In May, the European Commission opened a comment period, seeking feedback on regulations for the cryptocurrency and blockchain industries. 

The comment period will precede eventual revisions and additions to the Markets in Crypto Assets (MiCA) legislative framework. Some have already dubbed the expected new framework “MiCA 2.0.”

Katie Harries, director and head of policy for Europe at Coinbase, told Cointelegraph that there are several key areas where “refinements could help ensure the framework remains competitive in the next phase of digital asset regulation.”

With an updated version of EU crypto law, the crypto industry is looking for more regulatory clarity in DeFi, stablecoins and tokenization.

MiCA was just the first step

Full application and enforcement of MiCA rules began on December 30, 2024, with the first licenses issued in the first months of 2025.

While the legislative process was long and complex, the EU still managed to create a regulatory framework for crypto ahead of the United States. Per Harries, “MiCA helped set an early global benchmark for digital asset regulation and gave the EU a first-mover advantage.”

It represented an “important first move” for the EU which created a “a single, harmonised rulebook for crypto” among its member states. “It gave consumers greater protection and transparency, while providing businesses with the regulatory clarity needed to build, invest and grow across the bloc.”

Harries said that, for Coinbase, MiCA provided a foundation on which it can expand its business in Europe into “the next phase of adoption across both retail and institutional markets.”

Now, Brussels is looking to recalibrate its landmark legislation. The consultation is split into four parts:

Regulatory scope and definitions for crypto assets other than asset-referenced tokens (ARTs) and e-money tokens (EMTs)Requirements for EMTs, ARTs and their issuersDefining legal framework for crypto-asset service providers (CASPs)Topics that MiCA 1.0 didn’t cover e.g., DeFi and prediction markets

Stablecoin discussion has regulatory consequences

Per Catarina Veloso, director of regulatory and compliance at Notabene, part 2, which would affect stablecoins, is “longest and arguably the most politically charged section of the consultation.”

How stablecoins are used, be it as a mainstream retail payment instrument, a wholesale settlement rail, or a “complement to existing payment methods for cross-border payments,” could have a significant effect on how stablecoin policy is made.

“If stablecoins are treated mainly as crypto trading instruments, the focus is likely to remain on investor protection and market integrity. If they are treated as payment infrastructure, then redemption, liquidity, reserve management, operational resilience and supervisory reporting become much more central.”

What risks they carry “depend heavily on how they are used, at what scale, by whom, and in connection with which parts of the financial system.”

Harries said that Coinbase would like to see MiCA 2.0 “make euro stablecoins more competitive by recalibrating rules around reserves, rewards and the multi-issuance model.” Allowing a greater share of stablecoin reserves to be held in “high-quality sovereign assets could reduce risk without compromising safety.”

Another aspect is stablecoin rewards. Currently, EMT issuers are prohibited from offering interest. But, per Veloso, “this can weaken the competitiveness of euro-denominated stablecoins and push users either toward foreign-currency stablecoins or toward yield structures outside the regulated perimeter.”

Harries said that “MiCA should allow non-interest incentives such as cashback and loyalty programmes, which are standard features across payments and help drive competition and consumer choice.”

Bringing DeFi and prediction markets into the fold

Presently, MiCA does not cover CASPs that are fully decentralized and operate without any kind of intermediary. Veloso noted that, while it sounds simple, “decentralisation is rarely binary.”

To form an informed policy around DeFi, EU regulators must know how to assess whether a CASP is fully decentralized and “what indicators should matter: control over the protocol, governance rights, admin keys, front-end control, revenue capture, upgradeability, or the ability of identifiable persons to influence outcomes.”

According to Miroslav Đurić, a senior associate at Taylor Wessing, many CAPSs already connect their clients with DeFi platforms. But since these platforms are exempt from MiCA, regulators are now asking “whether CASPs should meet their fiduciary duty vis-à-vis clients by conducting due diligence over DeFi platforms that they make accessible to their clients.”

“The Commission appears to be ready to explore different approaches incl. some that might only permit CASPs to connect their clients with DeFi platforms that are certified (under some new certification regime).”

Prediction markets are also a hot topic currently considered in the EU. Currently there is no unified regulatory structure, and prediction markets are banned in some countries. 

The Commission is seeking comments on whether these offer any economic benefit for consumers, and whether they fall under MiCA or Markets in Financial Instruments Directive (MiFD).

Đurić said this will depend on the nature of the contracts themselves. “Depending on the event contracts available on the platform […] a platform operator can easily become subject to requirements stipulated under different, sometimes conflicting regulatory frameworks: ranging from MiFID II over gambling to MiCA regulatory framework.”

What’s next?

Crypto industry observers say they intend to remain in dialogue with Brussels throughout the process. Harries said that a new, effective MiCA will require “dialogue between industry, policymakers and regulators, learning from how the framework is working in practice and refining areas where greater clarity or flexibility can help support the next phase of growth across the region.”

The period for comment ends on Aug. 31, but according to Đurić, the total process could take years. 

“Given the level of complexity of the points raised in the consultation as well as the usual pace at which the EU legislative process moves […] it is hardly expectable that any concrete legislative proposals will be adopted before 2028.”

One of the most successful MEV bots in crypto, Jaredfromsubway.eth, has been drained for more than $7.5 million, with an attacker exploiting the bot’s automated systems, the same ones that have netted it hundreds of millions over the years. 

According to Blockaid, the incident on Saturday resulted from attacker-controlled contracts tricking Jaredfromsubway.eth’s automated MEV (maximal extractable value) execution system bot into granting token approvals that were later used to drain funds.

“This is not a classic phishing attack and not a traditional smart-contract vulnerability in the victim contract,” Blockaid said on X.

It’s a rare setback for MEV bots like Jaredfromsubway.eth, which are automated programs that monitor unconfirmed transactions on blockchain networks and manipulate their order to extract profit, a kind of “invisible tax” on DeFi users. 

Cointelegraph Research previously found that sandwich attacks on Ethereum have resulted in about $60 million in annual losses for traders. The research also found that between November 2024 and October 2025, there were 60,000 to 90,000 sandwich attacks per month, with roughly 70% of them associated with Jaredfromsubway.eth.

How Jaredfromsubway.eth was exploited

“This was a counter-MEV honeypot attack, as it specifically targeted the automated, trust-minimized decision-making logic that MEV bots utilize,” Blockaid chief technology officer Raz Niv told Cointelegraph.

Over several weeks, the attacker deployed 66 fake token contracts that mimicked the names and interfaces of Wrapped ETH (WETH), USDC (USDC), and USDt (USDT) and then paired that with fake liquidity pools, said Niv. 

The fakes were designed to look like profitable trades, the kind MEV bots are programmed to chase. This lulled Jaredfromsubway’s bot into doing what it was designed to do, approving certain attacker-controlled helper contracts to spend real money on its behalf. 

“Ironically, in the process, it provided the attacker the keys to millions in the bot’s treasury,” he added. 

“And then in a single transaction, the attacker called all 66 backdoors and swept all the ETH, USDC, and USDT at these addresses, amounting to millions of dollars.”

Some of the stolen funds have already been sent to crypto mixing service Tornado Cash, according to onchain data.

In May, Ethereum co-founder Vitalik Buterin was sandwich attacked by Jaredfromsubway.eth while swapping 26,544 DigitalBits (worth $2.11 at the time of writing). The losses were minimal, but they show that even the smallest transactions can be a target for MEV bots.

“We shouldn’t be happy about this; no one should celebrate … but if you’ve ever been sandwiched by this … I’m pretty sure you’re not upset about this news,” crypto investor and commentator David Gokhshtein said.

Magazine: The end of anon? AI could unmask crypto’s hidden identities

Two brothers accused of kidnapping a Minnesota family at gunpoint last year to steal $8 million in cryptocurrency pleaded guilty in connection with the armed robbery. 

Isiah Angelo Garcia and Raymond Christian Garcia, on Thursday, entered guilty pleas for Interference with Commerce by Robbery, facing a maximum of 20 years in federal prison, according to the US Attorney’s Office of the District of Minnesota. 

“The guilty pleas entered today reflect our commitment to holding the defendants accountable for the choices they made,” US Attorney Daniel Rosen said.  

Global crypto wrench attacks have skyrocketed in recent years. In February, CertiK found that the number of crypto-related assaults and kidnappings increased 75% in 2025 from the previous year. Estimated losses in the first four months of 2026 from such attacks have already reached $101 million. 

Garcia brothers steal $8 million in crypto

Prosecutors said on Sept. 19, 2025, the two brothers traveled to Minnesota from Texas to hold a victim and his family at gunpoint, forcing him to transfer cryptocurrency from his online accounts and hardware wallets. 

The ordeal left the victim’s wife and son held for nine hours in their family home, while the victim was taken to a family cabin about three hours away and was ultimately forced to transfer $8 million in cryptocurrency. 

Isiah Angelo Garcia (left) and Raymond Christian Garcia (right). Source: Waller County, Texas, Sheriff’s Office

Police were alerted to the kidnapping after the victim’s son was able to make an emergency call, which was answered by Washington County sheriff’s deputies. Deputies later found a rifle and a shotgun, which, along with surveillance footage and other evidence, connected the brothers to the burglary. 

Crypto attackers plead guilty 

In their guilty pleas, both defendants admitted to using firearms to threaten the victims in order to rob them. They have agreed to pay more than $8 million in restitution. Sentencing hearings have not yet been scheduled. 

The latest development adds a win for US prosecutors in a global fight against criminals who target crypto owners. 

Related: Accused attackers of Sandbox exec’s wife tried to flee via Uber

In May, US authorities unsealed an indictment against three men accused of stealing at least $6.5 million in a “violent robbery spree targeting cryptocurrency owners.” 

The robberies involved the three defendants allegedly posing as delivery drivers to force their way into residences and use violence to extract cryptocurrency from their victims. 

 The increase in global attacks has drawn the attention of the French government. 

During Paris Blockchain Week in April, Jean-Didier Berger, Minister Delegate to the Interior Minister of France, said his office has taken “preventive measures” against crypto wrench attacks, including launching a prevention platform that has drawn thousands of sign-ups.  

Magazine: The end of anon? AI could unmask crypto’s hidden identities

Deprecated Aztec infrastructure has suffered a second exploit within days, adding to concerns about the security of abandoned smart contract infrastructure.

Aztec’s private rollup bridge was exploited on Thursday for 1,158 Ether (ETH), 150,000 Dai (DAI) and 0.46 renBTC (RENBTC), totaling about $2.15 million, according to Cos, the co-founder of cybersecurity company SlowMist.

His preliminary analysis found that the attacker used a false rollup proof to trick the protocol into releasing assets from its reserves to the attacker’s address.

Aztec Labs confirmed the exploit, adding that about $2 million was transferred from an immutable smart contract of a payment product deprecated in 2022, for which Aztec Labs held no admin keys or ability to pause transactions.

Aztec Labs said the incident is separate from the $2.1 million stolen from Aztec Connect’s smart contract on Sunday. Aztec Connect was a privacy-focused rollup that was deprecated in March 2023, with the team halting deposits and shifting resources to the next-generation Aztec Network.

Cointelegraph reached out to Aztec Labs for additional details about the vulnerability but had not received a response by publication.

Etherscan record of the Thursday exploit transaction. Source: Etherscan

Related: AI models led to a ‘vulnerability apocalypse’ in crypto security: Immunefi CEO

Old smart contracts raise new security concerns

The two Aztec exploits, along with the $1.3 million stolen from decentralized exchange Raydium earlier in June, renewed concerns about deprecated smart contracts, as the three incidents stemmed from vulnerabilities in abandoned infrastructure.

“Old contracts continue to be bug bounties available to any hackers. With protocols removing their responsibility to maintain them, they can become even more tempting,” wrote risk analysis platform Blockful in a Tuesday X post.

Despite Aztec Connect being deprecated, the attacker extracted over $2.1 million in the initial exploit as the immutable contract was still holding legacy user assets, wrote SlowMist in a post-mortem analysis of the incident.

First Aztec exploit, attack overview. Source: SlowMist

For protocols with deprecated smart contracts that still hold legacy assets, SlowMist advised an orderly asset migration to eliminate the risks of ongoing cybersecurity exposure.

Magazine: The legal battle over who can claim DeFi’s stolen millions 

Kentucky has sued five prediction market platforms, including Kalshi and Polymarket, adding to a wave of US states launching legal fights with prediction markets over sports event contracts.

State Attorney General Russell Coleman said in a statement Wednesday that his office filed lawsuits in state court against Polymarket and Kalshi — also naming Kalshi partners Coinbase, Robinhood and Webull — accusing them of “operating unlicensed and illegal sports betting and gambling platforms.”

“Kalshi and Polymarket are operating illegal sportsbooks in Kentucky and breaking our laws,” Coleman said. “These multi-billion dollar corporations and their legal fictions don’t pass the sniff test. As one of our state legislative leaders said it best, ‘If it looks like a duck and quacks like a duck…’”

Kalshi and Polymarket together recorded $25 billion in monthly trading volume in May, per Token Terminal. Lawsuits from multiple US states risk locking them out of some of the largest markets in the US.

Kentucky Attorney General Russell Coleman gives a speech in April. Source: YouTube

At least 17 other states have taken prediction market operators to court, attracting the involvement of the US Commodity Futures Trading Commission and the White House.

Multiple state authorities have argued that event contracts tied to sports are sports betting and require state-level licenses. Prediction markets have argued that their event contracts are swaps regulated under federal commodities law.

That position is backed by the CFTC, which has sued eight states after they took action against prediction markets, claiming they were stepping on its authority.

Kentucky’s lawsuits claimed that Polymarket, Kalshi and their partners are “doing business without a Kentucky gaming license or following state regulations” and that their sports event contracts “fall squarely within the definition of ‘sports wagering’ under Kentucky law.”

The state also alleged the platforms offer users “few or no resources” to identify or seek help for a gambling problem as required by state law. 

A Polymarket spokesperson told Cointelegraph Kentucky’s action “runs counter to the CFTC’s established framework for regulating prediction markets. We look forward to addressing these claims through the appropriate legal process.”

Kalshi spokesperson Jacki McGavick told Cointelegraph that “Kalshi is a federally regulated exchange — the CFTC is our regulator, not the states. Courts have already recognized this, and we’re confident they will here too.”

The CFTC did not immediately respond to a request for comment.

Related: Prediction market battle gets closer to Supreme Court

Kalshi and Polymarket, through a coalition of platforms, are already tied up in legal action with Kentucky after suing the state on Friday to claim its first-in-the-country 14.25% tax on prediction market transaction fees is discriminatory and oversteps federal law.

Kentucky’s action comes after authorities in Montana, Nevada, Utah, Iowa, Illinois, Ohio, Tennessee, New York, New Jersey, Connecticut and Maryland had issued cease-and-desist letters to prediction markets and were subsequently sued by the platforms.

Washington, Arizona, New Mexico, Wisconsin, Michigan, Massachusetts and Kentucky have also chosen to sue prediction market platforms, including Kalshi.

Some of the legal battles have so far reached appeals courts and have seen mixed results. On Wednesday, a Michigan federal judge ruled against Polymarket in its lawsuit against the state, finding that its sports event contracts are not swaps under the CFTC’s authority.

Other courts have also sided with prediction markets, such as the Third Circuit Court of Appeals’ ruling in April that New Jersey regulators could not prevent Kalshi from offering sports event contracts in the state.

US President Donald Trump, whose son Donald Trump Jr. is on the advisory board for Polymarket and is an adviser to Kalshi, said in May that it was “critically important that the CFTC’s exclusive authority over Prediction Markets is maintained.”

Magazine: Should users be allowed to bet on war and death in prediction markets?

The US House and Senate have reached a deal to move forward with a housing bill that includes a ban on the Federal Reserve creating a central bank digital currency (CBDC) until 2030.

A bipartisan group of House and Senate leaders released an updated version of the 21st Century Road to Housing Act on Tuesday, which aims to address housing affordability and bans institutional investors from buying existing single-family homes to rent out.

The bill has included a CBDC ban since the Senate passed it in March. The House also passed its version of the bill with strong support in May, but the House and Senate disagreed on some aspects. The Senate has now added further amendments that will be put before the House for a final vote.

The bill is likely to pass quickly and would hand a win to Republicans who have tried to pass a CBDC ban for years, as earlier standalone bills had stalled in Congress. Crypto advocates have long criticized CBDCs, which they see as an attempt by governments to repurpose crypto technology to a centrally-controlled asset.

Source: US Senate Banking Committee GOP

The deal also means Congress can focus on passing other legislation before the August recess and the November midterm elections, in particular, the crypto-regulating CLARITY Act that many lawmakers have been pushing to advance.

House Republican leaders plan to put the bill up for a vote after the House returns from recess on June 23, two people familiar with the plan told Politico.

The housing bill includes language that says the Federal Reserve may not, directly or indirectly, “issue or create a central bank digital currency or any digital asset that is substantially similar to a central bank digital currency.”

Related: South Carolina governor signs bill protecting Bitcoin miners, banning CBDC

It adds the clause will expire on Dec. 31, 2030, and creates a carveout for crypto stablecoins, or “dollar-denominated currency that is open, permissionless, and private.”

The clause revives much of the language from Republican Representative Tom Emmer’s Anti-CBDC Surveillance State Act, which was introduced in June 2025, passed by the House the next month, but was never picked up in the Senate.

US President Donald Trump signed an executive order in January 2025 banning federal agencies from all work related to CBDCs, saying they threatened “the stability of the financial system, individual privacy, and the sovereignty of the United States.”

Magazine: How crypto laws changed in 2025 — and how they’ll change in 2026

The US Government Accountability Office has urged the Federal Deposit Insurance Corporation to make an effort to coordinate with other federal agencies to address risks from blockchain technology.

GAO made a June 8 letter to FDIC Chairman Travis Hill public on Monday, which said that it first flagged priority recommendations with the regulator in May last year, including addressing blockchain technology risks.

It said that blockchain technology was an area of concern that it put on its “High Risk List,” as it deems that regulators have struggled to oversee blockchain-based financial products and the risks they could pose to US markets.

Under the GENIUS Act passed last year, the FDIC is the main regulator for stablecoin issuers that are subsidiaries of the banks it supervises. Senate lawmakers are currently looking to pass a bill that would outline how federal agencies would regulate the wider crypto market.

Source: U.S. GAO

In its letter to Hill, the GAO said that it found in 2023 that financial regulators “lacked an ongoing coordination mechanism for addressing blockchain risks” and in the meantime, “blockchain-related financial products and services have grown substantially.”

“Establishing such a mechanism, as we recommended, would help FDIC and other regulators collectively identify risks and develop and implement a regulatory response in a timely manner,” it added.

The GAO also urged that the FDIC rotate case managers assigned to banks to strengthen supervision of the sector.

Related: FDIC moves to regulate stablecoin issuers under the GENIUS Act

It said it found in 2024 that the agency did not require supervisors to rotate to different banks, which “could compromise their independence and interfere with supervision outcomes,” and a rotation requirement “could mitigate threats to independence.”

The GAO said that the failure of multiple crypto and tech industry-linked banks in 2023 “raised questions” about whether the bank watchdogs took enough action to ensure institutions “promptly addressed supervisory concerns.”

Silicon Valley Bank, Silvergate Bank and Signature Bank, which all had significant exposure to the crypto industry, all collapsed in less than a week in March 2023 in the fallout of the bankruptcy of FTX, which sent crypto markets tumbling.

Magazine: Does ‘Paper Bitcoin’ mean there’s an unlimited supply of BTC?

Investors are increasingly backing stablecoin and credit infrastructure rather than decentralized finance (DeFi) lending alone, with Morpho Labs’ latest funding round drawing attention to onchain credit markets, according to Spark CEO Sam MacPherson.

Morpho announced Tuesday that it raised $175 million in a round led by Paradigm, a16z crypto and Ribbit Capital. While Morpho is widely known as a DeFi lending protocol, the company said that it aims to become a credit infrastructure layer for banks, asset managers and fintechs.

Onchain credit markets allow users and institutions to borrow, lend and deploy capital using blockchain-based assets. Investors are betting the sector will grow alongside stablecoins and other tokenized financial products.

As stablecoins scale, “credit becomes one of the most important pieces of infrastructure in the stack,” MacPherson told Cointelegraph.

Related: DeFi protocol Radiant to wind down after failing to recover from 2024 hack

Morpho’s growing role as lending infrastructure

Morpho has a total value locked (TVL) of $6.72 billion and about $3.47 billion in active loans, according to DeFiLlama data. Risk management platform Sentora said in a Friday newsletter that the figures indicate “significant liquidity depth.”

Morpho’s total value locked and active loans have climbed sharply since late 2024.Source: DeFiLlama

Sentora also pointed to Coinbase’s use of Morpho smart contracts to originate more than $2.17 billion in corporate USDC loans as evidence that the protocol is being used as lending infrastructure rather than solely as a retail DeFi platform.

Sentora argued that the trend extends beyond crypto-native lending. The firm said exchanges, custodians and asset managers are actively evaluating blockchain-based lending systems to power credit products, while protocols compete to become the underlying infrastructure for business-to-business integrations.

Capital flows to late-stage crypto firms 

Morpho intends to measure the success of the raise over the next 12 to 18 months by expanding integrations with banks, asset managers and large platforms, attracting more institutional capital and rolling out features from traditional credit markets to drive adoption, co-founder Merlin Egalite told Cointelegraph.

“The problem we are trying to solve is less about replacing competitors and more about establishing ourselves as the credit infrastructure layer that banks, asset managers and fintechs build on,” he said.

Morpho’s raise “largest” in DeFi history. Source: Merlin Egalite

The funding round, which Egalite called “the largest raise in DeFi history,” comes as venture capital increasingly concentrates on a small group of established crypto infrastructure projects.

According to a Q1 2026 report by CryptoRank, capital allocated to Series C and later-stage crypto funding rounds surged 1,020% year over year and 320% quarter over quarter. The category accounted for 28.4% of venture funding across just nine deals, while seed and pre-seed funding fell 38.1% and represented only 5.2% of total capital.

Egalite said that he is unconcerned about capital concentration.

Asia Express: North Korea denies crypto hacks, Upbit’s bank tests Ripple

Polish President Karol Nawrocki vetoed a cryptocurrency regulatory bill for the third time, which sought to implement Europe’s Markets in Crypto Assets Regulation (MiCA) in the country.

Nawrocki said Thursday he supports regulating the cryptocurrency market but argued that the government incorporated only one of 16 key amendments proposed by his office. He said that the text was nearly identical to the previous two drafts he refused.

The third veto of the bill delays Poland’s alignment with the EU-wide regulatory framework just weeks before the end of MiCA’s transitional period on July 1. Following the end of the grace period, crypto asset service providers will be required to hold a MiCA license or stop servicing EU clients.

Poland is currently the only EU member state without a domestic MiCA implementation. Following the July 1 deadline, Poland-based crypto asset service providers without a MiCA license may lose the legal basis to serve EU customers.

Related: MiCA architect says EU should prioritize tokenization over DeFi rules

Polish Prime Minister Donald Tusk slammed the veto in a Thursday X post, writing: “It sounds unbelievable, but the president has vetoed the cryptocurrency bill again. He seems more entangled in it than everyone thought.”

Source: Donald Tusk

Political deadlock deepens over crypto bill

The decision adds to Poland’s political standoff on how the country should oversee crypto assets. It comes nearly two months after Poland’s parliament failed to reverse the second veto issued by President Nawrocki.

Lawmakers fell short of the 263 votes needed to override the veto in an April vote on the bill, which is backed by Tusk’s government and seeks to align Poland with MiCA.

Nawrocki has reportedly defended his opposition by citing concerns about excessive regulation, limited transparency and the potential burden on small businesses.

Government officials warned that delays leave consumers and businesses exposed to fraud and abuse.

The third veto comes as scrutiny of Poland’s crypto sector intensifies. Prosecutors are investigating one of Poland’s largest crypto exchanges, Zondacrypto, for suspected fraud and money laundering involving 2,000 customers with alleged links to Russian organized crime.

Zonda CEO Przemysław Kral has denied accusations of misappropriating funds.

Magazine: Crypto wanted to overthrow banks, now it’s becoming them in stablecoin fight

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Artificial intelligence agents that have autonomous access to crypto wallets could become unstoppable if deployed maliciously or if they escape from sandboxes, experts from a leading academic research consortium warned.

“Unstoppable Autonomous Agents” (UAAs) pose a clear threat if they are deployed to persist automatically and have access to digital assets, according to a June 8 industry review written by 25 academics and experts from top US universities for the Initiative for Cryptocurrencies and Contracts (IC3).

“When combined systematically, crypto tools can channel AI’s fluid power into secure, reliable, and highly autonomous systems,” the researchers wrote. However, this combination could have “far-reaching consequences for users and the financial system,” they added. 

UAAs may also be equipped with access to cryptocurrency wallets, social media accounts, APIs, and other external tools, said the researchers.

“The capabilities enabling such agents are already emerging and improving rapidly.” 

The warning comes as crypto projects and executives have been pushing the agentic payment and micropayment economy narrative this year, suggesting it could be the biggest use case for decentralized digital assets. 

AI self-replication alarm bells

The paper also revealed that existing models can already “surpass self-replication red lines” in local environments, by autonomously creating a live, separate copy of themselves on the same machine, “a capability that could let a system evade shutdown and proliferate.”

Because reward signals used in training often fail to perfectly capture the intended objectives, “UAAs deployed for benign purposes may inadvertently cause harm,” or pursue resource acquisition as a default strategy, they said. 

However, the authors noted that models have yet to replicate themselves onto external infrastructure.

Potential AI agent insider trading advantages 

A fleet of self-replicating, resource-acquiring agents could also create unpredictable demand and liquidity dynamics in crypto markets. 

“AI-powered trading systems could enable collusion between autonomous agents and create unfair insider advantages through opaque strategies.”

Related: China already has compute to train its own Mythos-like AI: Nvidia CEO

The tech sector is already dealing with difficult questions about the threat of unmitigated AI. 

Models such as Anthropic’s Claude Mythos have already been shown to be capable of finding and exploiting zero-day vulnerabilities in major operating systems. 

Meanwhile, Gartner warned in late May that governance failures around autonomous AI agents could trigger widespread enterprise failures, predicting 40% of companies will be forced to decommission their agents by 2027. 

“The harms that could follow from fully autonomous agents of this kind are severe,” the researchers said, suggesting circuit breaker guardrails.

Professor Ari Juels, IC3 co-director and Chainlink Labs chief scientist, presents the paper at ETHConf. Source: IC3

Magazine: Vietnam preps crypto pilot, HK pushes tokenization: Asia Express