ByCoinGape
AI Agents:- It’s that time in web3 where almost every firm is working to either build their own Agentic systems or is considering integrating Agentic infrastructure.
However, as firms continue to prepare these agents for autonomous transactions worth millions, there are certain security and regulatory issues poppoing up.
In a latest development, Ethereum infrastructure company Consensys has warned U.S. technology regulators that AI agents capable of controlling crypto wallets could introduce new security risks. This, Company’s Global Regulatory Director Bill Hughes said will happen “if proper safeguards are not built into their architecture.”
In web3, a new class of crypto wallets known as “agentic accounts” is beginning to emerge with recent launch of such tools by leading players such as Coinbase. These wallets can be operated by software agents rather than a single human user.
The concept is largely enabled by the ERC-4337 smart account standard, which introduces account abstraction to the Ethereum network. Account abstraction allows wallets to operate through programmable logic rather than relying solely on externally owned accounts controlled by private keys.
This architecture allows wallets to be managed through automated scripts, policies, or AI agents capable of executing transactions autonomously.
Crypto firms inlcuding Coinbase are building systems could eventually allow these software agents to perform key tasks. This includes managing decentralized finance portfolios, executing token swaps, coordinating payments, or interacting with smart contracts across decentralized applications.
However, Consensys last week cautioned that AI-driven financial agents introduce a new category of threats that differ from traditional AI vulnerabilities.
Also Read: Metaplanet Sets up 2 Subsidiaries
In a formal comment letter submitted to the National Institute of Standards and Technology (NIST), Consensys responded to a request for information last week. The request was issued by the agency’s Center for AI Standards and Innovation on how to secure AI agent systems.
The firm argued that the key security challenge is not simply model errors or prompt manipulation, but “delegated authority”. It implies situations where software agents are granted permission to sign transactions, move assets, or interact with decentralized applications.
If compromised or manipulated, such agents could misuse legitimate permissions, potentially executing unauthorized transfers or financial actions at machine speed. A recent Guardian report highlighted such an incident where AI Agents went rogue and leaked sensitive information.
Instead of isolated prompt injection attacks, risks may increasingly arise at what the company described as the coordination and market layers of digital networks.
Potential threats include:
To mitigate these risks, Consensys also proposed several infrastructure safeguards designed to limit agent authority while maintaining automation capabilities.
These include revocable wallet delegations, which allow agents to perform specific actions without full control of private keys, and transaction-level safeguards such as simulation and policy validation before execution.
The firm also emphasized the need for portable identity systems for AI agents. This will enable networks to verify which entities are initiating financial actions across blockchain systems.
But Consensys’ letter signals that as Agentic commerce finds its way into crypto, the regulation part might be as tedious as for stablecoins.
Researchers and security firms have warned about AI-driven financial automation for years. Howver, Consensys’ letter to the National Institute of Standards and Technology marks one of the first times a major Ethereum infrastructure developer has formally raised the issue with U.S. regulators.
Sneha Agrawal More Stories
|
Newsletter
Subscribe to our newsletter for new updates
By signing-up you agree to our Terms & Conditions and Privacy Policy.
Share