60TB.techI design systems for a living. Think business processes, automation workflows, AI platforms—as well as the required infrastructure to log and observe those systems.
When I look at a system, I ask four questions: What are the inputs? What are the outputs? What are the dependencies? What happens when monitoring goes dark?
So, naturally, for the past year I began asking those questions about the United States government in my free time (I'd rather do this than watch "the game").
What I found was concerning to say the least. What I'm looking at is a system. Not only a system, but one of the, if not the largest bureaucratic administration systems the world has ever known (to be fair, China may beat us here). And as of late, it's become a deliberately architected system designed to generate profit from geopolitical events while ensuring no enforcement mechanism exists to investigate it.
It's a system that's been conspicuously designed with the components deployed in a specific order, where each one enabled the next. While not exhaustive, allow me to walk you through this system, as I see it, the way I'd walk through any architecture review, because ultimately, that's what it is.
Remove the Enforcement Stack
Every production system has monitoring. Logging, alerting, observability—the infrastructure that tells you when something is wrong and, just as importantly, who did it.
In government, that monitoring layer is the enforcement apparatus. The DOJ's Public Integrity Section, the CFTC, and the SEC's Enforcement Division. These are the agencies that are supposed to watch the watchers, and they've been systematically gutted in a sequence that looks a lot less like budget trimming and a lot more like evidence suppression.
The Public Integrity Section was created after Watergate for the specific purpose of prosecuting corrupt officials. It was reduced from 36 career lawyers to two. Not gradually, and not through natural attrition. The acting head refused to drop corruption charges against a political ally and was forced out. Four others resigned in protest. The rest were scattered to other offices. The section's authority to file new cases was stripped entirely, and the consultation requirement for investigations involving members of Congress was suspended.
In technical terms, that's rm -rf /var/log before deploying malicious code. You don't nuke the logs unless you're about to do something you don't want traced.
Then the CFTC—the agency that regulates futures markets and prediction platforms—dropped its active investigation into Polymarket. And here's where it gets interesting, because this isn't just any prediction market. This is the same Polymarket where Donald Trump Jr. sits on the advisory board. The same Polymarket where his venture capital firm 1789 Capital invested tens of millions of dollars. The investigation was quietly closed in July 2025, and by August, Trump Jr. was formally announced as an advisor. The timing speaks for itself.
Then the SEC. Margaret Ryan, Director of the Enforcement Division, resigned on March 16, 2026 after just six months on the job. Reuters reported she wanted to be more aggressive in pursuing fraud cases that touched the president's circle—specifically crypto entrepreneur Justin Sun, a major backer of the Trump family's World Liberty Financial venture, and Elon Musk. She was blocked by SEC Chair Paul Atkins and other Republican political appointees. When the person in charge of enforcement wants to enforce and gets told no, that tells you everything about what the system is actually designed to do.
Three Federal enforcement bodies put into some form of disarray and neutered. All three layers of monitoring disabled or compromised before the first trade was even placed.
If I submitted an architectural diagram showing a production system with the observability stack non-existent and the logs dumped into a black box, followed by a deployment of new, untested code immediately after, any engineer worth their salt would ask the obvious question: Why would you disable monitoring unless you didn't want anyone to see what you were about to do?
Clear the Corporate Enforcement Pipeline
While the anti-corruption apparatus was being dismantled, the broader corporate enforcement pipeline was getting flushed out in parallel. Public Citizen's January 2026 report documented 159 canceled or halted enforcement actions against 166 corporations. This wasn't targeted, surgical work. This was a wholesale wipe of the accountability infrastructure.
Of those 166 corporations, 31 had made donations to Trump's inauguration or White House ballroom. The pharmaceutical giant that previously employed the Attorney General had three enforcement actions canceled. Polymarket had two. I'll let you sit with that for a moment.
This is the dependency layer, and it's the part that makes the architecture coherent. You can't run an insider trading operation on prediction markets if those prediction markets are under active investigation. You can't profit from advance knowledge of military operations if the agencies responsible for investigating market manipulation are actively pursuing cases. The enforcement pipeline had to be cleared first, and it was. Democratic lawmakers have explicitly connected these dots, noting that the DOJ and CFTC investigations into Polymarket were dropped after Trump took office while his son sat on the platform's advisory board.
Execute
On February 28, 2026, the United States and Israel launched strikes on Iran.
CNN found that a single trader had made nearly $1 million since 2024 from dozens of well-timed Polymarket bets correctly predicting US and Israeli military actions against Iran—winning 93% of five-figure wagers on what were supposed to be unannounced military operations. Let that sink in. 93% accuracy on classified decisions. That's not luck, that's a feed.
Within hours of the February 28 strikes, six brand-new Polymarket wallets—all funded within the previous 24 hours, all betting specifically on a February 28 strike date—cashed out approximately $1.2 million. The blockchain analytics firm Bubblemaps flagged all six as suspected insiders.
One account, "Magamyman," placed an $87,000 bet when the probability of a strike was listed at 17%. Seventy-one minutes later, the news broke. The position was worth $553,000. Other accounts—Planktonbet, Dicedicedice, nothingeverhappens911—followed the same pattern. New accounts, no trading history, single-thesis bets placed hours before a classified military operation. These aren't sophisticated traders covering their tracks. These are people who are so confident in the absence of enforcement that they named their accounts after memes and didn't bother to disguise the pattern.
Then came March 23. At exactly 6:49 AM New York time, roughly 6,200 Brent crude and West Texas Intermediate oil futures contracts traded in a single minute. The notional value was approximately $580 million. For context, the average volume for that same time slot over the previous five trading days was about 700 contracts. S&P 500 E-mini futures surged simultaneously. Senator Chris Murphy cited $1.5 billion in S&P 500 futures purchased in the minutes before the announcement.
A scant fifteen minutes later, at 7:04 AM, Donald Trump made a post on his Truth Social regarding "productive conversations" with Tehran. Predictably and instantly, oil prices collapsed while equities surged. The bearish fuel for the short squeeze had been primed the previous week, further amplified by the weekend news cycle. After watching the collapse into the Sunday overnight futures session—which itself may have been engineered by insiders—the urge to pump was surely irresistible.
Whoever placed those trades at 6:49 made a staggering amount of money in under twenty minutes. And despite Iran's denials of any negotiations taking place, it took a full week for the market to finally come to its senses and sell off the fraudulent spike. Even the administration-friendly, Ellison-owned CBS confirmed the trading volume was far above normal.
Senator Chris Murphy called it "mind-blowing corruption." Paul Krugman called it treason. The White House called it baseless.
The Architecture Diagram
[Layer 0: Preparation] ├── Gut DOJ Public Integrity Section (36 → 2 lawyers) ├── Strip authority to file new cases ├── Suspend congressional investigation consultation requirement ├── Drop CFTC investigation into Polymarket ├── Drop DOJ criminal investigation into Polymarket ├── Install Trump Jr. on Polymarket advisory board ├── Cancel 159 corporate enforcement actions (166 companies) └── SEC Enforcement Director blocked from pursuing Trump-adjacent cases → resigns [Layer 1: Position] ├── Fund fresh Polymarket wallets (24 hours before strike) ├── Place directional bets on classified military operations └── Load oil futures and S&P E-mini positions (15 minutes before announcement) [Layer 2: Execute] ├── Launch strikes on Iran (February 28, 2026) └── Post "productive conversations" on Truth Social (March 23, 7:04 AM) [Layer 3: Collect] ├── Polymarket wallets cash out $1.2M ├── Oil futures positions profit on price collapse ├── S&P positions profit on equity surge └── No enforcement body exists with authority or staffing to investigate
Every lock on the enforcement door was removed before the first bomb dropped, before the first bet was placed, and before anyone with a badge could ask a single question about any of it.
Why I Recognize This Pattern
I've seen this all before on a smaller scale with lower stakes, but ultimately the same structure.
At a previous employer I identified significant technical debt related to a 60TB PostgreSQL database hosted on AWS RDS, often hitting the hard 64TB ceiling. That's the kind of foundational systems design problem that should have been addressed before the application ever went to production. Instead it was either intentionally overlooked for the sake of going to market as quickly as possible—or the engineers in charge didn't read the documentation or have the knowledge to properly implement in the first place. Customer communications were blocked during outages. The status page was manipulated to show green when the system was actively failing. "Long-term" solutions included slashing logging retention from a year to 30 days, then 21. The organization was treating the symptoms by making the symptoms invisible, which is a strategy that works right up until the moment it doesn't.
I know what systems designed to avoid accountability look like, because I've worked with them. Not as the designer of the system, but as a regular, technically-proficient worker that understands the pitfalls of taking anything at face value. It's part of my nature to critically analyze nearly everything that enters my purview. It's how I was raised, it was what I learned, and as much as I'd love to turn it off and just exist, I can't help but question everything.
So I traced the dependencies, read the logs, and made suggestions to the engineering team and management. And it's me who gets pushed out for pointing at the dashboard, saying "this is what's broken, and how." Disagreement is flimsy, the concern is palpable. A week or two later, I'm in the breadline. It's just the way it is.
What This Means
Many people look at individual events and leave it at that. Their conclusions are formed in isolation, especially if enough time goes by between events, or there is enough of a subjective "ocean" between domains. In other words, they see a suspicious Polymarket trade here, or an unusual oil futures spike there. No big deal, it happens, there are all sorts of "glitches" in the system and "lucky" trades. A resignation at the SEC, or a significant staffing cut at the DOJ. Oh, it's just that wacky President saving taxpayer money by "cutting through red tape" and doing exactly what he told us he would do! Nothing to see here.
A systems thinker doesn't have the luxury of looking at events in isolation, because isolated events are how complex systems hide their real behavior. You have to look at dependencies, sequencing, and architecture. And when the sequencing reads like this—enforcement dismantled first, positions established second, events executed third, profits collected fourth, with no remaining mechanism for investigation—you're not looking at a series of unfortunate coincidences or bureaucratic growing pains.
The monitoring was removed before the exploit was deployed.