And go away, so they say. Yet, not all of us heed that advice, do we?
Story One
Clarity is coming…now what?
If you spent any time on CT last week, it’d have been impossible for you to miss all those posts saying:
For the longest time, crypto could hide its lack of adoption behind the lack of regulatory frameworks.
Those days are over, as the US is set to pass the so-called Clarity Act. This federal bill aims to create a market structure for digital assets and answers the one question that has haunted token projects ever since: is it a security?
After passing the House in July last year, the draft has been sitting in the Senate Committee since September 2025, highlighting once again the speed at which the wheels of bureaucracy move. Only in May 2026 did the Senate reach a conclusion, with a panel approving the act. Now what?
The act itself will bring the much-desired clarity for some, at the cost of imposing stricter surveillance and AML requirements.
While some celebrate that we finally know what is and isn’t a security, others deem it the biggest financial surveillance expansion since the PATRIOT Act.
Takeaway: Once again, we should be careful what we wish for. While regulatory frameworks have been in high demand since crypto began, they also carry the baggage of the traditional financial system, namely KYC, AML, and sanctions. We’re purchasing clarity at the cost of control.
Story Two
Exploits continue until morale improves
April was a great month for hackers, and May is trying to follow in its footsteps. Once again, it was onchain sleuth ZachXBT, who flagged an ongoing exploit. This time, it was the (in)famous cross-chain liquidity protocol Thorchain that fell victim to an attack draining it of over $10 million in assets.
Thanks to a bug, attackers could trick the system into treating incoming deposits as outgoing withdrawals, thereby approving the transfer of real funds to the attackers’ wallet.
Tragically, the team had already written a patch for the flaw, but it failed in their automated testing and deployment system, leaving the vulnerability in. To deal with the exploit, the network went into hibernation, pausing all activity until further notice.
What is somewhat ironic about this hack is that Thorchain has become the de facto favorite place for attackers to route stolen funds on a large scale. Yet even hackers’ favorite laundromat is not safe from exploits.
Takeaway: There’s probably a lesson here on how you should properly review your automation workflows. Aside from that, I’d say Thorchain accumulated enough bad karma to warrant such an exploit.
Story Three
EF employees do walk away
Since the beginning of this year, the Ethereum Foundation (EF) has not just been selling ETH, they’ve also been bleeding talent. This week alone, two more researchers announced their departure on X.
They are only the last in a long line of key personnel quitting, which includes all three Ethereum protocol leads.
Does that mean the EF is over?
Probably not, yet the timing, as CT savants point out, is certainly suspicious as the departures fall after a controversy erupted earlier in the spring over the EF mandate.
The mandate, “part constitution, part manifesto,” was meant to reaffirm the EF’s stance as a neutral steward of the ecosystem. However, its aesthetic and wording choices were clearly inspired by Milady (a controversial NFT project), sparking debate over whether one NFT community had an outsized impact.
Van Epps even called the association “baffling” shortly before quitting, suggesting that EF employees either “sign or quit”. A meme that spread like wildfire.
Takeaway: All exiteers framed their departures as personal moves. Yet referencing Milady's stylistics in a document outlining a supposed credible neutral stance was probably not the way (not that I’m a PR professional). Anyway, the good news is that perhaps the fewer people there are at the EF, the less ETH they will sell.
Fact of the Week: No fun fact this week. This is the last Onchain newsletter I’m writing, as I too have decided to walk away from crypto for a bit. It’s been great fun, and thanks a lot for reading! May your coins go to the moon one day.
Naomi for CoinJar
Don’t invest unless you’re prepared to lose all the money you invest. This is a high‑risk investment and you should not expect to be protected if something goes wrong. Take 2 mins to learn more.
Cryptoassets traded on CoinJar UK Limited are largely unregulated in the UK, and you are unable to access the Financial Service Compensation Scheme or the Financial Ombudsman Service. We use third party banking, safekeeping and payment providers, and the failure of any of these providers could also lead to a loss of your assets. We recommend you obtain financial advice before making a decision to use your credit card to purchase cryptoassets or to invest in cryptoassets. Capital Gains Tax may be payable on profits.
CoinJar’s digital currency exchange services are operated in the United Kingdom by CoinJar UK Limited (company number 8905988), registered by the Financial Conduct Authority as a Cryptoasset Exchange Provider and Custodian Wallet Provider in the United Kingdom under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, as amended (Firm Reference No. 928767).
