The Protocol: Mythos forces crypto industry to rethink security practices

Also: Aave’s $300 million recovery effort, crypto for AI agents, and Bitcoin proposal for Satoshi-linked tokens.

What to know:

Welcome to The Protocol, CoinDesk's weekly wrap of the most important stories in cryptocurrency tech development. I’m Margaux Nijkerk, a reporter at CoinDesk.

In this issue:

• How Anthropic’s Mythos model is forcing the crypto industry to rethink everything about security
• Industry leaders are pouring hundreds of millions into a rescue plan for Aave users after massive crypto hack
• Crypto is built for AI agents, not humans, says Alchemy's CEO
• Not a theft, but a statement: Inside the Bitcoin proposal to reassign Satoshi-linked coins

Network News

MYTHOS CHALLENGES CRYPTO SECURITY: Mythos, the new AI model from Anthropic that has sparked fear and confusion in traditional tech and finance, is also driving a massive shift in how the crypto industry thinks about security. For years, decentralized finance has focused its defenses on smart contracts. Code is audited, vulnerabilities are cataloged, and many common exploits are well understood. But Mythos, a model designed to identify and chain together weaknesses across systems, is pushing attention beyond code and into the infrastructure that supports it. “The bigger risks sit in infrastructure,” said Paul Vijender, head of security at Gauntlet, a risk management firm. “When I think about AI-driven threats, I’m less concerned about smart contract exploits and more focused on AI-assisted attacks against the human and infrastructure layers.” That includes key management systems, signing services, bridges, oracle networks and the cryptographic layers that connect them. These components are less visible than smart contracts and are often outside the scope of traditional audit. In fact, this month, web infrastructure provider Vercel, used by many crypto companies, disclosed a security breach that may have exposed customer API keys, prompting crypto projects to rotate credentials and review their code. Vercel traced the intrusion to a compromised Google Workspace connection via the third-party AI tool Context.ai, which an employee used. Mythos belongs to a new class of AI systems built to simulate adversaries. Instead of scanning for known bugs, it explores how protocols interact, testing how small weaknesses can be combined into real-world exploits. That approach has drawn attention beyond crypto. Banks like JP Morgan are increasingly treating AI-driven cyber risk as systemic and are exploring tools like Mythos for stress testing. Earlier this month, Coinbase and Binance both reportedly approached Anthropic to test Mythos. Early findings from models like Mythos have identified weaknesses in the behind-the-scenes systems that keep crypto platforms secure, including the technology that protects keys and handles communication between systems. — Margaux Nijkerk Read more.

AAVE’S $300M RECOVERY EFFORT: In the often-fractured world of decentralized finance, crises tend to expose fault lines. This time, they’re also revealing an unusual level of coordination. Aave, one of DeFi’s largest lending protocols, is at the center of a broad recovery effort following losses tied to the Kelp DAO exploit, drawing in capital and credit commitments from across the industry. The effort, informally dubbed “DeFi United,” had raised about $301 million in commitments as of Monday, according to its website, with much of the capital still pending governance approval. The exploit, which rippled into rsETH markets and created risk across lending positions on Aave, has prompted what is shaping up to be one of the most coordinated industry responses to a DeFi incident. “There’s a shared priority around supporting users and restoring normal market conditions,” an Aave Labs spokesperson told CoinDesk. “Many of these participants are deeply connected to DeFi, whether through infrastructure, capital, or user access, and have a direct interest in ensuring markets function as expected.” At the core of the effort is Aave itself. A governance proposal outlines a plan for the DAO to allocate up to 250,000 ETH as part of the recovery. Founder Stani Kulechov separately indicated he would donate 5,000 ETH personally. Other contributors within Aave’s orbit are also stepping in, including Aave’s Emilio Frangella (500 ETH), BGD Labs’ Ernesto Boado (100 ETH), BGD Labs (250 ETH) and KPK’s Marcelo Ruiz de Orlano (100 ETH). The response has quickly extended beyond Aave, and in some cases began with direct outreach. Following the April 18 bridge hack, Kulechov reached out to Consensys and other ecosystem participants early to help coordinate a response, according to a Consensys spokesperson. The firm, alongside its founder Joseph Lubin, agreed to commit up to 30,000 ETH in financial support to help advance the recovery and protect users. Sharplink played a strategic advisory role in those discussions, the spokesperson said. — Margaux Nijkerk Read more.

CRYPTO IS FOR AI AGENTS, SAYS ALCHEMY CEO: The modern financial system was never designed for machines. It was built around the constraints of human life: geography, sleep cycles, paperwork and physical presence. But as AI agents begin to act as economic participants, that human-centric design is starting to look less like a feature and more like a bottleneck, said the co-founder of crypto firm Alchemy. “You can argue that crypto was built for AI agents, not humans,” said Nikil Viswanathan, who is also CEO. The mismatch is everywhere. Banks have operating hours because humans do. Payments are tied to countries because people live in them. Credit cards assume physical identity and presence, he said. AI agents operate differently. They don’t sleep. They don’t live anywhere. They don’t walk into banks or carry cards. And increasingly, they don’t just assist with tasks, they transact. “All transactions for agents are online. They’re inherently global,” Viswanathan, who will be speaking at Consensus Miami next month, told CoinDesk in an interview. That’s where crypto starts to look less like an alternative financial system and more like the native infrastructure for a new kind of economic actor, he said. Traditional finance assumes friction. Paying someone in another country involves currency exchanges, intermediaries, delays, fees. For humans, that’s normal; for AI agents, it’s unusable. Agents need to transact seamlessly across borders, at any time, often in tiny increments. They need programmability, direct control over money via code and systems that don’t depend on physical infrastructure or identity. Crypto offers exactly that: a global, always-on financial layer where value moves as easily as data, he said. “Crypto is the global infrastructure for money that agents need,” Viswanathan said. — Will Canny Read more.

BITCOIN PROPOSAL FOR SATOSHI-LINKED TOKENS: Paul Sztorc is not trying to move Satoshi Nakamoto’s bitcoin. That narrow fact is getting lost in the backlash around eCash, a proposed Bitcoin fork scheduled for August at block height 964,000. The new chain would copy Bitcoin’s history up to that point, giving BTC holders an equivalent balance on the forked network. Hold 4.19 BTC, get 4.19 eCash.This would follow the standard fork playbook. Bitcoin Cash did it in 2017, and Bitcoin SV followed later. Both copied Bitcoin’s ledger and changed the rules in the hope the market would care. eCash is different because of what it plans to do with Satoshi’s copied coins. The roughly 1.1 million BTC attributed to Bitcoin’s pseudonymous creator Satoshi Nakamoto sits in dormant addresses often linked to the Patoshi pattern, an early mining fingerprint widely believed to trace back to Satoshi, though never conclusively proven. On a normal one-to-one fork, those addresses would receive roughly 1.1 million eCash. Sztorc’s plan would allocate 600,000 eCash to those addresses and redirect the remaining 500,000 eCash to investors who fund the project before launch. Sztorc, CEO of LayerTwo Labs, pushed back on the theft framing in a Monday X post. “We do not take any of Satoshi’s BTC,” he wrote. “BTC balances are untouched by eCash. To move BTC, you always need BTC software and the BTC private key. We lack both.” But Satoshi's untouched holdings function as Bitcoin's foundational guarantee, the proof that even the network's creator never moved his coins because the rules apply to everyone equally. Selling claims on a forked-chain version of those holdings to fund a new project is the part that reads as theft, even when no theft is technically occurring. That turns the dispute into a property-rights fight, even if the property exists only on a new chain. — Shaurya Malwa Read more.

In Other News

• BlackRock-backed Securitize and Computershare are bringing parts of the $70 trillion U.S. stock market onchain via tokenized equities in a move that pushes traditional Wall Street infrastructure closer to blockchain rails. The agreement allows listed firms to add tokenized equity — called Issuer-Sponsored Tokens (ISTs) — alongside existing shares, giving investors the option to hold stock through traditional systems or in a digital wallet. The effort is part of a broader push to make tokenized shares work within current market rules while offering new ways to hold and move assets, from wallet-based ownership to faster settlement. Transfer agents like Computershare sit at the center of the system, maintaining shareholder records and handling corporate actions. By integrating at that layer, the companies aim to avoid a common crypto workaround, in which tokens represent claims on shares rather than the shares themselves. Under the setup, Computershare will act as transfer agent for tokenized shares just as it does for traditional ones. That includes managing records and processing events like dividend payments and stock splits across both formats. Securitize provides the underlying technology, but like other recent efforts in the space, the blockchain component sits mostly in the background. The tokens are designed to represent direct ownership, not derivatives layered on top of existing stock. — Kristzian Sandor Read more.
• Crypto payments firm MoonPay acquired Sodot, an Israeli crypto security startup, as part of its plan for MoonPay Institutional, a new unit built for large financial institutions looking to access crypto. Bloomberg reports, citing sources familiar with the acquisition, that it's an all-stock deal worth about $100 million. The new unit will offer tools for trading, tokenized securities, payments, wallet management and stablecoin issuance. Sodot's technology will serve as the key management layer for the business. MoonPay Institutional will be led by Caroline D. Pham, who joined MoonPay in December as chief legal officer and chief administrative officer after serving as acting chair of the Commodity Futures Trading Commission last year. Sodot's self-hosted multi-party computation (MPC) infrastructure is built for institutions that need tighter control over how assets move, who can approve transfers and how automated systems handle transactions.— Francesco Rodrigues Read more.

Regulatory and Policy

• Hong Kong’s central bank warned that counterfeit tokens are already exploiting the city’s stablecoin regime, even before a single licensed product has been introduced. In a statement, the Hong Kong Monetary Authority (HKMA) said tokens using the tickers “HKDAP” and “HSBC” are circulating in the market, but have no connection to any authorized issuer. Both licensed stablecoin applicants referenced in related press materials confirmed they have not issued any regulated stablecoins, it said. Earlier this month, the HKMA granted its first stablecoin licenses under the Stablecoins Ordinance, which took effect in August 2025, selecting two groups from a pool of 36 applicants. The choice of HSBC and a Standard Chartered-led entity mirrors Hong Kong’s existing monetary system, where a small group of commercial banks is authorized to issue banknotes. The HKMA urged the public to “stay vigilant against fraudulent activities,” advising users to rely only on official communications from licensees and to transact through regulated channels. Insiders say they expect a launch during Hong Kong's fintech week in November. — Sam Reynolds Read more.
• Israel's Capital Market Authority granted approval for a stablecoin pegged to the shekel for the first time. Tel Aviv-based cryptocurrency exchange Bits of Gold received authorization to issue the token after a two-year evaluation and pilot process, the authority said in a post on LinkedIn. The token, BILS, was developed in collaboration with the Solana network and crypto custodian heavyweights Fireblocks, with auditing oversight provided by Big Four consultancy firm EY, Bits of Gold said in an emailed statement. The size of the stablecoin sector — crypto tokens pegged to the value of a traditional financial asset, usually a fiat currency — has surged in the last 18 months to more than $300 billion fueled by the establishment of formal regulatory regimes in major markets such as the U.S. The overwhelming dominance of U.S. dollar-pegged tokens in the sector has prompted concerns in markets outside the U.S. about the threat of losing financial and digital sovereignty if onchain payments all default to dollars as their unit of account. — Jamie Crawley Read more.

Calendar

• May 5-7, 2026: Consensus, Miami
• June 2-3, 2026: Proof of Talk, Paris
• June 8-10, 2026: ETHConf, New York
• Sept. 29-Oct.1, 2026: Korea Blockchain Week, Seoul
• Oct. 7-8, 2026: Token2049, Singapore
• Nov. 3-6, 2026: Devcon, Mumbai
• Nov. 15-17, 2026: Solana Breakpoint, London

More For You

DeFi United, a coalition of multiple blockchain projects and crypto ecosystem individuals, has laid out a detailed plan to restore the backing of rsETH after this month’s Kelp DAO hack sent shockwaves through lending markets.

What to know:

• DeFi United has proposed a coordinated plan to fix the fallout from a Kelp DAO exploit that created 116,500 unbacked rsETH, using Aave to help stabilize markets and recover funds.
• The plan involves restoring rsETH’s backing with fresh ETH while systematically unwinding bad loans tied to the exploit, aiming to...

Hyperliquid is preparing to take on Polymarket with a new way to trade real-world events

10 minutes ago

The AI-crypto disconnect: Why Pantera’s CEO thinks institutions are missing the boat on bitcoin

34 minutes ago

Visa expands stablecoin settlement network as volume hits $7 billion run rate

48 minutes ago

Bitcoin ETFs fuel institutional surge, 21Shares' CIO sees $100K possible by year-end

56 minutes ago

Crypto Long & Short: Guide, deliver, repeat: the hidden driver of token performance

1 hour ago

Wall Street is launching the first ever prediction market ETFs for U.S. elections

1 hour ago

There's a social media groundswell predicting bitcoin above $90,000. That might be a problem.

6 hours ago

Bitcoin rebounds from key support as traders eye renewed push toward $80,000

5 hours ago

Institutional money is coming for bitcoin, but Adam Back says it moves slower than you think

12 hours ago

First central bank to test bitcoin says asset is ‘too risky’ for reserves

3 hours ago

Tether leads Belo's $14 million raise to expand stablecoin payments across Latin America

4 hours ago