Counterparty Insights #2

Insights from This Week's Crypto Legal & Infrastructure Providers

Welcome back to our weekly provider roundup, where we highlight companies shaping the infrastructure of digital assets — from custody to analytics — all listed on our platform Counterparty Catalogue. This week’s edition includes insights from their team and ours.

---

DigOpp Insights: Our Industry Loves the Blanket Term “Hack”

That label makes it sound like unmitigated losses all come from code defects. But dig a little deeper and most of the damage is operational: bad custody practices, busted business processes, outright insolvency.

Even the catchall tag “access control failure” doesn’t tell a risk manager what actually broke. Case in point: every incident below is stamped “access control” on De.Fi and Web3IsGoingGreat (both of these are great databases).

Let’s take a look at what really happened this month:

• UPCX: ~ $70 M lost (Apr 1)

  • Key leaks allowed an attacker to push an upgrade.

  • Cause: Key custody failure.

• KiloEx: ~ $7.5 M lost (Apr 14)

  • Exploited public function calls and oracle manipulation.

  • Cause: Code logic / access control bug.

• ZKSync: ~ $5 M lost (Apr 15)

  • Operator key compromised, leading to unauthorized transfers.

  • Cause: Key custody failure.

What Jumps Out

Two of three incidents — and 91 % of the value lost — came down to mishandled private keys.

More Thoughts

These aren’t just DeFi risks. Hedge funds, prime brokers, OTC desks, allocators — anyone parking capital in digital asset operations inherits the same attack surface.

We’re tracking where these losses are piling up and how they can be mitigated. If you’re concerned with custody and operational risk (and we strongly believe the market should be), reach out — we’re happy to share and discuss the data.

---

Spotlights

Solstice Law

Learn more on Counterparty Catalogue → Solstice Law’s Profile

Solstice Law is a Web3-focused legal firm offering Token Distributions, Crypto Tax Disputes, Departure Tax Planning, Protocol Formation, and General Tax Advice services. The firm is known for helping protocols and founders navigate the cross-border tax and regulatory landscape.

Industry Take

“With the first quarter of 2025 coming to a close, the cryptocurrency industry appears to be plagued by its traditional volatility. However, this cycle is different. Institutional investments and regulatory progress are at an all-time high in the sector. The U.S. has introduced federal stablecoin legislation…, the SEC has dropped numerous actions against crypto protocols…, and overall, the industry has hope for a government in favour of domestic growth within the space.

This positive outlook has drawn many industry players to develop a stronger U.S. presence. Nevertheless, traditional tax havens such as the Cayman Islands, Panama, and the UAE continue to see a large influx of crypto investment. We see the developments in the first quarter, both domestically and internationally, as a positive outlook. Although the current cycle poses short-term headwinds, the cryptocurrency industry is positioning itself for long-term success.”

— Anish Kamboj, Principal and Founder

---

Arkis

Learn more & request ODD Report on Counterparty Catalogue → Arkis’ Profile

We’ve released our newest operational due diligence (ODD) report on Arkis, a permissioned DeFi prime brokerage protocol. Arkis enables capital-efficient lending and borrowing through a neutral settlement layer all on-chain. Our latest report provides a deep dive into their operations, controls, risk profile, and more.

Industry Take

“We’re observing a rising demand for CEX-DEX credit solutions as market participants seek greater capital efficiency across both centralized and decentralized venues. Trading firms that we previously saw executing only CeFi are now exploring DeFi, which fuels this demand.

We also believe that portfolio margining across exchanges will be critical in shaping the next phase of institutional trading infrastructure.”

— Serhii Tyshchenko, Co-Founder and CEO

---

Circuit

Learn more on Counterparty Catalogue → Circuit’s Profile

Circuit is a disaster recovery solution for digital assets, powered by its Automatic Asset Extraction technology. It enables assets to be retrieved during outages or disasters without manual intervention.

Industry Take

“We’re seeing increased demand around Bitcoin-backed loans. Institutions that were early to the space often hold significant BTC in deep cold storage. They want to put that capital to work without compromising custody — meaning private keys can’t leave the vault. Transaction-based collateralization models that ensure both lender and borrower protections, without moving the assets, are gaining ground quickly.”

— Tom Gillingham, Head of Growth

---

That’s it for this week - stay turned for more highlights and insights next Friday.

Want to be featured on Counterparty Catalogue? Let us know at info@digopp.group.

---

Sign Up for Counterparty Catalogue

Sign up here to explore service provider profiles and view our comprehensive, neutral operational due diligence (ODD) reports. Be the first to access new insights as we roll out more reports and features!

---

What You Can Do on Counterparty Catalogue

• Explore Counterparty Profiles: Find key details on digital asset service providers, their products, and more.

• Send Introductions: Easily connect with service providers to begin introductions.

• Access ODD Reports: Request comprehensive third-party evaluations of service providers.

---

Coming Soon

• More ODD Reports: We’re finalizing more reports. Stay tuned!

• DigOpp Verifications: We independently verify all licenses, certifications, audits, and more listed on provider profiles, adding credibility and transparency to every listing.

• Rate & Review Providers: Users will be able to rate and review service providers based on their experiences.

• Request for Proposals: Users will be able to submit RFPs that service providers can respond to.

---

Disclaimer

We, Digital Opportunities Group Enterprises, Inc. are not providing investment or other advice. Nothing that we post on Substack should be construed as personalized investment advice or a recommendation that you buy, sell, or hold any security or other investment or that you pursue any investment style or strategy.

Case studies may be included for informational purposes only and are provided as a general overview of our general investment process. We have compiled our research in good faith and use reasonable efforts to include accurate and up-to-date information. In no event should we be responsible or liable for the correctness of any such research or for any damage or lost opportunities resulting from use of our data.

We are not responsible for the content of any third-party websites and we do not endorse the products, services, or investment recommendations described or offered in third-party social media posts and websites.

Nothing we post on Substack should be construed as, and may not be used in connection with, an offer to sell, or a solicitation of an offer to buy or hold, an interest in any security or investment product.