REFORM DEFI

“The Lazarus Group, deposited, 228 or or sorry, $270,000,000, worth of, this wrapped, restaked ETH onto the Aave protocol. They get to withdraw $228,000,000 of, wrapped ETH. And now all of a sudden, you have a bunch of bad debt because there's a bunch of, tokens that don't actually exist that have been deposited and a bunch of real money that does exist, which has been taken out by a bad actor.”

“People right now are actually utilizing Arca monitoring these contracts on these, different platforms such as Aave, in order to then withdraw as soon as they receive an alert on chain that somebody's looking to deposit or has deposited... If you wanna mechanistically try to get your money out, you set an alert for any time a single dollar comes into the protocol so that you can be first in line to try to withdraw it.”

“We were able to use that same tactic and actually and and because if we wanted to give ourselves new rules or upgrade the the software of the Nord, we could do that... we can actually make a transaction on Ethereum. We have to wait fifteen minutes, and, and since the hacker wasn't able to move their funds in that fifteen minutes, that transaction went in, and it actually was able to send their funds from the the address they control to, an address that no one controls.”

“In this case, using, the restaked ETH token, via, KelpDAO, essentially, layer zero accused the Lazarus Group of exploiting their decentralized verifier, network, with the way of essentially faking withdrawals of restaked ETH on, Ethereum, which then caused restaked ETH to become undercollateralized. Obviously, then you have a bunch of this token that doesn't actually necessarily even exist. But according to this bridge, it does.”

“Amex answered the three hardest questions in agentic commerce: identity, mandate, and accountability. When the agent screws up, who pays? This is the one that matters most, and crypto has obviously not figured it out. Amex says we will pay if you use our rails and the agent screws up. That is what is going to unlock adoption for agentic commerce—the liability and the accountability—especially because the laws in this space are so uncertain and current laws are built for humans swiping cards rather than AI agents.”

“I was very, very detailed and and and very specific in my book about this process. And I was very grateful to the vice president for being considered and grateful to her for the candid dialogue we had. And about forty eight hours before she picked Tim Walz, I pulled out and made clear that that was not something I was interested in doing. I thought I could serve the good people of Pennsylvania, and and do my best serving here as governor in a job that I absolutely love. So this wasn't about her not picking me because of my faith. This was about me, in the end not being interested in in that job.”

“I actually see the last twenty five years of Chinese economic development as a series of rolling shocks. So in the early naughts, massive current account surplus, undervalued currency, along comes the GFC to replace the demand. China ratchets up investment. 2015, 2016, growth scares in China. The next thing you know, the Chinese are replacing the lost demand with a housing boom. And that has now petered out. So now to replace the lost demand, you have the credit from the state owned commercial financial sector going into state owned enterprises, which keep producing manufacturing, exports that can't be absorbed domestically.”

“We've got a money back guarantee on all of our permits. If we don't get you your permit in time, we'll give you your money back. And fun fact, we've issued 40,000,000 permits during my time as governor. We've only had to issue five refunds, meaning only five of those permits were late.”

“The Lazarus Group, deposited, 228 or or sorry, $270,000,000, worth of, this wrapped, restaked ETH onto the Aave protocol. They get to withdraw $228,000,000 of, wrapped ETH. And now all of a sudden, you have a bunch of bad debt because there's a bunch of, tokens that don't actually exist that have been deposited and a bunch of real money that does exist, which has been taken out by a bad actor.”

“I think accountability is really important and we can't have that unless we're allowed to ask questions. And so we shouldn't be silencing each other every time something like this happens. What about the victims, right? They deserve to know what happened and why and what these teams are going to do about it, what the industry is going to do about it to make sure that it doesn't happen again. We can't just give thoughts and prayers; we need to improve things and ensure accountability for those who lose funds.”

“I'll tell you. Rescuing funds is way easier than redistributing them. That is always the hardest part. ... I'm gonna be very interested in watching this conversation unfold because, yeah, we'll we'll we'll see what happens. ... the devil's really in the details of these things.”

“The day I took office, it took twenty days for a barber to get their permit, to be able to go out and cut hair. Today, you get it same day. You get it within that day. That may seem silly to you, but but it but understand, I called my barber. I asked him. I said, how many heads do you cut a day? He said, about 10 a day. At $20 a pop, $200 a day for two for twenty days. That's real money.”

“The second this hack happened, behind the scenes, they're coordinating with law enforcement. They're coordinating with all the bridges, all the all the people that they could. They're blocking UIs, this address from UIs. They're putting this address on all these lists. And, like, the infrastructure of c o nine one one is really the hero here. Like, I feel like the security council is getting a lot of credit for executing, but the the real execution happened to layer up, and it's c o nine one one.”

“It's not even about smart contract exploits anymore; you can have a million audits and that wasn't the cause of any of these recent attacks. Now it's about all the dependencies around oracles and bridges and collateral and multi-sig configurations or operational security practices. It sort of feels like you're just playing whack-a-mole. North Korea and other illicit actors are just going to keep coming up with new ways, probably greatly aided by AI, to exploit vulnerabilities in the systems surrounding the core code.”

“Probably the same threat that we identified a couple of years ago when we were here even before the new administration took power, which is the fiscal. So projections for the right now, federal debt to in the hands of the public to GDP is around a 100%, which is historically high in peacetime for The United States. But the projections are given current and future fiscal deficits for debt to GDP to go up to a 150% or higher by the middle of the century.”

“In this case, using, the restaked ETH token, via, KelpDAO, essentially, layer zero accused the Lazarus Group of exploiting their decentralized verifier, network, with the way of essentially faking withdrawals of restaked ETH on, Ethereum, which then caused restaked ETH to become undercollateralized. Obviously, then you have a bunch of this token that doesn't actually necessarily even exist. But according to this bridge, it does.”

“The first day I was governor, the first executive order I signed was to do away with the college degree requirement to work for state government. We have 80,000 employees, damn near all. Now you do not have to have a college degree other than, say, the doctors and lawyers and people like that who require advanced degrees. So now, sixty percent six zeros 60% of all of our hires in state government don't have a college degree.”

“It's not even about smart contract exploits anymore; you can have a million audits and that wasn't the cause of any of these recent attacks. Now it's about all the dependencies around oracles and bridges and collateral and multi-sig configurations or operational security practices. It sort of feels like you're just playing whack-a-mole. North Korea and other illicit actors are just going to keep coming up with new ways, probably greatly aided by AI, to exploit vulnerabilities in the systems surrounding the core code.”

“I'll tell you. Rescuing funds is way easier than redistributing them. That is always the hardest part. ... I'm gonna be very interested in watching this conversation unfold because, yeah, we'll we'll we'll see what happens. ... the devil's really in the details of these things.”

“With the IEPA tariffs, my first reaction was, we've had deficits for fifty years. There's no emergency here. And I just told you there was no fundamental international payments problem. I just went through how the market functioning right now is inconsistent with the language of 122 as I think about it. So to me, why isn't 122 on its face ridiculous and out of bounds?”

“The Ninth Circuit heard this, and the other interesting thing is all three judges on this three-judge panel were actually appointed by Trump, but they sounded openly skeptical of the CFTC's federal preemption argument. If we have the Ninth Circuit rule against the prediction markets, and another circuit rule for them, that makes it way more likely that the Supreme Court is going to take on this issue. We’re likely looking at a 2027 or 2028 timeline before we have a final answer on whether these are considered gambling or legal contracts.”

“Amex answered the three hardest questions in agentic commerce: identity, mandate, and accountability. When the agent screws up, who pays? This is the one that matters most, and crypto has obviously not figured it out. Amex says we will pay if you use our rails and the agent screws up. That is what is going to unlock adoption for agentic commerce—the liability and the accountability—especially because the laws in this space are so uncertain and current laws are built for humans swiping cards rather than AI agents.”

“Also, I see stable coins basically as a pass through mechanism for crypto. Crypto to me is about criminality, money laundering. Tether is the largest stablecoin in the world. It's in El Salvador. Who knows what it's invested in and whatnot? I think this could end unhappily.”

“After this was actually withdrawn, and it started getting moved by, what we later discovered was the Lazarus Group, all of those tokens then moved onto, Thorchain or at least a significant portion of it once it was actually, taken out from from AVE. It was then taken and sort of, laundered, using Thorchain. And so when you get very large Thorchain deposits like that, it's very typical that these are, proceeds of a crime.”

“This is a core tenant of blockchain technology that we just don't talk about. Blockchain technology is open, modifiable. It's it's it's, it's just code, right, running on servers and social consensus. And that social consensus piece is the thing that destroys the idea of immutability. It destroys the idea of, like, you know, complete, agency. I mean, it is it does have agency, but it's like, it can be persuaded.”

“The Ninth Circuit heard this, and the other interesting thing is all three judges on this three-judge panel were actually appointed by Trump, but they sounded openly skeptical of the CFTC's federal preemption argument. If we have the Ninth Circuit rule against the prediction markets, and another circuit rule for them, that makes it way more likely that the Supreme Court is going to take on this issue. We’re likely looking at a 2027 or 2028 timeline before we have a final answer on whether these are considered gambling or legal contracts.”

“After this was actually withdrawn, and it started getting moved by, what we later discovered was the Lazarus Group, all of those tokens then moved onto, Thorchain or at least a significant portion of it once it was actually, taken out from from AVE. It was then taken and sort of, laundered, using Thorchain. And so when you get very large Thorchain deposits like that, it's very typical that these are, proceeds of a crime.”

“I think accountability is really important and we can't have that unless we're allowed to ask questions. And so we shouldn't be silencing each other every time something like this happens. What about the victims, right? They deserve to know what happened and why and what these teams are going to do about it, what the industry is going to do about it to make sure that it doesn't happen again. We can't just give thoughts and prayers; we need to improve things and ensure accountability for those who lose funds.”

“On the issue of Israel and The Middle East and the war in Iran and Gaza, there's a lot of nuance there. I'm happy to answer your questions on that, but I think on the issue of antisemitism, we have got to be in a place where we universally condemn it. And I think what you're seeing from some folks on the right and some folks on the left is they'll only call it out if it's said by a political opponent or someone they disagree with.”

“Arbitrum deciding to freeze funds in response to this exploit creates a massive precedent that the industry needs to grapple with. If Arbitrum or any layer two can unilaterally intervene in smart contracts because of a hack, you have to ask yourself what happens when a government demands that same capability. We are trading away the permissionless nature of crypto for a false sense of security that we might regret later.”

“We have to ask ourselves if we should start thinking more carefully about constraints. I think one thing that we conflate a lot in crypto is decentralization and permissionlessness, because they're not the same thing. Even just talking about permissionlessness, people usually assume you mean KYC, but a protocol can restrict what kinds of assets or collateral it will allow, or it can impose rate limits. If we even want to survive as an industry and a technology, we need to really seriously think about the trade-offs between crypto's core values and keeping users safe.”

“I actually think the Congress of the United States, the leadership there, I mean, they are frankly, kinda sad, pathetic people. And let me explain why. Right? You put, what's his name? Johnson in as as speaker, and he's effectively a rubber stamp for anything Donald Trump wants. And by the way, whether you agree with Trump or not, I think you can agree that you'd like your member of congress to at least meet the burdens that they have on them in the constitution of The United States, which is to be a check, which is to be a a separate branch of government.”

“I do think it is important that we acknowledge Donald Trump has injected chaos and corruption into everything he touched. And I think it's important for me, for other Democratic leaders in this country, to be able to show what calm, competent governance can actually deliver for people. That's what I'm gonna be talking about in these midterms as I see reelection. I think it is important to paint an alternative picture to the chaos Donald Trump has created, one where you can actually grow the economy.”

“If you have a large portion of the ecosystem, in this case, all of Layer 0's users, if you have something like 47% of them going with this one-of-one verifier setup, it starts to look less like an individualized choice, and more like actually standard architecture, or even the industry norm. I think what courts will eventually have to wrestle with is, when is it not enough to say, oh, we just provided the options, or we provided the tools? Defaults matter, and the options you give actually shape user behavior.”

“AI deflation is a nice economic story for the aggregate, but it hides the distribution problem. Even if AI drives down the cost of goods and services, we are looking at a future of extreme structural inequality because the owners of the AI capital capture all the gains. The technology might make things cheaper, but it will make the divide between those who own the tech and those who are displaced by it much, much wider.”

“Well, they are obsessed with what they call monetary sovereignty. And it probably reflects long bristling resentments at the dominance of the dollar. I had the dubious pleasure of working on, I believe it was a g seven working group when Facebook first floated its idea for a the Libra stablecoin back in 2019. That got many members of the g seven very hot and bothered, very concerned.”

“We were able to use that same tactic and actually and and because if we wanted to give ourselves new rules or upgrade the the software of the Nord, we could do that... we can actually make a transaction on Ethereum. We have to wait fifteen minutes, and, and since the hacker wasn't able to move their funds in that fifteen minutes, that transaction went in, and it actually was able to send their funds from the the address they control to, an address that no one controls.”

“Here as governor, I've maintained a similar focus through my office of inspector general, rooting out fraud, through making sure, by the way, we're not fronting you money when you're going out and providing, say, human services. You have to submit for reimbursements, and you've gotta make sure you prove that you did that work. When we find that someone took advantage of the system, we're referring them to prosecutors. I'm proud of the fact that we've had more Medicaid fraud prosecutions in Pennsylvania, I think any other state.”

“The interesting thing that happened after April 2 was that the dollar, which previously had always been a flight to safety currency rising during times of financial turbulence, actually fell instead. In the four years before Liberation Day, on average, the dollar had always risen in response to increases in the VIX. But for several months after Liberation Day, that sensitivity turned negative. When volatility went up, the dollar fell, making the dollar less like a safe haven currency and more like an emerging market style risk on currency.”

“We also noted that if the dollar were to be dislodged, it would be not so much because of competition from Europe or China, but because of bad economic policies in The US. And if that were the case, then the loss of dollar dominance would be the worst of our problems. So fast forward to today and the article that Mark and I wrote recently, the list of bad policies has gotten longer, and it's actually happening.”

“As it relates to the war, which you also asked about in in your question, I mean, this was a war of choice. The president never defined the objectives. It is clear he doesn't know how the hell to get out of this. If you don't know why you're going in, you don't know how the hell to get out. You don't know how to instruct the military, our brave military, including those 13 souls who did not make it home to their families because they went on a mission that the president never defined.”

“Steve and I both will admit there's no precise way to estimate how much currency is undervalued or not. And when we do, Steve and I are probably thinking about the trade weighted currency. But for a bilateral pair, the idea of a bilateral equilibrium exchange rate's kinda ridiculous. Countries do follow bad harmful practices at time. But on balance, I just think using trade tools to tackle currency perceived woes is a sketchy idea.”

“Stablecoins can be helpful, but they're not a panacea. In a context where our termites had been working diligently on the foundations of the house of dollar dominance, leading it to become precarious and crash, it's unclear that stablecoins would be the dollar savior. In this adverse scenario where the dollar is becoming more precarious in terms of its role and we look to stablecoin for rescue, at that point, stablecoins themselves might be a very viable entity in financial markets, but people would presumably stop pegging them to the dollar and start pegging them to other currencies.”

“The KelpDAO exploit is just the latest reminder that DeFi is nowhere near the maturity level we pretend it is. When you have a 300 million dollar hack of this scale, it reveals deep-seated security vulnerabilities that exist in these complex composable systems. You realize that we are still building on top of very fragile foundations where a single line of bad code or a bridge failure wipes out years of community progress.”

“On the exorbitant principle privilege issue, I agree with Steve. I think Americans are shielded from foreign exchange risk, which is also advantage. This notion that one hears from all over the world that The US has some exorbitant privilege is overrated.”

“And what does that what does that person feel after they try and get their permit, they can't get it. They try and open their small business, it won't work? They get frustrated. By the way, they get pissed. And then not only are they pissed at that agency, or that governor, or they're pissed at, you know, that state government, they also grow and this is an important point a little more cynical about government, and a little bit more frustrated about the process. And when that happens, I think that that creates more distrust in our system. And it creates more opportunity for, I think, frankly, dark voices on extremes to come in and take advantage of people.”

“People right now are actually utilizing Arca monitoring these contracts on these, different platforms such as Aave, in order to then withdraw as soon as they receive an alert on chain that somebody's looking to deposit or has deposited... If you wanna mechanistically try to get your money out, you set an alert for any time a single dollar comes into the protocol so that you can be first in line to try to withdraw it.”

“We have to ask ourselves if we should start thinking more carefully about constraints. I think one thing that we conflate a lot in crypto is decentralization and permissionlessness, because they're not the same thing. Even just talking about permissionlessness, people usually assume you mean KYC, but a protocol can restrict what kinds of assets or collateral it will allow, or it can impose rate limits. If we even want to survive as an industry and a technology, we need to really seriously think about the trade-offs between crypto's core values and keeping users safe.”

“Tether just announced they helped freeze over 344 million dollars of USDT in coordination with OFAC and law enforcement. This is not the first time, but the scale and the speed of this coordination show that Tether has become a primary lever for institutional oversight. It is a reminder that even the most stable parts of the crypto ecosystem are now fully integrated into the existing regulatory apparatus of the state.”

“If you have a large portion of the ecosystem, in this case, all of Layer 0's users, if you have something like 47% of them going with this one-of-one verifier setup, it starts to look less like an individualized choice, and more like actually standard architecture, or even the industry norm. I think what courts will eventually have to wrestle with is, when is it not enough to say, oh, we just provided the options, or we provided the tools? Defaults matter, and the options you give actually shape user behavior.”

“The second this hack happened, behind the scenes, they're coordinating with law enforcement. They're coordinating with all the bridges, all the all the people that they could. They're blocking UIs, this address from UIs. They're putting this address on all these lists. And, like, the infrastructure of c o nine one one is really the hero here. Like, I feel like the security council is getting a lot of credit for executing, but the the real execution happened to layer up, and it's c o nine one one.”

“This is a core tenant of blockchain technology that we just don't talk about. Blockchain technology is open, modifiable. It's it's it's, it's just code, right, running on servers and social consensus. And that social consensus piece is the thing that destroys the idea of immutability. It destroys the idea of, like, you know, complete, agency. I mean, it is it does have agency, but it's like, it can be persuaded.”