A DeFi exploit has drained your wallet, and your assets are gone. Beyond the immediate financial shock, a pressing question arises: can you deduct this loss on your taxes? The answer is a qualified yes. For U.S. taxpayers, a crypto theft can be a deductible event, but the process is complex and governed by specific IRS rules that depend on your intent for holding the assets and the tax year in question.

DeFi Under Siege: When Hacks Hit Your Wallet

The world of decentralized finance (DeFi) is rife with innovation, but also with risk. Billions of dollars have been lost to sophisticated exploits, smart contract vulnerabilities, and rug pulls. When these events occur, they can trigger a chain reaction, causing investors to pull liquidity and destabilizing entire ecosystems.

From a tax perspective, it's crucial to distinguish between different types of losses:

Market Volatility: Your crypto's value drops due to market forces. This is an unrealized loss and is not deductible until you sell or exchange the asset.
Worthlessness: An asset's value drops to zero with no hope of recovery. This may be deductible, but proving complete worthlessness to the IRS can be challenging.
Theft: Your crypto is stolen through a hack, scam, or fraudulent scheme. This is a distinct event that can trigger a deductible theft loss.

This guide focuses on the third category—theft losses—which are unfortunately common for participants in the DeFi space.

How the IRS Treats Stolen Crypto: Investment vs. Personal Loss

The foundation of crypto taxation is that the IRS treats digital assets as property, not currency, according to its guidance in Notice 2014-21. When property is stolen, the tax treatment of the loss depends on how that property was used. Under Internal Revenue Code (IRC) § 165, there are two primary categories for individuals who suffer a theft.

Personal vs. Investment Theft Loss Under OBBBA (2026 and beyond)

A critical piece of legislation, the Tax Cuts and Jobs Act of 2017 (TCJA), suspended deductions for personal casualty and theft losses for tax years 2018 through 2025, allowing deductions only when the loss was attributable to a federally declared disaster.

The One Big Beautiful Bill Act (OBBBA), enacted in 2025, made this restriction permanent going forward, with one modest expansion: beginning in 2026, personal casualty and theft losses may also qualify if attributable to a state-declared disaster (OBBBA § 70109), not only a federally declared one. For most everyday DeFi exploits — where no disaster declaration applies — the personal theft loss path remains closed.

The good news: losses from property held for investment or in a transaction entered into for profit (§ 165(c)(2)) are NOT subject to the TCJA/OBBBA personal-loss restriction and remain deductible. For the typical DeFi investor who bought tokens, provided liquidity, or staked with the goal of earning a return, this is the deduction category that matters.

Here’s a comparison of the two types of theft losses:

Feature	Investment Theft Loss (§ 165(c)(2))	Personal Theft Loss (§ 165(c)(3))
Description	Loss from a "transaction entered into for profit."	Loss of property not connected to a trade, business, or investment activity.
Example	Crypto bought on an exchange for speculation is stolen from your wallet.	Crypto you held to buy NFTs for a personal collection or for use in a game is stolen.
Deductibility (2026 Onward)	Deductible as an itemized deduction.	Deductible again, but with significant limitations.
AGI Limitation	Not subject to the 10% AGI floor.	The total of all personal casualty and theft losses is only deductible to the extent it exceeds 10% of your Adjusted Gross Income (AGI).
Per-Event Reduction	No per-event reduction.	Your loss from each single theft event must first be reduced by $100.
IRS Form	Form 4684, Section B	Form 4684, Section A

Most crypto holders who actively trade, stake, or provide liquidity with the goal of making money will likely fall into the "transaction entered into for profit" category. The IRS itself, in a Chief Counsel Advice memorandum (202511015), noted that investing in financial products is often considered prima facie evidence of a profit motive.

The Deduction Dilemma: When to Claim a Loss

Claiming a theft loss isn't as simple as noting your crypto is gone. The timing and circumstances are critical.

Theft vs. Frozen or Worthless Assets

As the IRS Taxpayer Advocate Service clarifies, you cannot claim a loss just because your assets have plummeted in value or are locked on a bankrupt platform. A loss is recognized only when there is a "closed and completed transaction."

Bankruptcies: If your assets are tied up in a bankruptcy proceeding (like Celsius or Voyager), you don't have a deductible loss yet. You must wait until the case is resolved. At that point, you will know what, if anything, you will recover. Your loss is then calculated based on the difference between your asset's cost basis and the value of the settlement you receive.
Theft: A theft, by contrast, is an identifiable event that can be considered "closed and completed" for tax purposes once you meet a key condition.

The "Reasonable Prospect of Recovery" Rule

Under IRC § 165(e), a theft loss is deductible in the year you discover it. However, you can only take the deduction if there is no reasonable prospect of recovery.

This is a factual determination. If the hacked protocol announces a full or partial reimbursement plan, or if law enforcement has a real chance of seizing the funds, you likely have a reasonable prospect of recovery and must wait to claim a loss.

However, if the hacker is anonymous, has sent the funds through a mixer like Tornado Cash, and the project has no plans to compensate victims, it's generally safe to conclude there is no reasonable prospect of recovery. In that situation, you can claim the loss in the year you made that determination.

Proving Your Loss: Documentation the IRS Expects

If the IRS questions your deduction, the burden of proof is on you. Meticulous record-keeping is your best defense. To substantiate a crypto theft loss, you should gather a comprehensive file of evidence.

Transaction Records: Collect the on-chain transaction IDs (hashes) showing the unauthorized transfer of assets from your wallet to the hacker's address. Blockchain explorers provide immutable proof of these movements.
Proof of Basis: You must prove what you originally paid for the stolen assets. Your deductible loss is limited to this acquisition cost, not the value at the time of the theft. Crypto tax software is invaluable for this, as it can trace the purchase history of specific lots of crypto.
Police Reports: File a report with your local police department as well as federal agencies like the FBI's Internet Crime Complaint Center (IC3). A police report helps establish that a criminal theft, as defined by your local jurisdiction, has occurred.
Communications and Announcements: Save screenshots of phishing emails, malicious links, or official announcements from the hacked project acknowledging the exploit.
Evidence of No Recovery: Document your attempts to recover the funds. This could include emails to the project's developers or statements from law enforcement indicating that recovery is unlikely.

Keeping track of the original cost of every coin and token that was stolen can be a nightmare. Platforms like dTax automatically import your transaction history from hundreds of exchanges and wallets, calculate the correct cost basis for each asset, and provide the detailed records needed to support a theft loss deduction.

How to Report a Crypto Theft Loss

Once you've determined your loss type and gathered your documentation, you must report it on the correct IRS form.

Step 1: Calculate Your Loss Amount Your deductible loss is your adjusted basis (usually your purchase price plus any transaction fees) in the stolen crypto, minus the value of any insurance or other compensation you received. You cannot deduct unrealized gains. For example, if you bought 1 ETH for $1,000 and it was worth $4,000 when stolen, your loss is limited to your $1,000 basis.

Step 2: Complete Form 4684, Casualties and Thefts This is the central form for reporting your loss. You will use a different section depending on the loss type.

Section A for Personal-Use Property: If the stolen crypto was personal property, you'll report it here. The form will guide you through applying the $100 reduction per event and the 10% of AGI limitation.
Section B for Business and Income-Producing Property: If the crypto was an investment, you'll use this section. The calculations are more straightforward and are not subject to the 10% AGI floor.

Step 3: Transfer the Deduction to Schedule A The final deductible amount from Form 4684 is carried over to Schedule A (Form 1040), Itemized Deductions. A theft loss is an itemized deduction, meaning you can only benefit from it if your total itemized deductions exceed your standard deduction.

Navigating the Aftermath of a DeFi Hack

The period following a hack is stressful and confusing. Be vigilant. Scammers often target victims by creating fake "recovery" services that demand an upfront fee to retrieve stolen funds, only to disappear with more of your money.

If the hacked project or a third party does provide a reimbursement in a future year—perhaps through an airdrop of a new token—you must be careful. If you already claimed a theft loss deduction, this reimbursement is considered a "recovery" and must be reported as income in the year you receive it, up to the amount of the tax benefit you received from the prior deduction.

Frequently Asked Questions

### What if my crypto is just stuck in a bankrupt platform? Is that a theft?

No, this is generally not treated as a theft. According to IRS guidance, assets frozen in bankruptcy proceedings are not considered a "closed and completed" transaction. You cannot claim a loss until the bankruptcy case is finalized and you know the final value of any distribution you will receive. The difference between your cost basis and the value of your settlement will typically be a capital loss, reported on Form 8949.

### Can I deduct the loss if the hacker returns some of the funds?

Yes, but you must adjust your loss calculation. Your total theft loss is your basis minus the fair market value of any property or cash returned to you. If the hacker returns funds in a later tax year after you've already taken the deduction, you must include the value of the recovery as income on that year's tax return.

### The value of my stolen crypto was much higher than what I paid for it. Can I deduct the higher market value?

No. Under IRC § 165(b), a loss deduction is strictly limited to your adjusted basis in the property. You cannot deduct "paper" or unrealized gains that you had not yet reported as income. Your loss is what it cost you to acquire the asset, not what it was worth when it was taken. (The IRS restates this basis-limitation principle in CCA 202511015 in the context of crypto scam losses.)

This content is for informational purposes only and does not constitute tax, legal, or financial advice. Consult a qualified tax professional for your specific situation.

The complexities of DeFi exploits add another layer to an already challenging crypto tax landscape. Accurately tracking your basis, identifying transactions across multiple wallets, and generating the right documentation are essential for correctly reporting a theft loss. Don't navigate it alone. Try dTax free at getdtax.com to automate your crypto tax reporting and face tax season with confidence.