The Mississippi scheme and the Drift exploit: three centuries of the same trick
In 1717, John Law built a scheme where the bank, the asset, and the price were all him. On April 1, 2026, attackers rebuilt that closed loop around Drift Protocol and drained $285 million in twelve minutes. The technique is three hundred and nine years old. The lessons still are not learned.
The Druid Deep Dive, Episode 10
April 1, 2026, 16:06:09 UTC. The first withdrawal leaves Drift Protocol: 41.72 million JLP tokens, approximately $155 million at prevailing prices, paid out against collateral that was deployed twenty days earlier and has no users, no product, and no revenue [1]. A wash-traded Raydium pool anchors the collateral's price at one dollar. An oracle the attacker controls feeds that price to Drift. The protocol's risk engine accepts the lie [2]. Twelve minutes and thirty withdrawals later, $285 million in JLP, USDC, SOL, wBTC, and JTO is gone [3]. Solana's largest DeFi protocol of 2026 loses more than half its total value locked to a token that did not exist three weeks prior. The attack vector, stripped of its technical vocabulary, is three hundred and nine years old. It was first deployed in a building on the rue Quincampoix in Paris by a Scottish gambler named John Law.
Historical setting: the Mississippi scheme (1716 to 1720)
Louis XIV died in September 1715. He left behind a war debt estimated at roughly 3 billion livres, approximately eighteen times the French state's annual revenue of 165 million [4]. Philippe II, Duke of Orléans, took the regency for the five-year-old Louis XV and inherited a fiscal trap with no conventional exit. Default would destroy the crown's credit. Tax increases risked revolt. Currency debasement had been tried repeatedly and produced diminishing returns.
John Law arrived in Paris at that moment with a thesis already in print. His Money and Trade Considered, published in Edinburgh in 1705, argued that a nation could escape a debt trap by replacing metallic money with paper notes backed by land and commercial revenues [5]. Law had proposed the scheme to the Scottish Parliament and been refused. He had also killed a man in a London duel in 1694 and escaped the death sentence [6]. He arrived in Paris with a gambling fortune, a grievance, and a plan.
The Banque Générale opened in May 1716 under Law's direction, issuing notes redeemable in silver [7]. In December 1718 it was nationalized and renamed the Banque Royale, its notes now guaranteed by the full faith of the French crown [8]. In August 1717, Law had also founded the Compagnie d'Occident, granted a monopoly on trade with French Louisiana. Through a series of consolidations in 1719, it absorbed the East India Company, the China Company, and the African Company and became the Compagnie des Indes [9].
By late 1719, Law personally directed three systems that should have been independent. The Banque Royale issued the currency. The Compagnie des Indes was the asset that currency was used to buy. The debt conversion scheme, through which French bondholders were induced to exchange government rentes for Compagnie des Indes shares, was the customer acquisition funnel [10]. Law set the prices in all three. The share price rose from a 500 livre subscription to nearly 10,000 livres by December 1719 [11]. No independent price source existed for shares in a colonial trading company whose revenues were almost entirely prospective.

Key players
Orléans was the political cover. He was intelligent enough to understand the structure and fiscally desperate enough to need it to work. He did not need it to be honest.
The Pâris brothers, particularly Antoine and Jean, were tax farmers whom Law had marginalized during the consolidations. They began quietly converting their Banque Royale notes to gold in late 1719, then accelerated as 1720 began [12]. Their exit was the first leak.
Richard Cantillon was the second. An Irish-born banker operating in Paris, he purchased Compagnie des Indes shares early, exited near the peak, then shorted the system while it continued to climb. He later fled to London with a fortune measured in the millions of livres [13]. His Essai sur la Nature du Commerce, written from that experience and published posthumously, became the first systematic treatise on monetary economics [14]. The principle that bears his name today, the Cantillon effect, states that those closest to the source of money creation profit most, because they spend the new money at pre-inflation prices, while those furthest from the source absorb the resulting repricing of real goods [15]. In Law's system, insiders spent Banque Royale notes on real assets while the paper still held full value. Retail holders arrived later and absorbed the discount.
The retail holders bought at 9,000 livres. They were the last to learn what the insiders already knew: the colonial revenues backing the shares did not exist at anything resembling the implied scale. Louisiana in 1720 held approximately 700 European settlers and produced no meaningful commercial output [16]. When the Banque Royale was forced to suspend convertibility in May 1720 under the pressure of accumulated redemptions, the share price collapsed from 9,000 livres to under 2,000 within weeks [17].
Modern parallel: the Drift attack
Law's system failed because the loop closed. Drift failed because the loop was faked.
Law did not need to manipulate an oracle because his system did not contain one. He was the pricing authority, and the scheme operated inside a closed loop where the issuer of the currency, the issuer of the asset, and the publisher of the price were the same office. The Drift attackers had to reconstruct that loop from the outside, because a modern DeFi protocol requires an external price feed by design. They did it completely enough that Drift's risk engine could not tell the difference.
The attackers, later linked by TRM Labs and Elliptic to North Korea's Lazarus Group, spent the preceding months cultivating relationships with members of Drift's five-person Security Council, posing as a quantitative trading firm interested in building on Drift's perpetual futures infrastructure [18]. The operation was structured enough to include in-person meetings at major cryptocurrency conferences beginning in Fall 2025, fully constructed professional personas with verifiable employment histories, and the onboarding of an ecosystem vault with over $1 million of attacker-provided capital between December 2025 and January 2026 to build operational presence [19]. The individuals attending in-person meetings were not North Korean nationals. State-sponsored actors at this level routinely deploy third-party intermediaries to conduct face-to-face relationship-building.
The infection vectors have since been identified. One contributor was compromised after cloning a code repository the attackers shared under the pretext of deploying a frontend for their vault. The repository contained a malicious Microsoft Visual Studio Code project that weaponized the tasks.json file with the runOn: folderOpen option, executing attacker code the moment the workspace opened [20]. A second contributor was manipulated into downloading a malicious TestFlight application framed as a new wallet product in beta [21]. Microsoft introduced new security controls in VS Code versions 1.109 and 1.110 specifically in response to this attack pattern, which had been in circulation since December 2025 under the DPRK campaign tracked as Contagious Interview [22]. The developer environments of the Drift contributors were the beachhead. Everything else followed from that.

On March 11, 2026, approximately 09:00 Pyongyang time, the attackers withdrew ten ETH from Tornado Cash to finance the on-chain staging [23]. On March 12, they deployed CVT (CarbonVote Token) with a total supply of 750 million tokens. They seeded a small Raydium liquidity pool with a few thousand dollars, wash-traded against themselves to anchor the price near one dollar, and deployed a price oracle they controlled to feed that price to Drift. For the next twenty days, CVT traded stably around its manufactured peg. No risk committee flagged it.
Between March 23 and March 30, the attackers created multiple durable nonce accounts on Solana [24]. Durable nonces are a legitimate protocol feature that replaces a transaction's expiring blockhash with a fixed nonce, allowing the transaction to remain valid indefinitely until submitted. Through the compromised developer environments and misrepresented signing requests, the attackers obtained approvals from two of the five Security Council multisig members for transactions they appear to have believed were routine [25]. The signed transactions, which actually contained instructions to transfer administrative control, sat dormant in the nonce accounts. On March 27, a Security Council migration eliminated the protocol's remaining timelock, removing the last window in which the pending admin transfer could have been detected and revoked [26].
At 16:05:18 UTC on April 1, the first pre-signed durable nonce transaction was submitted to the network. One second later, the second transaction executed it. Admin control of Drift transferred to an attacker-controlled address in two transactions separated by one second [27]. The attackers then listed CVT as a valid collateral market, removed withdrawal limits, deposited hundreds of millions of CVT tokens valued by the controlled oracle, and executed thirty-one rapid withdrawals draining JLP, USDC, SOL, wrapped BTC, JTO, and other real assets over approximately twelve minutes [28]. Most of the stolen funds were bridged to Ethereum through Circle's Cross-Chain Transfer Protocol within hours, a migration publicly criticized by on-chain analysts who argued Circle had both the capability and the precedent to intervene [29]. The attack wiped out more than 50% of Drift's total value locked.
Three structural points connect the two cases.
The price authority was captured, not the technology. Law's pricing function was the official subscription price announced by the Banque Royale, which operated without any external reference because no secondary market had been permitted to develop independently. The Drift price authority was a wash-traded Raydium pool the attackers owned on both sides. In both cases, the instrument being priced and the mechanism pricing it were controlled by the same actor. The information asymmetry was not a flaw in the system. It was the system.
Governance was the backdoor, not the code. Law did not find a flaw in the charter of the Compagnie des Indes. He was the Compagnie des Indes. The Drift attackers did not find a flaw in the smart contracts. They became the admins by compromising two of five signers. Audits miss this class of attack because the code is doing exactly what it was programmed to do. The governance layer is simply executing instructions from the wrong principal. Drift had been audited by Trail of Bits in 2022 and ClawSecure in February 2026, and neither review identified the attack surface because the attack surface was human [30].
Patient capture beats technical defense. Law spent roughly four years building the system from the Banque Générale's 1716 opening to the 1720 peak. The Drift attackers spent months of preparation for twelve minutes of extraction. In both cases, the setup phase was longer than the extraction phase by an order of magnitude. Chainalysis's 2026 Crypto Crime Report documented $3.4 billion in stolen funds during 2025, with North Korean-linked actors responsible for more than $2 billion through increasingly sophisticated campaigns [31]. Halborn's 2025 analysis found that 88% of stolen funds in Q1 2025 originated in compromised private keys or operational compromise rather than code exploits [32]. Defensive posture that assumes attackers are opportunistic misses the actual threat.
Portfolio lessons
Four principles fall out of this comparison.
Evaluating a position means identifying its price authority and tracing who can influence it. A token priced through an on-chain convertToAssets call from an ERC-4626 vault sits in a different risk category than a token priced through a pool that anyone with sufficient capital can move. The distinction is not academic. It determines whether the price on your screen corresponds to anything a real buyer would pay.
Multisig signer count is a weaker signal than multisig signer independence and threshold strength. A 2-of-5 Security Council reachable through the same social channels, the same operational stack, and the same professional network is one signer in practice. The Drift attackers needed only two approvals, which they obtained in parallel through coordinated social engineering. Geographic dispersion, relationship independence, hardware segregation, and threshold ratios that assume adversarial capture of at least one signer matter more than the raw signer count published on a dashboard.
Proof of reserves without proof of independence means nothing. Law published the Compagnie des Indes' colonial revenue projections in official French gazettes. The documents were real. The numbers were fiction. On-chain proof-of-reserves is only meaningful when the reserve asset is itself independently priceable and the custodian is independently verifiable. A treasury "backed" by tokens priced by an oracle the protocol controls is backed by nothing.
Patient attackers outlast defensive complacency. The Drift extraction lasted twelve minutes. The setup lasted multiple months. CVT itself sat on the Raydium pool for twenty days of stable pricing before the attack, a window during which any attentive risk process could have flagged a newly deployed token with wash-traded liquidity being quietly prepared for collateral eligibility. Any protocol with concentrated admin control and low timelocks carries a latent capture risk that no audit report measures. Position sizing should reflect that latent risk, not the nominal risk implied by a recent audit timestamp. Holders who spread exposure across protocols with genuinely independent admin structures, who avoid protocols where the same small team controls governance, oracles, and treasury, and who treat admin key concentration as itself a portfolio variable, carry less latent exposure to this class of attack.
Law's scheme ended in May 1720. The Compagnie des Indes share price collapsed from 9,000 livres to under 500 over the subsequent year. The Banque Royale notes circulated at increasing discounts until being formally repudiated. Law fled France in December 1720 and died in Venice in 1729 in modest circumstances [33]. The French crown's fiscal position was worse after the scheme than before it. The retail holders never recovered.
Drift Protocol paused deposits after the attack and began recovery negotiations with security firms. As of publication, no stolen funds have been recovered. The structural pattern that enabled both losses, concentrated control of the pricing mechanism, the asset being priced, and the governance layer, is present in a substantial fraction of DeFi protocols operating today. The question for participants is not whether this class of attack will occur again. It is which protocol is currently running the setup phase while the TVL dashboard glows green.



Sources and References
[1] TRM Labs. "North Korean Hackers Attack Drift Protocol In USD 285 Million Heist." April 2026. https://www.trmlabs.com/resources/blog/north-korean-hackers-attack-drift-protocol-in-285-million-heist
[2] Chainalysis. "Lessons from the Drift Hack." April 2026. https://www.chainalysis.com/blog/lessons-from-the-drift-hack/
[3] BSCN. "Drift Protocol Hacked for $285M: What Went Wrong and What Happens Next." April 2026. https://bsc.news/post/drift-protocol-hack-285-million
[4] Velde, François R., and David R. Weir. "The Financial Market and Government Debt Policy in France, 1746-1793." Journal of Economic History 52, no. 1 (1992): 1-39. Baseline figures for early 18th century French public finance.
[5] Law, John. Money and Trade Considered, with a Proposal for Supplying the Nation with Money. Edinburgh: Andrew Anderson, 1705.
[6] Murphy, Antoin E. John Law: Economic Theorist and Policy-Maker. Oxford: Clarendon Press, 1997, pp. 36-42.
[7] Ibid., pp. 150-172. Establishment and early operations of the Banque Générale.
[8] Ibid., pp. 205-220. Nationalization as the Banque Royale.
[9] Neal, Larry. The Rise of Financial Capitalism: International Capital Markets in the Age of Reason. Cambridge University Press, 1990, pp. 62-75.
[10] Murphy, John Law, pp. 230-255. The debt conversion mechanism.
[11] Ibid., p. 251. Share price trajectory.
[12] Faure, Edgar. La Banqueroute de Law, 17 juillet 1720. Paris: Gallimard, 1977. The Pâris brothers' role in the collapse.
[13] Murphy, Antoin E. Richard Cantillon: Entrepreneur and Economist. Oxford: Clarendon Press, 1986, pp. 89-110.
[14] Cantillon, Richard. Essai sur la Nature du Commerce en Général. London [Paris]: 1755, posthumous publication.
[15] Bordo, Michael D. "Equation of Exchange." In The New Palgrave Dictionary of Economics. Palgrave Macmillan, 2008. For discussion of the Cantillon effect and non-neutral money injection. See also Thornton, Mark. "Cantillon and the Invisible Hand." Quarterly Journal of Austrian Economics 12, no. 2 (2009): 27-46.
[16] Giraud, Marcel. A History of French Louisiana, Volume 3: The Company of the Indies, 1723-1731. Louisiana State University Press, 1991.
[17] Velde, François R. "Government Equity and Money: John Law's System in 1720 France." Federal Reserve Bank of Chicago Working Paper, 2003.
[18] Elliptic. "Drift Protocol Exploit: Indicators of North Korean Attribution." April 2026. See also TRM Labs, Ref [1].
[19] BitPinas. "Drift Protocol Hack Explained: Six-Month Social Engineering Led to $285M Solana DeFi Exploit." April 2026. https://bitpinas.com/cryptocurrency/drift-protocol-exploit/ Details the in-person cultivation at cryptocurrency conferences beginning Fall 2025 and the ecosystem vault onboarding with attacker-provided capital.
[20] The Hacker News. "$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation." April 2026. https://thehackernews.com/2026/04/285-million-drift-hack-traced-to-six.html Identifies the malicious VS Code project with weaponized tasks.json and runOn: folderOpen execution.
[21] Drift Protocol incident post-mortem, reported via BitPinas, Ref [19], and The Hacker News, Ref [20]. TestFlight wallet application as second intrusion vector.
[22] Microsoft Visual Studio Code release notes, versions 1.109 and 1.110, January to February 2026. Security controls introduced in response to malicious workspace tasks patterns attributed to the DPRK Contagious Interview campaign.
[23] TRM Labs, Ref [1]. On-chain staging timeline beginning March 11, 2026.
[24] The Hacker News, Ref [20]. Durable nonce account creation between March 23 and March 30.
[25] Drift Protocol post-mortem, reported via The Hacker News, Ref [20]. Two-of-five multisig approval compromise through misrepresented signing requests.
[26] BlockSec. "Drift Protocol Incident: Multisig Governance Compromise via Durable Nonce Exploitation." April 2026. https://blocksec.com/blog/drift-protocol-incident-multisig-governance-compromise-via-durable-nonce-exploitation Security Council migration on March 27 and elimination of the protocol's remaining timelock.
[27] Chainalysis. "Lessons from the Drift Hack." April 2026. https://www.chainalysis.com/blog/lessons-from-the-drift-hack/ Transaction-level timing of the admin transfer, two transactions separated by one second.
[28] BSCN. "Drift Protocol Hacked for $285M: What Went Wrong and What Happens Next." April 2026. https://bsc.news/post/drift-protocol-hack-285-million Thirty-one rapid withdrawals drained JLP, USDC, SOL, wBTC, JTO and other assets.
[29] CoinDesk. "How a Solana feature designed for convenience let an attacker drain $270 million from Drift." April 2, 2026. https://www.coindesk.com/tech/2026/04/02/how-a-solana-feature-designed-for-convenience-let-an-attacker-drain-usd270-million-from-drift CCTP bridging to Ethereum and industry criticism of Circle's response.
[30] BSCN, Ref [28]. Prior audit history of Drift Protocol including Trail of Bits (2022) and ClawSecure (February 2026).
[31] Chainalysis. 2026 Crypto Crime Report. February 2026.
[32] Halborn. Top 100 DeFi Hacks Report 2025. 2026. https://www.halborn.com/reports/top-100-defi-hacks-2025
[33] Murphy, John Law, pp. 335-360. Law's exile and death.
Legal Disclaimers and Disclosures
Educational Purpose Only: This content is provided exclusively for educational and historical research purposes. It should not be construed as investment advice, financial planning guidance, policy recommendations, or official economic analysis. Any contemporary parallels or policy discussions are presented as academic analysis, not recommendations for action. Historical patterns provide context for learning but do not predict future financial system outcomes or investment performance.
AI-Assisted Research Disclosure: This historical analysis was researched and written with substantial assistance from artificial intelligence technology (Claude, Anthropic). While extensive efforts were made to verify all statistical claims, citations, and institutional analysis against authoritative sources, readers should independently verify any information before relying on it for academic, professional, investment, or policy purposes.
Accuracy and Liability Limitations: While extensive effort has been made to ensure historical accuracy through authoritative sources, the authors make no warranties about completeness, accuracy, or currency of information. Historical interpretation involves scholarly judgment and academic debate. Economic data may contain revisions, measurement inconsistencies, or reporting variations across different time periods and institutional sources.
Liability Protections: The authors, publishers, and Sagix Apothecary assume no responsibility for errors, omissions, or consequences arising from the use of this information. This includes any errors that may result from AI assistance in research, writing, or data analysis. Users assume full responsibility for any decisions or actions taken based on this content.
Investment Risk Warning: Historical financial analysis does not constitute investment advice or recommendations. Past performance, whether historical or hypothetical, does not guarantee future results. All investments carry risk of loss, and readers should conduct their own research and consult qualified financial advisors before making investment decisions.
No Professional Relationship: This content does not create any professional, advisory, fiduciary, or client relationship between the reader and Sagix Apothecary, its authors, or affiliated entities. Readers seeking financial, investment, legal, regulatory, or policy guidance should consult qualified professionals licensed in their jurisdiction.
Contemporary Financial Systems: References to modern financial systems, cryptocurrency protocols, or DeFi mechanisms are made for educational comparison purposes only. These comparisons do not constitute endorsements, recommendations, or predictions about the performance or suitability of any current financial products or services.
Methodological Note: This analysis synthesizes findings from multiple Federal Reserve Bank research departments, peer-reviewed academic journals, and authoritative government historical records. The numbered citation system allows readers to verify specific claims against original sources rather than relying on secondary interpretations. All quantitative data and statistical analyses are drawn from the referenced academic literature rather than independent calculation.
Publication Information: Last Updated: April 2026 | Series: The Druid Deep Dive | Publisher: The Genesis Address LLC
Publisher: The Genesis Address LLC