AI Agents Can Now Manage Crypto Wallets — But Is It Safe?
- Coinbase’s new Payments MCP lets AI agents access and manage crypto wallets securely.
- Experts warn hackers could exploit AI prompts, making human oversight essential for safety.
- Coinbase says its protocol restricts AI actions, requiring user confirmation before funds are moved.
Artificial intelligence is now stepping into the world of crypto wallets. Coinbase’s new Payments MCP tool marks a major shift. It allows AI agents to access crypto wallets and make payments on-chain. Experts say it could reshape how people trade and pay using digital assets. However, the innovation also brings new risks that could threaten users’ funds.
Coinbase said the tool can pair with large language models such as Claude, Gemini, or Codex. Once connected, AI agents can access crypto wallets, tip creators, pay for services, or retrieve paywalled data. The system runs on the x402 protocol, an open standard for instant stablecoin payments. The company called it a new phase of “agentic commerce,” where AI agents participate directly in the global economy.
Coinbase Says Its Tool Limits AI Power
Sean Ren, co-founder of Sahara AI, said Coinbase’s design includes strong safety layers. The Model Context Protocols (MCP) act as a gatekeeper between the AI model and the user’s wallet. The system allows AI to perform only specific, approved actions such as checking balances or preparing transactions.
Ren said these actions need user confirmation before completion. Even if someone tries to manipulate the AI, the system will not move funds automatically. However, he stressed that users must still monitor their agents closely. “Safer doesn’t mean foolproof,” he said. “Users still need to double-check what they approve.” Ren advised users to treat AI tools as assistants rather than full replacements. They should review every action before signing transactions.
Brian Huang, CEO of Glider, agreed that the technology is still in its early phase. He said basic features like sending or swapping tokens are a good starting point. However, more complex uses such as portfolio management and rebalancing, will take time to mature.
“These agents can help new users understand DeFi better,” Huang said. “They guide people through steps that usually confuse beginners.” He expects future AI agents to handle more personalized financial advice and dynamic trading strategies.
Experts Warn of New Security Risks
Despite the excitement, security analysts say users should remain cautious. Giving an AI wallet access introduces new trust problems in a system built to avoid them. Aaron Ratcliff, attributions lead at Merkle Science, said letting AI manage wallets adds a trust layer to something meant to be trustless. He explained that it can be safe only if the system is built correctly. But he warned that real safety depends on users who understand how to prompt AI tools responsibly.
Ratcliff noted that AI systems could make mistakes if they “hallucinate” blockchain data or handle credentials carelessly. A leak of trading credentials could cause immediate losses. He also highlighted the risk of prompt injection, where hackers manipulate AI commands to perform unauthorized actions.
Related: Coinbase Unveils Global Payments Platform Powered by USDC Stablecoin
In a recent survey by CoinGecko, 87% of crypto users said they would let AI agents manage at least a tenth of their portfolio. But Ratcliff said attackers could use man-in-the-middle techniques to intercept or redirect trades. Malicious agents might interact with scam tokens, rug pulls, or poorly coded smart contracts.
He added that a safe system should detect front-running, manage slippage, and audit contracts in real time. Also, it should block unauthorized access between the wallet and AI and stop injection attacks. Compliance remains another issue. Without strong controls, AI systems could send funds to sanctioned wallets or unregulated exchanges.
For now, experts say the best protection remains human oversight. AI may one day handle wallets securely, but today, it still needs a watchful eye.
