AI Wallet Managers Raise Security Questions

As artificial intelligence continues to blend with blockchain technology, a new frontier is emerging: AI agents capable of managing crypto wallets. While industry leaders see huge potential for convenience and automation, they also warn that security and trust remain major concerns.

Coinbase Opens the Door for AI-Driven Wallets

Last week, Coinbase unveiled a new tool called Payments MCP, designed to let AI agents access the same onchain financial tools used by human users.

When connected to large language models (LLMs) such as Claude, Gemini, or Codex, these AI agents can autonomously send payments, access wallets, and handle onchain transactions, according to the Coinbase Developer Platform.

Using the x402 protocol – an open, web-native payment standard – the agents can pay for data, tip creators, and even manage business operations via instant stablecoin transfers.

“This marks a new phase of agentic commerce, where AI agents can actively participate in the global economy,”

Coinbase said.

AI-Driven Wallets Can Be Safe – With Caveats

Aaron Ratcliff, attribution lead at blockchain intelligence firm Merkle Science, told

Cointelegraph

that giving AI agents access to user wallets introduces “a layer of trust to something that’s meant to be trustless.”

Ratcliff said that safety ultimately depends on user behaviour and the design of the AI system.

“Safe use depends on users who know how to prompt properly and on the AI pulling blockchain data accurately,” he explained. “If trading credentials leak, the damage writes itself.”

Security Risks: Hacks, Prompts, and Scams

A CoinGecko survey of 2,632 crypto users in April found that 87% were comfortable letting AI handle at least a tenth of their crypto portfolios. But Ratcliff warned that integrating AI into portfolios opens new attack vectors.

Prompt injection or man-in-the-middle attacks could let hackers hijack trades or redirect funds, he said.

“The AI might interact with scam tokens, miss honeypots or rug pulls, or manage slippage so poorly that it burns users’ funds,”

Ratcliff cautioned

.

He highlighted that AI agents should be able to detect front-running, set slippage limits, spot scam tokens, and audit smart contracts in real time before executing trades. Compliance risks could also arise if the AI sends funds to sanctioned wallets or exchanges.

Coinbase’s Safety Layer: Restricted Access

Sean Ren, co-founder of Sahara AI, an AI-native blockchain platform, said Coinbase’s Payments MCP tool uses model context protocols (MCPs) – “the gold standard for safety when implemented correctly.”

“They act as a gatekeeper between the AI model and the wallet,”

Ren explained

. “The agent can only perform predefined actions, such as checking balances or preparing payments for the user to approve.”

According to Ren, these safeguards prevent AI from freely moving funds or changing wallet settings. However, he warned that “safer doesn’t mean foolproof.”

“Users still need to double-check what they’re approving and never assume the agent’s doing the right thing automatically,”

he said

.

Still Early Days for Agentic AI in Crypto

Brian Huang, co-founder and CEO of Glider, an AI-powered crypto portfolio manager, said the technology is still in its infancy.

“Basic functions like sending, swapping, and lending are a good starting point,” Huang noted. “You’re not asking ChatGPT to Venmo your friends. These actions are still slow with agents.”

He described AI agents as assistants designed to simplify complex DeFi interactions, helping newcomers navigate the ecosystem.

Huang expects more advanced features – like automated portfolio rebalancing and personalised investment strategies – to follow soon.

“The customisation agents can offer, and the number of variables they can process, far exceed what humans can manage,” he said.

AI agents managing crypto wallets could revolutionise digital finance – automating trades, payments, and data access – but security, compliance, and user vigilance remain essential. For now, the technology is promising, but far from risk-free.