Azeem Ahmed, the founder of Mochi Finance and its USDM stablecoin, and a figure linked to fraud allegations across at least four decentralized finance projects since 2020, sold approximately 550,285 CVX tokens on March 19, 2026 through a wallet that blockchain analysts have publicly associated with the Mochi protocol since the November 2021 Curve Finance pool drain that triggered one of only a handful of emergency DAO interventions in Curve’s history.
The sale, executed at an average price of $1.72 per token, netted approximately $946,000 and caused the CVX price to drop more than 10%, from $1.88 to $1.68, according to on-chain data reviewed by Crypto Daily. The proceeds were routed to a multisig wallet associated with the Mochi protocol, which held approximately $864,858 in total assets as of the evening of March 19, according to portfolio tracker DeBank. An additional 500,000 CVX remain in a locked position on Convex Finance.
A hardcoded oracle, 10 billion worthless tokens, and a $46 million Curve pool drain
The CVX tokens at the center of the dispute trace back to November 11, 2021. According to blockchain records and certified crypto trace reports prepared by forensics firm IFW Global, a wallet associated with Mochi Finance swapped 10 billion MOCHI tokens, the protocol’s governance token, which had been assigned a hardcoded price in the protocol’s oracle system regardless of its near-zero market value, for approximately 46 million USDM, the Mochi stablecoin.
The USDM was immediately swapped for 46,004,689.94 DAI through the Curve USDM/3CRV pool, effectively draining it of real stablecoin liquidity. Liquidity providers who had deposited DAI, USDC, and USDT found their holdings replaced with USDM that subsequently lost its peg. The DAI was then converted through ZeroEx and SushiSwap into approximately 9,876 ETH and used to purchase 1,050,285 CVX tokens, which were locked on Convex Finance.
The Curve Finance Emergency DAO responded by killing the USDM rewards gauge. CoinDesk covered the incident under the headline “Curve Wars Heat Up: Emergency DAO Invoked After ‘Clear Governance Attack.’” Yearn Finance founder Andre Cronje stated publicly that Mochi had become 65% undercollateralized. When Crypto Briefing asked Ahmed for comment at the time, he described his actions as a “bold approach to gaining voting power in the DAO” and characterized himself as “a small player on the outskirts” whom the “DeFi Cartel” felt threatened by.
IFW Global’s certified reports document individual investor losses of $4.87 million and $3.35 million respectively. Both investors filed sworn affidavits. Aggregate losses across all affected liquidity providers are estimated at over $54 million.
Dedaub audit flagged the exact vulnerability five months before the exploit
Before Mochi Finance launched, Ahmed commissioned a smart contract audit from Dedaub, a blockchain security firm. The June 2021 report identified two critical and five high-severity vulnerabilities in the protocol’s code.
One of the high-severity findings, labeled H5, flagged that sensitive functions in the OracleRouter.sol contract lacked access controls. The finding was marked “Open,” meaning it had not been resolved at the time the report was issued. The OracleRouter is the component responsible for determining what tokens can serve as collateral and at what price, the same mechanism that investors allege was exploited five months later to assign an artificial value to the MOCHI token and mint $46 million in unbacked stablecoins.
Four years of extraction: escalating fees, diverted rewards, and drained liquidity pools
Following the Curve pool drain, Ahmed did not disappear. He rebranded through a new entity called GaiaDAO and introduced the “Peg Rebalancing Module” (PBM), which was marketed as a mechanism to distribute CVX staking rewards to USDM holders and gradually restore the stablecoin’s peg.
The PBM carried a 2% management fee and a 20% performance fee, both payable to Ahmed. According to a Curve governance forum thread titled “How to Help USDM — Mochi ‘Slow Rug’ Victims,” Ahmed subsequently raised the performance fee to 50% without prior notice, reverting to 20% only after community objections. The thread documented the frustrations of users who found themselves paying the person who had drained them for the privilege of partial restitution.
By November 2025, even that arrangement ended. On-chain records show that all staking reward distributions from the 1,050,285 vlCVX position ceased entirely. Transaction data indicates the rewards were instead routed to a wallet that also serves as a signer on the multisig holding the CVX — a wallet multiple blockchain analysts identify as Ahmed’s personal address. The estimated value of diverted staking rewards exceeds $1.6 million.
Separately, approximately 2,198 ETH, worth roughly $6.67 million at the time, and $471,429 in USDC were allegedly taken from Mochi/ETH liquidity pools and never returned to depositors. Airdrop allocations from protocols including Prisma, CNC, VELO, LFT, and YB were also reportedly never distributed to token holders. GaiaDAO’s reward claim functions have been non-functional since December 2023.
A pattern of ventures: $SAFE, Armor.fi, Mochi, and GaiaDAO
Public records and statements from former associates indicate the Mochi incident is not the first time Ahmed has faced allegations of fund misappropriation in the decentralized finance sector. The pattern spans at least four projects since 2020.
Ahmed’s earliest documented involvement was with Yieldfarming.insure ($SAFE). A 2020 Decrypt article profiled Ahmed as a DeFi investor who advised being “greedy in private.” Former participants have alleged he leveraged insider access to front-run staking rewards and extract value from Balancer pools.
Ahmed subsequently co-founded Armor.fi, a DeFi insurance protocol built on Nexus Mutual cover contracts, with Robert Forster and Corey Jackson. In November 2021, Forster took to X (formerly Twitter) and publicly accused Ahmed of stealing “millions in LP tokens” from the project and seizing control of its social channels. “I was mass mass liquidated and he got control of the socials and channels,” Forster wrote in a thread that detailed what he described as a pattern of deception and fund misappropriation.
GaiaDAO, the entity Ahmed created ostensibly to compensate USDM holders through the PBM, has itself become a vehicle for further alleged extraction, as detailed above.
Prior litigation: Chen v. Ahmed and the forced settlement
Ahmed’s involvement in prior legal proceedings provides additional context. In February 2021, an Armor.fi protocol user named David Chen filed a lawsuit in San Francisco Superior Court (Case No. CGC-21-589609) alleging Ahmed attempted to misappropriate $1.6 million related to a Nexus Mutual insurance payout of 1,000 ETH.
Court records show Chen’s attorney, Ryan Abbott of Brown, Neri, Smith & Khan LLP, moved rapidly: demand letter on February 7, complaint filed on February 12, and an application for a temporary restraining order on February 17. The TRO sought to freeze 1,000 ETH and prevent Ahmed from transferring, exchanging, or reducing the accessibility of the tokens.
After losing at a preliminary hearing, Ahmed’s side was forced into an out-of-court settlement. Terms were not disclosed. Within months, Ahmed launched Mochi Finance.
The March 19 sell-off and wallet forensics
The CVX sell-off on March 19 was first flagged by blockchain watchers monitoring the Mochi-linked wallets. Ahmed’s primary signer wallet (0xf6c40c4391d6570032d2eb7a9cd9935898c430cf) executed a series of transactions liquidating approximately 550,285 CVX tokens. The proceeds, denominated in DAI, were transferred to the Mochi protocol multisig (0x597f540bb63381ffa267027d2d479984825057a8).
The remaining 500,000 CVX tokens are in a locked position on Convex Finance. Community members tracking the wallets have expressed concern that Ahmed may attempt to sell the locked tokens through intermediary wallets upon unlock — selling first, buying back through fresh wallets, and re-locking to break the chain of on-chain evidence.
The sell-off represents the most overt action Ahmed has taken since the original November 2021 drain. For years, the debate in the DeFi community was whether Mochi constituted a governance attack gone wrong or a deliberate theft. The decision to sell the tokens, rather than return them, redistribute them, or burn them, is being interpreted by affected investors as the definitive answer to that question.
Ahmed’s current status and silence
Court filings describe Ahmed as a UK citizen. His social media accounts have been inactive for months. The Mochi Finance and GaiaDAO websites remain online but have not been updated. The project’s Discord is largely abandoned.
He has not publicly responded to Robert Forster’s accusations, the IFW Global investigation findings, the Curve governance forum discussions about his conduct.
What the on-chain record documents is a developer who has been involved in at least four DeFi projects — $SAFE, Armor.fi, Mochi Finance, and GaiaDAO — each of which ended with allegations of fund misappropriation. In one case, he was sued and forced into a settlement. In another, his own co-founder accused him of theft on social media. In the largest, $46 million was drained from a Curve pool and the proceeds are now, four and a half years later, being sold.
As of publication, 500,000 CVX tokens remain in the wallet Ahmed controls.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.