The $22 Billion Spreadsheet Problem
America keeps most of its gold reserves at Fort Knox for one reason: The safekeeping of valuable assets requires professional custody.
The same logic applies when the Department of Justice seizes cash, jewelry, luxury vehicles, or any criminal proceeds. From seizure to disposal, DOJ personnel must receive, document, and secure assets in accordance with the law and regulations. In practice, that custodial role falls to the U.S. Marshals Service, which manages assets on behalf of the federal justice system.
If an outside tip exposed that tens of millions in gold had vanished from Fort Knox, there would be a national uproar. That’s why a recent report should worry Americans, regardless of their views on cryptocurrency. On January 25th, ZachXBT, a prominent blockchain investigator, alleged on X that over $40 million in cryptocurrency had been stolen from government-controlled wallets in 2025. While the idea of taking a lead from an anonymous cartoon platypus on X may seem like a stretch, ZachXBT is a renowned investigator who has worked with law enforcement agencies worldwide, including the U.S. Secret Service. Since beginning his hobbyist investigations in 2021, his work has directly led to the recovery of approximately $210 million in crypto and assisted in the seizure of another $225 million.
In his post, ZachXBT claims that John Daghita, allegedly the son of the president and CEO of Command Services & Support (CMDSS), was linked to the theft. CMDSS, a Virginia-based technology firm, has been awarded two contracts to assist the U.S. Marshals Service in managing and disposing of seized digital assets, totaling $7.8 million from 2024 to 2026. ZachXBT alleges Daghita flaunted the stolen funds on the messaging app Telegram, exposing his identity and linking him to the funds. While no charges have been filed, the Marshals Service has confirmed it is investigating these claims. (CMDSS did not respond to my requests to comment for this article.)
Unlike tangible assets such as gold bars or cars, digital assets are held in online cryptographic wallets. These crypto wallets are controlled by “private keys,” which are alphanumeric master passwords for each wallet. When a private key is compromised, funds can be instantly and irreversibly transferred to another wallet anywhere in the world.
Those who follow the industry know how common it is to make mistakes when using crypto. Accidentally sending crypto to the wrong wallet, using the wrong blockchain network, or even forgetting a private key are simple errors that can cost individuals anywhere from pocket change to millions. However, when the government does the same, losses are exponentially larger.
This isn’t a new problem. In 2022, the DOJ’s Office of Inspector General (OIG) audit of the U.S. Marshals’ crypto management found “…deficiencies [that] risk an inaccurate accounting of cryptocurrency in USMS custody and the potential for a loss of assets.”
The audit found that the USMS relies on “supplemental spreadsheets”, such as Excel spreadsheets, because the DOJ’s Consolidated Asset Tracking System lacks the functionality to manage crypto. The Inspector General found that there were already inaccuracies between assets in these “supplemental spreadsheets” and the DOJ’s Consolidated Asset Tracking System. Even more concerning, auditors found that these spreadsheets “could be edited or deleted without a record,” increasing the risk of mismanagement or theft.
Any custody failure represents an eleven-figure problem. Estimates place wallets under U.S. government custody at tens of billions of dollars’ worth of digital assets at today’s prices. Arkham Intelligence, a blockchain analytics firm, estimates that government-controlled wallet holdings are around $22 billion. Those numbers change with market fluctuations, but the scope of these holdings cannot be ignored.
The OIG noted USMS was “actively seeking to outsource the management of seized cryptocurrency,” but warned that without documented policies and procedures, the USMS “lacks an adequate foundation for building performance requirements” for a crypto services contract. The report offered seven recommendations, most of which centered on preventing custody from being treated as a spreadsheet problem. Simply put, federal agencies are securing billions of dollars using data entry methods that would be unacceptable even for a small business. These security lapses were disturbing in 2022; today, they are catastrophic. As the government’s holdings grow in volume and market value, they are a ripe target for sophisticated bad actors.
What’s publicly known about these agency holdings is likely just part of the problem. The government has been seizing crypto assets for over a decade. The U.S. Marshals first auctioned 29,657 bitcoins seized from the Silk Road drug marketplace for roughly $19 million in 2014, when the asset was widely dismissed as an experimental novelty. Since then, Bitcoin’s price has increased more than 100-fold, but the tools and security procedures USMS uses to manage the stockpile have remained unchanged.
Historically, the government has treated the disposal of seized crypto like any other property: hold it and sell it once its legal status is clear, often through public auctions. However, in March, President Donald Trump’s Executive Order #14233, titled “Establishment of the Strategic Bitcoin Reserve and United States Digital Asset Stockpile,” changed this timeline as well as the federal government’s relationship to cryptocurrency.
EO 14233 directs the Treasury Department to establish custodial accounts for a Strategic Bitcoin Reserve and a U.S. Digital Asset Stockpile. It also instructs agencies to review their authority to transfer government-held digital assets into those Treasury-controlled accounts. Crucially, it states that any “Government BTC” deposited into the Strategic Bitcoin Reserve “shall not be sold.”
A year later, one might assume that EO 14233 would have resolved the custodial asset-security issues raised by the Inspector General in 2022. It hasn’t. While the EO technically transferred control of these assets to the Treasury, no transfers have occurred. As White House Crypto Council Director Patrick J. Witt noted on the podcast “Crypto In America” in January, there are “obscure legal provisions” delaying the turnover, leaving some agencies able to transfer their digital assets while others remain restricted. In the meantime, control of the assets remains scattered across agencies, many of which continue to use the deficient security procedures that OIG flagged four years ago.
This delay makes an already dangerous administrative limbo even more worrisome. By transforming the U.S. Marshals from a temporary clearinghouse into a multi-year custodian while these legal debates drag on, EO 14233 lengthened the window of risk.
But the greatest danger is the executive order’s impermanence. Because a Crypto Strategic Reserve was established by executive order rather than by statute, it can be revoked by future administrations. Even if EO 14233 is fully implemented and the security and control of government digital assets are consolidated, there’s always the looming risk of a chaotic reversal, in which billions in assets must be abruptly transferred back to ill-equipped, unprepared agencies.
To fix this, Congress should make the Treasury Department the custodian of federally owned digital assets. This should include forfeited assets and those in active cases. Many assets seized while a case is pending require storage for months or years. Ideally, the Treasury should subcontract with a qualified institutional custodian, such as a prime broker, whose fiduciary business already includes the secure custody of digital assets under rigorous, audited controls. These brokers use industry-standard security practices so that no single person has complete access to the private keys.
Custody of this size would not be novel. The proof is the U.S. spot Bitcoin ETF market. In just a year, regulated funds have accumulated over a million bitcoins, held on behalf of millions of retail and institutional investors. Whatever one thinks of Bitcoin, the private sector already has “Fort Knox” level security for it. ETF issuers rely on qualified custodians that use a variety of systems, including geographic diversity, multi-person authorization, controls, and redundancies to prevent theft or loss. If Wall Street can successfully establish custody of this asset class at scale, it is a dereliction of duty for the federal government not to implement these same systems internally.
Finally, the Treasury must publicly disclose the contents of all government-held digital asset wallets. Because blockchains are public ledgers, the Treasury Department could publish government-linked wallet addresses, allowing citizens to verify balances and transfers without risking wallet security. That won’t prevent theft by itself, but it would make any attempts to conceal theft considerably harder, as anyone with internet access could monitor asset movement.
Securing these assets is not a partisan issue. Whether one views cryptocurrency as a key part of the future or a speculative bubble, everyone should agree that $22 billion in taxpayer-owned assets should not be managed via outdated Excel sheets. This requires a narrow, common-sense bill to move the nation’s digital holdings out of the dark ages and into a modern vault.
The post The $22 Billion Spreadsheet Problem appeared first on Washington Monthly.