The layer-one blockchain platform Injective has announced support for the stablecoin USDC and Circle's Cross-Chain Transfer Protocol (CCTP).
USDC and CCTP, powered by @circle, are officially coming to Injective.
— Injective 🥷 (@injective) March 17, 2026
The world's largest regulated stablecoin. Secure cross-chain transfers. All natively integrated into the fastest blockchain built for finance.
Mainnet loading. ⏳ pic.twitter.com/WbQimtO7qF
The project team emphasized that stablecoins have evolved beyond a crypto experiment and transformed into a global payment infrastructure.
"In 2025, the volume of transactions with stablecoins reached $33 trillion, a 72% increase from the previous year. USDC led with a processed flow of $18.3 trillion. This is more than half of Visa's annual transaction volume and five times that of PayPal," the statement said.
The market capitalization of Circle's coin is nearly $80 billion, and its integration for Injective users means direct access to this liquidity.
CCTP, as Circle's proprietary cross-chain infrastructure, will enable users and developers to:
- Seamlessly move the stablecoin between supported networks;
- Make transfers with near-instant finalization;
- Create applications for cross-chain registration, trading, and native liquidity management.
Injective utilizes the MultiVM token standard for USDC, fully accessible in Wasm and EVM execution environments. This means no bridges, "wrappers," or fragmentation, the developers emphasized.
The native stablecoin will be launched on the mainnet in phases. As of this writing, USDC transactions are available on the testnet.
Bug Hunter Accuses Injective of Greed
A user on the bounty platform Immunefi, known as f4lc0n, claimed that the blockchain team is trying to drastically underpay him for discovering a critical vulnerability in the code.
I Saved Injective's $500M. They Pay Me $50K.
— f4lc0n (@al_f4lc0n) March 15, 2026
I like hunting bugs on @immunefi. I'm decent at it.
— #1 — Attackathon | Stacks
— #2 — Attackathon | Stacks II
— #1 — Attackathon | XRPL Lending Protocol
— 1 Critical and 1 High from bug bounties (not counting this one)
Life was…
The white hat hacker uploaded a report on GitHub, titling the README file:
"I saved $500 million for Injective. They will pay me $50,000."
According to f4lc0n, the issue he identified in the sub-account verification system potentially allowed attackers to place market orders on behalf of users. The vulnerability opened the door to creating a new token, forming a spot market with USDT, buying assets on behalf of other traders, and withdrawing funds to Ethereum—all without permission.
The programmer believes that the vulnerability jeopardized all capital stored on the blockchain—$500 million at that time. According to Arkham, the current figure is just over $285 million, with nearly $269 million in its native token INJ.
On Injective's page on Immunefi, the reward for a critical vulnerability is listed as $500,000. f4lc0n believes that the issue he discovered falls into this category. He noted that after his report, the blockchain platform conducted a governance vote and updated the network.
The white hat hacker stated that the team did not respond to his inquiries for three months, then offered a sum ten times lower.
"For clarity, they haven't paid the $50,000 yet either," he added.
It is worth noting that in February, the total losses from hacking attacks in the crypto industry amounted to $26.5 million—the lowest figure since March 2025, according to PeckShield.