Problem Summary: The Ethereum mainnet address used by ckBridge for USDC transfers has been blacklisted by Circle. This is preventing all USDC withdrawals from Internet Computer (ICP) to Ethereum from completing successfully.
Error message: “Blacklistable: account is blacklisted”
Urgent Action Required: This is a critical issue affecting bridge functionality and user funds. Immediate investigation and remediation are needed.
Why we are building a native stablecoin. I remember a community member raising such an issue when DFINITY was gathering feedback on the ckUSDC……. but it has finally happened as he suggested.An important lesson to learn. In future we shall diversify all our collateral of DUSD and not to rely on on the cks
Fredrich ~doxa
_ _
Hello community, we are mobilising for your support during doxaUSD SNS. Lets all support our #native stablecoin
Obviously they want to extort Dfinity to pay them a fee. Its pay to play. Unfortunately for us our TVL is next to nothing and paying the fee is not worth it.
TVL being low is not the problem, it’s a symptom of the problem
Regarding the fee’, if not worth it why do you think other blockchains still pay for it?
If a civil case related to some FX services and unregulated gambling products makes Circle pull the plug of the addresses governing entire blockchains Ethereum, Polygon,all other mayor smart contract blockchains would be black listed by Circle
If you argument is ‘it was unknown service wallets’, which I suspect we will hear, I would still stick to my argument. Imagine you work at Circle and you have a backend which allows white listening addresses, and black listening.
I have not used the circle system, but I am pretty sure their dev did not build it in such a way that their system allowed a user to easily blacklist an address previously whitelisted.
If this happened to Ethereum it could cause billion dollar loss.
You cna make the argument that “ICP was not white listed because they never paid for that”,
but then, dont you think they actually do very careful checks before blacklisting an entire blockchain, given the risk of financial loss and lawsuit.
I believe Circle is sending a message, and I ‘believe’ their systems and processes would have 100% hindered this from happening if IC was whitelisted in the first place.
Also… pretty sure the guys who do the black listening do a minimum of due diligence before clicking the button.
This is the kind of incident that forces a more important conversation than “bridge UX.”
If the final exit path depends on a centralized issuer’s permission layer, then the system still has a structural choke point.
The real design question is how to build execution, internal liquidity, and asset routing in a way that degrades gracefully when one external rail fails.
Civil/legal case likely tied to AML concerns (forex, HYIP, gambling activity)
Circle froze ~16 USD Coin addresses
Included directly identified service wallets
Expanded the list using heuristic clustering (transaction tracing)
ckUSDC bridge (on Internet Computer) was incorrectly included
Misclassified as “unknown service” (no prior labeling or attribution)
Likely insufficient or no OSINT before blacklisting
Overreach caused by automated/compliance heuristics
Possible failure to follow internal review procedures
Affected parties flagged the issue
Rapid internal review by Circle
Non-malicious / infrastructure addresses were unfrozen
Final outcome: valid targets remained frozen, false positives were reversed
Alternative Theory (MoreSpeculative)
Circle uses tools like Chainalysis (and others for b ackup), which are designed to identify major infrastructure
BlockchainAnalysis software typically classify entities (name, organization, type, risk, category)
DFINITY Foundation does not have a formal integration with Circle but still leverages USDC liquidity via bridging
The ICP ecosystem builds DeFi around ckUSDC and presents it as a primary stablecoin without a direct partnership (lacking the normal circle quality and compliance procedures)
This creates a perceived imbalance: benefiting from USDC without formal alignment with the issuer
Circle retains unilateral freeze control over USDC at the contract level
The freeze could be interpreted as a demonstration of that control over indirect users
Inclusion of ckUSDC may be seen as targeting visible, non-integrated infrastructure
Possible implicit message: using USDC without cooperation carries operational risk
Rapid unfreeze helps reduce backlash while still demonstrating capability
Could act as a signal to other chains, bridges, and DeFi protocols
Reinforces the idea that USDC functions as permissioned paid financial infrastructure
What Could Have Prevented This
Formal integration or partnership between DFINITY Foundation and Circle
Official whitelisting of the ckUSDC bridge in circles internal homemade backend system
Proper labeling in Chainalysis and similar analytics platforms
Publicly registered and verified bridge address metadata
Clear identification in blockchain explorers
Mandatory manual review before freezing high-value or infrastructure addresses
Clear separation between user wallets and protocol/bridge contracts in clustering logic
Stronger OSINT and attribution processes prior to enforcement actions
Reduced reliance on automated heuristics without human validation
This particular mistake was critical, the explanation of unknown service wallet from a legal case is not sufficient, especially given how fast it was reverted. We know what licenses and what certificates they have, based on that we can do qualified guess work on how their policies and procedures may look, they been around for over ten years and is highly regulated, so its not random.
Blacklist systems functionality is also very common in blockchain, many types of services use them, so we do not have to speculate wildly about how they may be built or how they work, and what safe guards are built in.
This happening (no matter how unlikely it was) had been predicted in this forum not long ago, and at that point in time it was predicted it would happen due no non-payment. Therefore, we should not immediately dismiss non-payment as implausible part of the explanation.
Important takeaway:
If there was illicit activity taking place using ckUSDC, if there was a ‘native integration’ Circle could freeze granularly the affected high risk wallets, the risk now remains that a court order is issued and Circle freezes the underlying address all ckUSDC relies on.
It is difficult for institutional builders to bring high value infrastructure to ICP when you have this obvious centralization concerns. I hope this can be an eye opener for Dfinity and a call to action to start taking this serious and look to increase the value of the platform so it can be a bigger part of the overall extremely valuable blockchain economy.
