate with unusual speed, reflecting the crypto industry’s urgent push for legislation before the midterm elections potentially weaken their influence in Congress. After unanimous Democratic opposition in the cloture vote earlier this month [I83], sixteen Democratic Senators have now voted along with nearly all Republicans to move the bill forward to a final Senate vote.

Citation Needed is an independent publication, entirely supported by readers like you. Consider signing up for a free or pay-what-you-want subscription — it really helps me to keep doing this work.

Coinbase

On May 12, Coinbase announced it will join the S&P 500 as its “first and only crypto company”.1a This is the latest change that may see more American investors inadvertently exposed to the cryptocurrency industry via index funds, following MicroStrategy’s entry into the NASDAQ-100 in December 2024 [I72].

Their joy was likely tempered when, only two days later on May 14, they had to announce a data breach that exposed customer data including names, addresses, phone numbers, email addresses, images of government ID documents, account balance and transaction data, and masked social security and bank account numbers. Although leaks like this typically lead to an uptick in phishing attempts, where scammers use the private information to contact customers and more convincingly impersonate Coinbase employees, the leak of account balance data and customer addresses is also particularly concerning given the recent spike in violent attacks and kidnappings targeting wealthy crypto holders.

Crypto security researchers have been warning for months about Coinbase’s evidently poor security practices and lack of attention to customer complaints, and describing hacks in which victims reported being scammed by attackers who seemed to have access to private Coinbase data [I76]. In February, zachxbt wrote: “Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month. ... Coinbase is in a position where they have the power to make these changes and set a good example but they have chosen to do little to nothing.”

According to Coinbase, the data thieves bribed some members of Coinbase’s poorly paid offshore customer support team, who they described as “rogue overseas support agents”, who are reportedly earning less than $5,000 annually.2 Coinbase’s cybersecurity disclosure filing with the SEC admitted that they had been grappling with this issue for months: “The threat actor appears to have obtained this information by paying multiple contractors or employees working in support roles outside the United States to collect information from internal Coinbase systems to which they had access in order to perform their job responsibilities. These instances of such personnel accessing data without business need were independently detected by the Company’s security monitoring in the previous months.”3 Bloomberg later reported that “the hackers did have near-constant access to some of Coinbase Global Inc.’s most valuable customer data since January”, citing an anonymous source familiar with the incident.4

At least five lawsuits have been filed against Coinbase since the breach disclosure.5 However, an incredibly conveniently timed update to Coinbase’s customer terms, announced on April 12 and applying to disputes filed after May 15, may make it more challenging for these cases to succeed. While Coinbase’s customer terms previously contained some text seeking to limit class action lawsuits and force customers into arbitration, the update made some key changes, most significantly aiming to force lawsuits to be filed in New York. The new version also expands clauses limiting collective litigation, mass arbitration, and sharing of information between separate parties involved in arbitration proceedings against Coinbase. It also aims to force any claims that do proceed in court rather than arbitration to go to a bench trial instead of a trial by jury, reduces thresholds triggering batch arbitration, and much more prominently highlights the “Class, Collective, Representative, and Mass Action Waiver and Jury Trial Waiver”.

Of the five lawsuits filed against Coinbase for the data breach thus far, all are class actions, none were filed before May 15, and two were filed outside of New York.

Coinbase logo 4/12/2025 Update to the Coinbase User Agreement We are emailing you about an important upcoming update to the Coinbase User Agreement. This update will revise our Arbitration Agreement with you. We made these updates to streamline the process for resolving disputes. You can read the entire agreement here. The revised terms are in sections 9.9, 9.10 and Appendix 6. These terms apply only to disputes that you or we initiate after May 15, 2025. The current terms will continue to apply until May 15. Please make sure you read the updated User Agreement. Thank you for being part of the crypto economy! Team Coinbase
9.9. Class, Collective, Representative, and Mass Action Waiver and Jury Trial Waiver. You and Coinbase agree that, except as specified in the Batch Arbitration Provision set forth above, each of us may bring claims against the other only on an individual basis and not on a class, representative, or collective basis or as part of a mass action (such as a mass arbitration), and the parties hereby waive all rights to bring or to participate in such actions in arbitration or in court to the maximum extent permitted by applicable law. This provision does not prevent you or Coinbase from participating in a class-wide settlement of claims. YOU AND WE AGREE TO WAIVE OUR RIGHTS TO A JURY TRIAL. To the extent that any Dispute proceeds in court, and to the maximum extent permitted by applicable law, you and we agree to waive any right to a jury trial and have such matter resolved by a judge (also known as a bench trial). 9.10 Forum Selection. Unless you and Coinbase agree otherwise, to the maximum extent permitted by applicable law, the state and federal courts in New York, New York (except for small claims courts, in which case you and we agree to resolve our Disputes in a small claims court of competent jurisdiction) will have exclusive jurisdiction over any Dispute that is not subject to arbitration or over any action involving the applicability or enforceability of the Dispute Resolution section 7 or any portion of the Dispute Resolution section (including the Arbitration Agreement, Appendix 5). You and Coinbase consent to the exclusive jurisdiction of these courts and waive any objections as to: (1) personal jurisdiction or (2) the laying of venue in such courts because of inconvenient forum or any other basis or right to seek to transfer or change venue of any such action to another court.

Coinbase CEO Brian Armstrong responded to my reporting on this timing to describe it as a “conspiracy theory”, claiming that customers were being notified before the user agreement change, and that the change merely “made the user terms consistent”.6

He did not immediately respond to a clarification that the change was much more substantial than he described, including the entirely new forum clause. He also did not respond to a question asking why it took Coinbase more than a month to disclose the breach to the SEC (per his admission; more, if Bloomberg’s reporting is accurate), when such disclosures are required within four business days of companies discovering material cybersecurity incidents.7

Tweet by Brian Armstrong: We started notifying users about this on April 11th, so it had nothing to do with the data breach. You’re giving us far too much credit in your conspiracy theory. The class action waiver has always been in our arbitration agreement btw, so this change (amongst many others) just made the user terms consistent. 2:41 PM · May 20, 2025 Reply by Molly White: It did more than “make the user terms consistent” — the clause forcing litigation in New York is entirely new, for example. Screenshot of text: "While Coinbase’s customer terms previously contained some text seeking to limit class action lawsuits and force customers into arbitration, the update made some key changes, most significantly aiming to force lawsuits to be filed in New York. The new version also expands clauses limiting collective litigation, mass arbitration, and sharing of information between separate parties involved in arbitration proceedings against Coinbase. It also aims to force any claims that do proceed in court rather than arbitration to go to a bench trial instead of a trial by jury, reduces thresholds triggering batch arbitration, and much more prominently highlights the 'Class, Collective, Representative, and Mass Action Waiver and Jury Trial Waiver'." Reply by Molly White: And if you knew about the data breach as far back as at least April 11 (or much further, according to outside reporting from Bloomberg), why did it take you another month to disclose with the SEC?
(Tweets)

It remains to be seen whether courts will find the waivers of rights and forum selection clause to be enforceable, and Coinbase could also feasibly run into problems establishing that preexisting customers had agreed to the updated terms without any sort of express acknowledgement.

Coinbase says that the thieves demanded a $20 million “ransom” in exchange for not disclosing the information, which Coinbase refused. Coinbase has offered a reward for information on the thieves and promised to reimburse customers who “mistakenly sent funds to the scammer as a direct result of this incident prior to the date of this post”. They’ve estimated these reimbursements could cost them “up to $400 million”. However, Coinbase has been a little cagey about the scale of the breach, disclosing only that data was compromised on “less than 1% of Coinbase monthly transacting users”.8 Presumably they mean fewer than roughly 100,000 customers have been impacted altogether, based on their most recent MTU figures. However, someone pointed out to me that this statement could mean fewer than 100,000 of Coinbase’s monthly transacting users had their data exposed, along with some potentially much larger percentage of all customers, but that would be incredibly misleading.

In the courts

Prosecutors in the case against Tornado Cash co-founder Roman Storm have dropped the allegation that he was operating an unlicensed money transmitting business.9 This seems to follow direction by Deputy Attorney General Todd Blanche, whose April 7 memo instructed the Justice Department to “not charge regulatory violations in cases involving digital assets—including but not limited to unlicensed money transmitting under 18 U.S.C. § 1960(b)(l)(A)” [I81]. Though the memo made no instructions for already charged cases, at least one defendant in a separate crypto anonymizer case in the same district (Samourai Wallet) has argued it should be retroactive [I83], and this could be a good sign for their chances of success. However, like Storm, the Samourai Wallet defendants face additional charges.

Storm’s lawyers are likewise drawing on the Samourai case, echoing the Samourai defendants’ arguments from earlier in May that prosecutors improperly withheld communications with the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) that could undermine the government’s case [I83].10 While the call in question was about Samourai Wallet, the Tornado Cash defense team argues that the reasoning under which FinCEN employees opined that Samourai Wallet might not be a money services business may also apply to Tornado Cash.

Prosecutors have filed racketeering charges against a group that allegedly stole over $263 million in crypto, including $243 million from a single individual. Two people were charged in September 2024 in connection to the theft [W3IGG], but the superseding indictment now names twelve defendants who became friends on online gaming platforms, then launched a “social engineering enterprise” to steal cryptocurrency. According to the indictment, the enterprise included “database hackers, organizers, target identifiers, callers, money launderers, and residential burglars targeting hardware virtual currency wallets.”11

Eric Council Jr., who compromised the SEC’s Twitter account in January 2024 and falsely announced the launch of spot bitcoin ETFs [I69, 77], has been sentenced to 14 months in prison on identity theft and access device fraud charges.12

The Fantom Foundation, now Sonic Labs, has been approved by a Singaporean court to liquidate the Multichain Foundation to recoup money lost in a $210 million exploit in 2023 [W3IGG].13 Fantom’s losses amounted to around $67 million. Multichain’s CEO disappeared shortly before the exploit, rumored to have been arrested in China, and hasn’t re-emerged [I28].

Trump business interests

Trump’s memecoin dinner is coming up on May 22. As of the final count, 72% of the wallets on the leaderboard are likely controlled by entities outside the US. The top holder is still an HTX hot wallet likely representing Justin Sun, who has yet to publicly confirm he’s attending the dinner, but who just so happened to show up in the US on May 19.

Tweet by Justin Sun: “Excited to be back in the🇺🇸! Where should I visit next? Let me know👇”
(Tweet)

The leaderboard was finalized ten days before the dinner, presumably to give Trump’s team time to perform background checks on guests. This allowed those who purchased $TRUMP tokens solely to secure a dinner invite to dump the tokens, and many have, despite the Trump team’s attempts to thwart a selloff by announcing a “Very Special and Rare” “TRUMP DIAMOND HAND limited edition TRUMP SOLANA NFT” for any dinner attendees still holding their tokens by the time of the dinner.14

Elsewhere in Trump memecoin news, the Nasdaq-listed GD Culture Group, described by the New York Times as a “struggling technology company that has ties to China and ... recorded zero revenue last year from an e-commerce business it operates on TikTok” announced it would spend up to $300 million on $TRUMP tokens after raising money through a stock sale agreement with an unidentified entity in the British Virgin Islands. This adds another entry to Trump’s ever growing list of conflicts of interest, as he stands to earn money from a substantial token purchase by a company reliant on TikTok while he simultaneously directs Chinese foreign policy and intervenes in a potential TikTok ban.15

David Bailey, a close Trump crypto adviser who runs Bitcoin Magazine and the annual Bitcoin conference where Trump debuted as “crypto president,” is following in the footsteps of others close to Trump, including Trump’s sons and Brandon Lutnick, son of Commerce Secretary Howard Lutnick. Bailey’s new company, Nakamoto, is following the same rough blueprint as the Trump sons’ American Bitcoin and Lutnick’s Twenty One Capital: create a new company, merge it with an existing public company or SPAC,b and accumulate bitcoin to become a bitcoin proxy bet.c Bailey, the Trump sons, and Lutnick are themselves following a playbook established by Michael Saylor and his MicroStrategy company (now just Strategy). The MicroStrategy technique has been criticized as both a bubble16 and a Ponzi scheme17 likely to collapse if bitcoin prices fail to go up forever. Good thing that never happens in crypto. Now, however, with the president’s family members, close advisers, and family members of others in the administration all running businesses that depend on bitcoin prices rising, there are even more conflicts of interest incentivizing Trump and others in the government to try to bolster the crypto industry and crypto prices.

House Democrats have followed up last week’s flurry of letters by their Senate counterparts [I83] with a letter to Treasury Secretary Scott Bessent, requesting all suspicious activity reports (SARs) related to Trump’s World Liberty Financial and memecoin projects. The letter also asked for SARs pertaining to the WinRed online fundraising platform and super PACs including Elon Musk’s America PAC.18

One letter from last week has received a public response: Senator Blumenthal’s letter to World Liberty CEO Zach Witkoff. Witkoff, who characterized Blumenthal as a “politician with an axe to grind”, mostly used his response to promote World Liberty Financial and its plans to “democratize access to the financial system”. The only substantive reply to Blumenthal’s several pages of questions was to write that “WLFI has no affiliation, formal or informal, with Fight, Fight, Fight LLC or its Chief Executive Officer, Mr. Bill Zanker.”19 (Fight Fight Fight LLC is behind the Trump memecoin, and is just one of a much longer list of entities Blumenthal inquired about).

In government

The GENIUS Act stablecoin bill has already advanced in the Senate, after all Democrats and several Republicans voted against it less than two weeks ago amid concerns about Trump’s serious crypto conflicts of interest [I83]. Some Democrats tried to insist that any stablecoin bill include explicit prohibitions preventing the president, Congress members, and others in government from creating and selling digital assets; others, such as the bill’s co-sponsor and longtime crypto industry ally Kirsten Gillibrand, argued that Trump’s crypto activities are “already illegal” and that the bill shouldn’t “deal with all of President Trump’s ethics problems”.20

Despite little in the way of acquiescence to Democrats’ requested changes, 16 Democrats voted in support of the cloture motion: Alsobrooks (MD), Blunt Rochester (DE), Booker (NJ), Cortez Masto (NV), Fetterman (PA), Gallego (AZ), Gillibrand (NY), Hassan (NH), Heinrich (NM), Lujan (NM), Ossoff (GA), Padilla (CA), Rosen (NV), Schiff (CA), Slotkin (MI), Warner (VA).21 The bill will now go to a full vote, likely this week, and will likely still pass after a symbolic but unsuccessful vote on an amendment to limit Trump’s crypto involvement.

The breakneck pace of this bill is likely due to the crypto industry’s concern that their influence on Congress might diminish after the midterm elections. “We have a very narrow window to get legislation through. The midterms are next year. I think it’s very likely that our window closes at the midterms,” explained a board member of the Blockchain Association lobbying group.22

In Arizona, Governor Hobbs is juggling yet more crypto bills after signing one and vetoing one earlier this month [I83]. She’s vetoed two more bills, including S.B. 1373, another bill that would have allowed the state to establish a strategic reserve for cryptocurrency. “I have already signed legislation this session which allows the state to utilize cryptocurrency without placing general fund dollars at risk,” she wrote, referring to the H.B. 2749 “Bitcoin Reserve Fund” bill she signed on May 7.23 She also vetoed S.B. 1024, which would have allowed state agencies to accept cryptocurrency for payments. “Legislators on both sides of the aisle acknowledged it still leaves the door open for too much risk,” she explained.24

In regulators

SEC

District Court Judge Analisa Torres denied a joint request by Ripple and the SEC for an indicative ruling that, if jurisdiction over the case returned to her from the Second Circuit, she would “dissolve” the Court’s injunction against Ripple to stop illegally selling securities and reduce the civil penalty from $125 million to $50 million. Torres denied the request for procedural reasons, writing that it “amounts to a motion to vacate significant portions of the Final Judgment” and needs to be filed under a different rule to “address the heavy burden they must overcome to vacate the injunction and substantially reduce the Civil Penalty”. She noted that even if the parties filed the request correctly, “relief from judgment... is granted ‘only upon a showing of exceptional circumstances.’”25 The SEC previously said that if Torres indicated she would grant the relief sought, they would request a limited remand to the district court and then move to dismiss the ongoing appeals in the Second Circuit.26

Although the SEC dismissed with prejudice its lawsuit against Coinbase, the New York Times reported a separate ongoing investigation into whether Coinbase misstated its user figures in both securities filings and marketing contexts. Coinbase had claimed to have 100 million or more “verified users”, but stopped using the figure in 2023, saying it was “not indicative of our overall performance”. Coinbase now reports on “monthly transacting users”,d claiming to have 9.7 million in their latest quarterly report.27 According to the Times, it’s common for the SEC to investigate when companies stop using measurements previously used in advertising to ensure they weren’t misleading investors.28

CFTC

Two crypto-friendly Republican CFTC Commissioners are about to step down. Commissioner Summer Mersinger, a longtime ally to the crypto world, resigned on May 14, even though her term was not due to expire until 2028. The revolving door will deposit her into the CEO position at the Blockchain Association crypto lobbying firm after she leaves the CFTC at the end of the month.2922

CFTC Acting Chair Caroline Pham also plans to leave the agency when a new Chairperson is installed.30 The nominee, not yet Senate-confirmed, is Andreessen Horowitz’s Brian Quintenz, who served as a CFTC Commissioner during Trump’s first administration and briefly under Biden [I77].

Pham’s and Mersinger’s announcements follow Democratic CFTC Commissioner Christy Goldsmith Romero’s March announcement [I78]. If Quintenz joins the agency, it will just be him and Democrat Kristin Johnson left, leaving the agency without a party majority.

Outside the US

The judge overseeing Argentina’s probe into the Libra memecoin catastrophe and its connection to Argentina’s President Milei [I77, 79, 82] has ordered the Argentinian Central Bank to provide information on bank accounts belonging to Milei and his allegedly involved sister. Shortly before this order, the judge also ordered the freezing of assets belonging to Hayden Davis and other businessmen involved with the project.31

The string of violent attacks on people known or believed to hold substantial cryptocurrency [I75] has continued, recently concentrated in France. There have been two successful kidnappings in France this year: the January kidnapping of Ledger co-founder David Balland and his wife [I75], and the May kidnapping of a crypto millionaire’s father. Both Balland and the father had fingers cut off during the attacks as their assailants tried to extort money.32 All were rescued. Most recently, kidnappers tried to abduct the daughter and grandson of the CEO of the Paymium cryptocurrency exchange, but were thwarted by a shopkeeper with a fire extinguisher. After the attack, France’s Interior Minister Bruno Retailleau announced a meeting with cryptocurrency entrepreneurs “to work with them on their security, to make them aware of the risks, and to take together measures to protect them”.33 After the meeting, the interior ministry stated that wealthy cryptocurrency investors would receive priority access to the police emergency line and home visits from law enforcement to advise on increasing their personal security.34

Elsewhere in crypto

Telegram reportedly shut down major cryptocurrency-denominated illicit marketplaces on their platform, following an Elliptic report about the massive scale of such Telegram-based marketplaces, like Cambodia’s Huione, which was designated a “primary money laundering concern” by FinCEN on May 1 [I83]. According to Elliptic, the Huione and Xinbi marketplaces together processed over $35 million in stablecoin transactions for illicit goods including stolen data and torture devices, and services like money laundering and human trafficking. While many early illicit marketplaces operated on the dark web, Elliptic reported that “illicit marketplaces have largely shifted to operating through the instant messaging app Telegram, which provides access to an audience of over a billion users.”35

The Web3 is Going Just Great recap

There was one entry between May 12 and May 20, averaging 0.1 entries per day.

  • Curve Finance website and Twitter account hacked [link]

Worth a read

Law Dork. “It does matter. Defending the rule of law in the Trump era is essential.”.

Chris Geidner at Law Dork responds to those who react to news about court rulings against the Trump administration with “Well, it doesn’t matter. They don’t follow court orders.” His response is realistic, and does not naively pretend that courts are some sort of unassailable institution under authoritarianism. He writes: “Yes, [Trump] is going to keep taking actions that disregard the limits placed upon him. But it is not up to him to decide that he can do so. It is up to the other branches; other institutions; and — ultimately — all of us whether we allow it.”

The Verge. “AI therapy is a surveillance machine in a police state”. (Paywalled).

I usually try to avoid sharing paywalled articles here, but this is a very good one. Adi Robertson writes for The Verge about the people who are “pouring their secrets out to chatbots, sometimes in dedicated therapy apps” while “the government is obsessed with obtaining a nearly unprecedented level of surveillance and control over residents’ minds: their gender identities, their possible neurodivergence, their opinions on racism and genocide.”

In the news

Intelligencer. “Here’s Who Is Going to Donald Trump’s Meme Coin Dinner”.

Intelligencer cited some of my analysis on Trump’s memecoin dinner attendees in their article about the same.

That's all for now, folks. Until next time,

– Molly White

Footnotes

  1. This is close enough to accurate, I suppose, although the S&P 500 contains numerous other financial and fintech firms with crypto products or exposure, such as PayPal and Invesco.

  2. And any public company will do. Nakamoto is merging with KindlyMD, which is a healthcare company with no previous cryptocurrency involvement.

  3. While American Bitcoin is also a bitcoin mining firm, Eric Trump has been explicitly positioning the company as a bitcoin proxy bet. The younger Trump describes Saylor as a “dear friend”, and has said that Saylor’s advice to mortgage Mar-a-Lago to buy bitcoin was likely good advice.36

  4. Coinbase says: “We define a Monthly Transacting User (‘MTU’) as a consumer who actively or passively transacts in one or more products on our platform at least once during the rolling 28-day period ending on the date of measurement.”

References

  1. Coinbase joins the S&P 500, another summit scaled on Coinbase’s drive towards economic freedom”, Coinbase.

  2. Tweet by Tayvano_.

  3. Coinbase Form 8-K, May 14, 2025. US Securities and Exchange Commission.

  4. Coinbase Hack Rocks the Company That Led Crypto Into Mainstream”, Bloomberg.

  5. Cases involving Coinbase filed between May 14 and May 20.

  6. Tweet by Brian Armstrong.

  7. Tweets by Molly White.

  8. Protecting Our Customers - Standing Up to Extortionists”, Coinbase.

  9. Letter filed on May 15, 2025. Document #144 in US v. Storm.

  10. Letter motion filed on May 16, 2025. Document #148 in US v. Storm.

  11. Superseding indictment filed on April 30, 2025. Document #50 in US v. Lam.

  12. Alabama Man Sentenced to 14 Months in Connection with Securities and Exchange Commission X Hack that Spiked Bitcoin Prices”, press release by the US Department of Justice.

  13. Sonic Labs secures court order to liquidate Multichain Foundation to recoup losses from $210 million exploit”, The Block.

  14. Tweet by TrumpMeme.

  15. Tiny Company With China Ties Announces Big Purchase of Trump Cryptocurrency”, The New York Times.

  16. MicroStrategy Stock’s Big Swings Could Be Another Sign of a Looming Market Crash”, Barron’s.

  17. Ponzi or Pioneer? Evaluating the Viability of MicroStrategy’s BitcoinFocused Model”, David Krause.

  18. Top House Dems Demand All Suspicious Activity Reports Related to Trump Crypto Ventures, Musk PAC, and WinRed”, House Committee on Oversight and Accountability Democrats.

  19. Tweet by Zach Witkoff.

  20. US Senate could vote on revised stablecoin bill by Memorial Day, senators predict”, The Block.

  21. Roll Call Vote 119th Congress - 1st Session On Cloture on the Motion to Proceed (Motion to Invoke Cloture on the Motion to Proceed to S. 1582).

  22. Blockchain Association taps crypto-savvy CFTC commissioner as new CEO before midterm clock runs out”, DL News.

  23. May 12, 2025 letter by Arizona Governor Katie Hobbs.

  24. May 12, 2025 letter by Arizona Governor Katie Hobbs.

  25. Order on motion to reopen filed on May 15, 2025. Document #984 in SEC v. Ripple.

  26. Ripple Labs, Inc., Bradley Garlinghouse, and Christian Larsen” Litigation Release No. 26306, US Securities and Exchange Commission.

  27. Coinbase Form 10-Q for the quarterly period ended March 31, 2025. US Securities and Exchange Commission.

  28. S.E.C. Investigating Whether Coinbase Misstated Its User Numbers”, The New York Times.

  29. Statement by Commissioner Summer K. Mersinger on her Departure from the Commodity Futures Trading Commission”, US Commodity Futures Trading Commission.

  30. 100 Days: Keynote Address by Acting Chairman Caroline D. Pham, 39th ISDA Annual General Meeting”, US Commodity Futures Trading Commission.

  31. Con la lupa puesta en las cuentas de Milei”, Página 12 (in Spanish).

  32. Kidnapped father of French crypto-millionaire rescued”, BBC.

  33. Violent crypto kidnapping cases prompt French interior minister to call emergency meeting”, Politico.

  34. French crypto entrepreneurs promised extra security after violent kidnapping attempts”, Politico.

  35. Elliptic data leads to the shutdown of the two largest online criminal marketplaces of all time”, Elliptic.

  36. Eric Trump pitches family’s ‘American Bitcoin’ mining firm as a Strategy-style proxy bet”, Fortune Crypto.

I have disclosures for my work and writing pertaining to cryptocurrencies.

Social share image is a collage using the Coinbase icon, a photograph of passports (ajay_suresh, CC BY 2.0), and public domain sample drivers licenses.
Loved this post? Consider signing up for a pay-what-you-want subscription or leaving a tip to support Molly White's work, which is entirely funded by readers like you. You can also check out the store!

Read more