The $40M Federal Crypto Custody Scandal: How a Contractor's Son Exposed the Government's Digital Asset Security Crisis
A bragging match on Telegram between two cybercriminals just exposed one of the most embarrassing security failures in U.S. government history — and it has nothing to do with foreign hackers or sophisticated nation-state attacks. The U.S. Marshals Service, the federal agency entrusted with safeguarding billions of dollars in seized cryptocurrency, is now investigating allegations that a contractor's son siphoned over $40 million from government wallets. The case raises a question that should alarm every taxpayer and crypto stakeholder: if the government cannot secure its own digital vaults, what does that mean for the Strategic Bitcoin Reserve?
The "Band for Band" That Broke the Case
The scandal unraveled in the most absurd way imaginable. In January 2026, blockchain investigator ZachXBT flagged a recorded Telegram argument — a so-called "band for band" — where two individuals competed to prove who controlled more cryptocurrency. One participant, identified as John "Lick" Daghita, shared his screen during the exchange, revealing an Exodus wallet holding approximately $2.3 million on its TRON address. He then transferred $6.7 million to an Ethereum address in real time, apparently to one-up his rival.
ZachXBT traced both addresses and confirmed that Daghita controlled them. Following the money trail backward, the investigator linked the funds to roughly $90 million in crypto seized by the U.S. government during 2024 and 2025. At least $23 million was directly traceable to government seizure wallets, including $24.9 million transferred from a U.S. government address tied to assets confiscated after the infamous 2016 Bitfinex hack.
The kicker? John Daghita is the son of Dean Daghita, president of Command Services & Support (CMDSS) — the very company the U.S. Marshals Service contracted in October 2024 to manage and dispose of seized cryptocurrency.
Inside the CMDSS Contract
CMDSS, a Haymarket, Virginia-based firm, won a competitive procurement contract to handle "Class 2-4" seized cryptocurrencies — tokens not supported by mainstream centralized exchanges that require specialized custody expertise. The contract gave CMDSS access to sensitive government-controlled wallets holding assets confiscated in federal criminal investigations.
The contract award was not without controversy. Wave Digital Assets, a competing bidder, filed a formal protest with the Government Accountability Office (GAO), alleging that CMDSS lacked proper licensing with both the Securities and Exchange Commission and the Financial Industry Regulatory Authority. Wave also flagged a potential conflict of interest: a former U.S. Marshals Service agent had reportedly joined CMDSS. Despite these objections, the GAO denied the protest, and CMDSS retained the contract.
It remains unclear how John Daghita allegedly obtained access to the government wallets — including whether that access came through his father's position at the company. What is clear is that the oversight mechanisms that should have prevented insider theft failed completely.
A Systemic Problem, Not an Isolated Incident
The Daghita scandal is not an anomaly. It is the most visible symptom of a structural crisis in how the U.S. government manages seized digital assets.
Fragmented Oversight Across Agencies
The federal government's crypto holdings are scattered across multiple agencies — the DOJ, FBI, IRS Criminal Investigation, DEA, Secret Service, Homeland Security Investigations, and the U.S. Marshals Service all handle seized digital assets with varying levels of expertise and security protocols. The White House itself has acknowledged this fragmented approach, noting that "options to maximize value and security of crypto holdings have been left unexplored."
Spreadsheet-Level Tracking for Billion-Dollar Assets
Internal audits and reporting have repeatedly shown that the Marshals Service struggles to provide clear accounting of exactly how much crypto it holds at any given time. The agency has relied on spreadsheet-based inventory tracking for assets worth billions of dollars — a system that would be unacceptable at any institutional custodian in the private sector.
The scale of the problem is significant. U.S. government Bitcoin holdings are estimated between 198,000 and 328,000 BTC, depending on whether one counts only forfeited assets or includes those still in legal proceedings. At current prices, that represents tens of billions of dollars managed with infrastructure that was never designed for blockchain-based assets.
Inadequate Vetting and Access Controls
The CMDSS contract highlights the lack of rigorous vetting standards for third-party contractors handling government crypto. While private custodians like BitGo and Coinbase Custody employ multi-signature wallets, cold storage with hardware security modules (HSMs), and multi-party computation (MPC) to eliminate single points of failure, the government's approach to contractor security appears far less robust.
The fact that a contractor's family member could allegedly access and drain government wallets suggests a fundamental absence of segregation-of-duties controls, multi-signature authorization requirements, and real-time transaction monitoring that are standard practice in institutional crypto custody.
The Strategic Bitcoin Reserve Complication
The timing of this scandal could not be worse for the Trump administration's Strategic Bitcoin Reserve initiative.
Established by executive order in March 2025, the Strategic Bitcoin Reserve is capitalized exclusively with Bitcoin forfeited through criminal and civil asset forfeiture proceedings. The government has explicitly committed to holding — not selling — these assets as a long-term reserve. Treasury Secretary Bessent has confirmed that no BTC would be sold and that further seizures could expand the reserve over time.
But if the government cannot prevent theft from the very wallets that feed the Strategic Bitcoin Reserve, the initiative's credibility is fundamentally compromised. The Daghita case involves funds tied to the Bitfinex hack seizure — precisely the kind of high-profile forfeiture that is supposed to strengthen the reserve.
The irony is compounded by the fact that the government has already sold approximately 195,000 bitcoin over the past decade via auction, generating just $366 million. Those same coins would be worth roughly $17 billion today. Now, the government is not only failing to hold assets strategically — it is apparently failing to prevent them from being stolen.
What Proper Government Crypto Custody Should Look Like
The private sector has largely solved the institutional crypto custody problem. The blockchain custody market was valued at $708 billion in 2025 and is projected to reach $1.59 trillion by 2030. The government needs to adopt — not reinvent — proven solutions.
Multi-Signature and MPC Architecture
Government wallets should require multiple independent signatures for any transaction, with key fragments distributed across geographically separated systems using multi-party computation. No single individual — and certainly no contractor's family member — should be able to unilaterally move funds.
Institutional-Grade Custodians
The Office of the Comptroller of the Currency (OCC) has already granted federal trust charters to firms like BitGo, Circle, Fidelity, Paxos, and Ripple for digital asset custody. The government should be using these licensed, regulated custodians rather than contracting with firms that competitors allege lack basic financial licensing.
Real-Time On-Chain Monitoring
Government wallets should be subject to continuous blockchain analytics monitoring, with automated alerts for any unauthorized transactions. The fact that ZachXBT — a private citizen — discovered this theft before the government did underscores the inadequacy of current monitoring.
Centralized Asset Management
Rather than scattering crypto across multiple agencies with varying security standards, the government needs a centralized custody framework with standardized security protocols, regular audits, and clear chains of accountability.
The Broader Implications
The Daghita scandal arrives at a critical juncture for government cryptocurrency policy. Several U.S. states — including New Hampshire, Texas, and Arizona — are establishing their own Bitcoin reserves. If the federal government cannot demonstrate competent custody of digital assets, it undermines confidence in these programs at every level.
The case also highlights the essential role of independent blockchain investigators like ZachXBT in holding powerful institutions accountable. Government oversight failed here. Traditional auditing failed. The theft was caught because a young man could not resist boasting about his alleged crimes on Telegram, and a blockchain detective was paying attention.
Patrick Witt, director of the White House Crypto Council, acknowledged the situation with a post on X stating he was "on it." But the real question is not whether this particular case gets resolved — it is whether the government will finally treat digital asset custody with the seriousness it demands.
As of late January 2026, no formal charges have been announced against John Daghita. CMDSS has not publicly commented, and its website and social media pages have been taken offline. The U.S. Marshals Service has confirmed the investigation is underway but declined further comment.
The $40 million question is not just about missing funds. It is about whether the United States government can be trusted to hold the digital assets of the future — or whether it will continue outsourcing that responsibility to the lowest bidder.
BlockEden.xyz delivers enterprise-grade blockchain infrastructure with multi-layered security and transparent on-chain operations — because in the digital asset era, custody and security are everything. Explore our API marketplace to build on infrastructure you can trust.