Token unlocks continue to shape the crypto market, influencing wider sentiment and liquidity. This week, three projects—StarkNet (STRK), TRUMP, and Polyhedra Network (ZKJ)—are scheduled for major unlocks.

Both TRUMP and Polyhedra are about to unlock tokens worth more than 20% of their market cap. Here’s what to know.

TRUMP

Unlock Date: April 18
Number of Tokens to be Unlocked: 40 million TRUMP (4.00% of Max Supply)
Current Circulating Supply: 199 million TRUMP

US President Donald Trump’s OFFICIAL TRUMP meme coin is about to unlock new tokens worth 20% of its market cap. On April 18, 40 million TRUMP tokens will be released, with a combined market value of $338.57 million. 

Of this, 36 million tokens (10%) are assigned to Creators & CIC Digital 1, while 4 million tokens (10%) go to Creators & CIC Digital 4. 

Overall, with such a massive amount unlocked, this release is likely to impact volatility. TRUMP is currently down more than 30% this month.

StarkNet (STRK)

Unlock Date: April 15
Number of Tokens to be Unlocked: 127.60 million STRK (1.28% of Max Supply)
Current Circulating Supply: 2.9 billion STRK

StarkNet is an Ethereum Layer 2 scaling solution built with STARK-based zero-knowledge rollups. Its role is to enhance throughput and reduce gas costs. STRK is the network’s native utility and governance token.

On April 15, 127.60 million STRK tokens will be unlocked, representing $16.71 million in value—roughly 4.40% of the current market cap. Of this, 66.92 million tokens (3.34%) are allocated to early contributors, and 60.68 million tokens (3.34%) to investors. 

Also, STRK has declined over 26% in the past month and is currently down nearly 100% from its February 2024 all-time high.

Polyhedra Network (ZKJ)

Unlock Date: April 19
Number of Tokens to be Unlocked: 15.50 million ZKJ (1.55% of Max Supply)
Current Circulating Supply: 60 million ZKJ

Polyhedra Network delivers blockchain interoperability through its zkBridge technology. It enables cross-chain messaging, asset transfers, and storage with zero-knowledge proofs.

The April 19 unlock includes 15.50 million ZKJ tokens, valued at $35.16 million—25.7% of ZKJ’s market cap. 

The release consists of 8.47 million tokens (2.65%) for ecosystem and network incentives and 2.61 million tokens (1.74%) for community, airdrop, and marketing.

Meanwhile, 3.61 million tokens will be allocated for foundation reserves, and 800,000 tokens for pre-TGE token purchasers. 

Also, ZKJ is currently up 10% over the past month.

Overall, this week’s unlocks collectively introduces over $400 million worth of new tokens into the market. While some projects face downward pressure, others like ZKJ show positive momentum. 

As always, traders should monitor token distribution closely to assess potential shifts in market sentiment and liquidity.

Cybercriminals have found a new attack vector, targeting users of Atomic and Exodus wallets through open-source software repositories.

The latest wave of exploits involves distributing malware-laced packages to compromise private keys and drain digital assets.

How Hackers are Targeting Atomic and Exodus Wallets

ReversingLabs, a cybersecurity firm, has uncovered a malicious campaign where attackers compromised Node Package Manager (NPM) libraries.

These libraries, often disguised as legitimate tools like PDF-to-Office converters, carry hidden malware. Once installed, the malicious code executes a multi-phase attack.

First, the software scans the infected device for crypto wallets. Then, it injects harmful code into the system. This includes a clipboard hijacker that silently alters wallet addresses during transactions, rerouting funds to wallets controlled by the attackers.

Moreover, the malware also collects system details and monitors how successfully it infiltrated each target. This intelligence allows threat actors to improve their methods and scale future attacks more effectively.

Meanwhile, ReversingLabs also noted that the malware maintains persistence. Even if the deceptive package, such as pdf-to-office, is deleted, remnants of the malicious code remain active.

To fully cleanse a system, users must uninstall affected crypto wallet software and reinstall from verified sources.

Indeed, security experts noted that the scope of the threat highlights the growing software supply chain risks threatening the industry.

“The frequency and sophistication of software supply chain attacks that target the cryptocurrency industry are also a warning sign of what’s to come in other industries. And they’re more evidence of the need for organizations to improve their ability to monitor for software supply chain threats and attacks,” ReversingLabs stated.

This week, Kaspersky researchers reported a parallel campaign using SourceForge, where cybercriminals uploaded fake Microsoft Office installers embedded with malware.

These infected files included clipboard hijackers and crypto miners, posing as legitimate software but operating silently in the background to compromise wallets.

The incidents highlight a surge in open-source abuse and present a disturbing trend of attackers increasingly hiding malware inside software packages developers trust.

Considering the prominence of these attacks, crypto users and developers are urged to remain vigilant, verify software sources, and implement strong security practices to mitigate growing threats.

According to DeFiLlama, over $1.5 billion in crypto assets were lost to exploits in Q1 2025 alone. The largest incident involved a $1.4 billion Bybit breach in February.

Ethereum co-founder Vitalik Buterin believes that the direction of blockchain applications often mirrors the intentions and ethics of their creators. He cites that projects like Pump.fun are derived from bad social philosophy.

In a recent discussion, he highlighted how the impact—positive or negative—of crypto projects is shaped by the values driving their development.

Buterin Says Pump.fun and Terra Reflect What Not to Build in Crypto

Buterin praised a handful of decentralized applications that align with Ethereum’s long-term vision. These include Railgun, Farcaster, Polymarket, and the messaging app Signal.

On the flip side, he criticized platforms such as Pump.fun, Terra/Luna, and the collapsed FTX exchange, describing them as harmful examples of what not to build.

“The differences in what the app does stem from differences in beliefs in developers’ heads about what they are here to accomplish,” Buterin explained.

Railgun stood out as a key example. While it offers privacy features similar to Tornado Cash, it goes a step further by implementing Privacy Pools.

This system—co-developed by Buterin—allows users to stay anonymous while still proving their funds haven’t come from illicit sources.

Other projects Buterin praised include Farcaster, a decentralized social network protocol, and Polymarket, a crypto-based prediction platform.

In the past, he noted that tools like Polymarket could move beyond betting on elections and serve as useful mechanisms for improving decision-making in governance, media, and even scientific research.

Meanwhile, projects like Pump.fun—designed for launching memecoins on Solana—received harsh criticism.

Previously, the Ethereum co-founder had warned about schemes that prioritize hype over substance, such as Terra/Luna and FTX. He has also consistently urged the crypto space, especially DeFi, to build with ethical intent and long-term utility in mind.

How Developer Ethics Shape Blockchain’s Future

To explain his views on Ethereum’s unique development path, Buterin compared it to C++, a general-purpose programming language.

Unlike C++, Ethereum is only partially general-purpose. Many of its core innovations, like account abstraction or the shift to proof-of-stake, rely heavily on developers’ commitment to Ethereum’s broader mission.

“Ethereum L1 is not quite in that position: someone who doesn’t believe in decentralization would not add light clients, or FOCIL, or (good forms of) account abstraction; someone who doesn’t mind energy waste would not spend half a decade moving to PoS… But the EVM opcodes might have been roughly the same either way. So Ethereum is perhaps 50% general-purpose,” Buterin said.

Buterin furthered that Ethereum apps are around 80% special-purpose. Because of this, the ethical framework and goals of the people building them play a critical role in shaping what the network becomes.