Agentic AI has the potential to change the way users interact with their cryptocurrency wallets in the future, especially when it comes to transactions and payments. AI and blockchain executives say it could be safe, but it also brings new risks.
Last week, cryptocurrency exchange Coinbase announced a new tool, Payments MCP, that gives AI agents access to the same on-chain financial tools that people use.
We are announcing Payments MCP, the easiest way for AI agents to reach on-chain via x402. 🚀
This allows LLM models such as Claude, Gemini, and ChatGPT to access on-chain tools such as wallets, onramps, and payments without the need for API keys. 🧵 pic.twitter.com/MSnIaecx0O
— Coinbase Developer Platform 🛡️ (@CoinbaseDev) October 22, 2025
The Coinbase developer platform said in a statement that the tool, when combined with LLMs such as Claude, Gemini and Codex, allows users to access crypto wallets and make payments autonomously.
According to the Coinbase Developer Platform, AI agents powered by Payments MCP can make payments, make calculations, retrieve paywall data, tip creators, and manage certain business operations via the x402 protocol. The x402 protocol is an open, web-native payment protocol that facilitates instant payments for stablecoins.
“This marks a new phase of agent commerce, where AI agents can operate in the global economy,” the Coinbase Development platform said.
Agent AI in cryptocurrencies could be secure
Aaron Ratcliffe, head of attribution at blockchain intelligence firm Merkle Science, told Cointelegraph that from a security perspective, allowing an AI agent to access a wallet adds a layer of trust to something that is designed to be trustless.
While the system is secure if built correctly, Ratcliffe argues that “security” ultimately rests with the user of the cryptocurrency.
“Safe use depends on users knowing how to prompt and on AI being able to retrieve blockchain data without hallucinations. It also depends on whether trading credentials are kept secure. Once trading credentials are compromised, the damage is automatically written.”
AI in your portfolio may add additional security risks
An April survey of 2,632 cryptocurrency users by cryptocurrency data aggregator CoinGecko found that most users are comfortable with AI trading on their behalf. 87% said they would let an AI agent manage at least one-tenth of their crypto portfolio.
Ratcliffe said that when AI is used in portfolios, there are several security risks that could be exploited by malicious parties. Someone could hijack your system by inserting prompts or instructions.
Man-in-the-middle attacks, where hackers infiltrate and steal data between entities in a communication channel, can also redirect transactions.
“AI can also interact with fraudulent tokens, miss honeypots and lag pulls, and handle slippage too poorly, wasting users’ funds,” Ratcliffe added.
“We need proof that the AI ​​can catch front-running, enforce slippage limits, identify fraudulent tokens, and audit contracts in real-time before making a trade. We also need to sandbox prompts, prevent injections, and block man-in-the-middle access.”
At the same time, Ratcliffe believes compliance gaps could lead to issues such as a lack of controls to prevent AI from transferring funds to authorized addresses and exchanges.
Even if AI has safeguards, be careful.
Sean Wren, co-founder of Sahara AI, an AI-native blockchain platform, said in an interview with Cointelegraph that in the case of Coinbase, the exchange’s tools utilize the Model Context Protocol, which “is the gold standard for security when configured correctly.”
“They basically act as a gatekeeper between the AI ​​model and the wallet. Rather than freely moving funds or changing wallet settings, the agent can only perform certain authorized actions, such as checking balances or preparing payments for the user to confirm,” he said.
“These actions are restricted by design, so even if someone were to try to fool the AI ​​through prompt injection, for example, the AI ​​would not be able to complete the transaction on its own,” Ren added.
However, Ren also said that being more secure doesn’t mean it’s foolproof, and users still need to pay attention to what the AI ​​agents are doing to their portfolios.
“Users should still be careful and double-check what they’re authorizing, and never assume that agents are automatically doing the right thing. They should still review and sign transactions.”
AI agents are still in their infancy
Brian Huang, co-founder and CEO of Glider, an AI-powered crypto portfolio management platform, told Cointelegraph that while basic functions like sending, exchanging, and lending are great for agents to get started with, the space is still in its infancy.
Related: AI agents need cryptocurrencies to operate in financial markets: Coinbase executives:
“These are simple actions that you can perform with a click. You’re not asking your friend to Venmo you to ChatGPT, right? Many of these actions are time-consuming when you have an agent,” he said.
“In contrast, agents are like assistants. We all know that DeFi is too complex to be a part of. These agents help users feel involved and guided through the process.”
Huang predicts that more sophisticated actions such as portfolio management, rebalancing, and personalized financial advice will continue to emerge and become more effective use cases.
“The customization that the agent can provide here, the number of variables that the agent can take into account, is much greater than the customization that a human can provide,” he said.
magazine: How do the world’s major religions view Bitcoin and cryptocurrencies?