Something like $200 million in various cryptos were stolen, exploited or just plain burned over the past eight days. Given that, is it any wonder that regulators like Gary Gensler want closer oversight of the crypto sector?

You’re reading State of Crypto, a CoinDesk newsletter looking at the intersection of cryptocurrency and government. Click here to sign up for future editions.

Crypto investors lost nearly $300 million to hacks and stratospheric gas fees caused by a project minting a “digital land sale” over the past week. No friggin’ wonder regulators are worried about consumer protections.

The U.S. Securities and Exchange Commission seems to be approaching crypto with an “enforcement-first” view. SEC Chairman Gary Gensler has said he’s concerned with investor protection, and it’s not hard to see why he may feel justified in giving the agency greater oversight over the sector. The crypto industry may want to look into best practices and a formal system targeted at protecting its users if people want to head off the regulatory agency.

Here’s a look at some prominent headlines over the past seven days:

One of the common refrains we’ve heard from Gensler, as well as his predecessor Jay Clayton, is that the SEC is interested in protecting consumers from risky situations. The industry has expressed its opposition to recent moves by the SEC to (possibly) establish oversight of the digital currency sector, particularly decentralized finance (DeFi) platforms and projects.

Here’s the thing, though: It’s hard to argue Gensler doesn’t have a point. Crypto users lost millions over the past seven days for various reasons, and they don’t have much recourse beyond hoping the platforms can either recover their lost funds or will otherwise make them whole.

It’s worth asking whether the SEC would be as forward about regulating crypto if these concerns were mitigated through other means. I’ve reported on Gensler for the past year and change, and several individuals I’ve spoken to say he’s sincere when he says he’s solely interested in protecting consumers (as opposed to him just conducting a “power grab” over the cryptocurrency industry for its own sake).

In fairness, the $100 million to $200 million lost in the last week may not seem like that much when compared with crypto’s current $1.8 trillion market cap. But that’s still someone’s money that is now irrevocably gone.

Here’s the playbook: A project launches. Sometimes the code is audited. Sometimes it isn’t. On occasion the project is exploited. A rogue programmer finds an accessible endpoint in the wild or a savvy huckster somehow acquires admin access keys or users are fooled into sending millions of dollars' worth of crypto to a shady address.

At any rate, you now have users who are out some money. For those who have funds in excess (*cough* they’re rich enough that the loss of a few thousand or even million dollars is no big deal), this may be at most an inconvenience. For everyone else, though, this could be catastrophic, and certainly harmful.

There's no consistency in how companies respond right now, either. Some companies offer refunds or find ways of making users whole. If we dig through the archives, exchanges like Bitfinex created their own tokens that they distributed to users. The tokens from Bitfinex were redeemable for equity (or $1 apiece). Others raise funds to distribute to users.

Other companies take completely different routes. Yuga Labs, the force behind the Bored Ape Yacht Club, for example, offered an apology for clogging up the Ethereum blockchain and contributing to high gas prices, and suggested it would simply build its own layer 1 blockchain to support future BAYC-related efforts (some believe the tweet and the network congestion that prompted it were deliberate).

That brings its own risks, as Sky Mavis recently demonstrated with its Ronin hack, in which the company lost over $600 million to North Korean hackers.

The question seems to me to be, “Is anyone actually protecting users?”

Right now, the answer seems to be “people on Twitter,” a good intuition and the rare actual audit. But again, there's no consistency here.

Bringing this back to Gensler and the SEC, the industry’s taken issue with proposals that seem like they would bring decentralized exchanges and other similar projects under the regulator’s purview.

Lots of projects don’t suffer multimillion-dollar exploits. But the projects that do tend to get the headlines. And I’m sure that concern is front and center on Gensler’s plate.

There's also a growing movement among some lawmakers and industry participants to have the Commodity Futures Trading Commission (CFTC) act as the primary regulator for crypto, but it doesn’t have a consumer protection mandate in the same way the SEC does (the SEC’s mandate is focused on disclosures). Further, waiting for Congress to take some action here will probably take a while.

The SEC is now nearly doubling the size of its crypto enforcement team, opening 20 new roles. There's been some backlash from the crypto world given that these are specifically enforcement roles, rather than roles for individuals who could write guidance letters.

No new nominees over the past week.

If you’ve got thoughts or questions on what I should discuss next week or any other feedback you’d like to share, feel free to email me at nik@coindesk.com or find me on Twitter @nikhileshde.

You can also join the group conversation on Telegram.

See ya’ll next week!