Kraken Co-CEO Says He’d Let AI Run His Entire Crypto Wallet—Dragonfly’s Haseeb Qureshi Warns Crypto ‘Wasn’t Built for Humans’

Kraken's co-CEO just floated the spiciest take you can have in self custody: he would hand an AI agent full control of his crypto wallet. Dragonfly Capital's Haseeb Qureshi, meanwhile, is pouring cold water on the idea, arguing that crypto "wasn't built for humans" in the first place. ^[1]

Viral '2028 AI Memo' Sparks Debate Over Mass Layoffs, and Stablecoins as Everyday Payments

That clash matters because "agentic" AI (bots that can plan, execute, and adapt) is colliding with crypto's core primitives: programmable money, irreversible settlement, and permissionless access. On paper, it is a perfect match. On-chain, it is also a perfect way to get absolutely rinsed if the guardrails are wrong. ^[2]

Enjoy articles without ads?

The market backdrop: risk is back on, but execution risk is still king

This debate is landing while majors are in a decent upswing. Bitcoin$62,481.47 was trading around $64,637 (up roughly 4.46%), Ethereum$1,686.33 near $1,865 (up about 4.50%), and Solana$79.10 around $78.45 (up roughly 6.31%) in the cited market snapshot. That kind of tape tends to invite more automation, more leverage, and more "set it and forget it" behaviour.

But the same conditions also magnify operational mistakes. When vol picks up, slippage widens, liquidation cascades accelerate, and malicious MEV (maximal extractable value, basically bots extracting value from your transaction ordering) gets more aggressive. A wallet that can act faster than a human is nice, until it is acting faster than you can stop it.

Trump-Linked WLFI Stablecoin Briefly Depegs as Team Claims 'Coordinated Attack'

Kraken's pitch: let the machine do the clicking

The Kraken executive's stance is straightforward: if AI can be trusted to handle complex, high-stakes tasks, then delegating portfolio management and execution to an AI wallet agent is a logical next step. The implicit promise is convenience plus edge.

Crypto is already hostile to manual operators. Humans are slow at monitoring mempool conditions, routing trades across venues, rebalancing collateral, and reacting to sudden risk. If you have ever fat-fingered a swap, forgotten a revoke, or chased a bridge with the wrong chain ID, you know the pain. A competent agent could, in theory:

Optimise execution across DEX aggregators and CEXs.
Continuously manage risk (stop-loss logic, collateral rebalancing, hedging).
Automate hygiene (revoking approvals, rotating addresses, monitoring allowances).
Arbitrage opportunities that vanish in seconds.

That's the bull case. It is proper seductive, especially for "apes" (retail traders who pile in quickly, usually driven by hype rather than fundamentals) who already outsource decision-making to CT (Crypto Twitter) and price alerts.

Qureshi's pushback: crypto is already built for bots, not humans

Qureshi's counterpoint cuts deeper than "be careful." The view is that crypto's UX failures are not an accident, they are the product of a system designed around composable protocols, adversarial environments, and machine-speed competition. ^[3]

If crypto is not built for humans, then "AI wallet operators" are not a novelty. They are the natural endpoint. Most of the chain does not care about your intent, only your signature.

That framing flips the story from "AI will make self custody easy" to "AI will become the default participant, and humans will be the weaker class of user."

It is a bleak take, but it matches what you see on-chain every day: sandwiching, liquidation bots, oracle-update watchers, airdrop farmers, and routing optimisers. Humans provide the liquidity, the bots harvest the inefficiencies.

Revolut Confirms Ex-Employee Tried to Extort Firm With Crypto Ransom Threat Over Customer KYC Data Leak

On-chain reality check: delegation is not the same as custody

Handing an AI "control" of your wallet can mean a few different architectures, and the risk profile changes massively depending on which one you pick.

1) AI with your private key (worst case)

If an agent directly holds the private key or seed phrase, that is game over from a security model perspective. You are betting that:

the model cannot be tricked (prompt injection is real),
the environment it runs in cannot be compromised,
the developer pipeline is clean,
the agent never "helpfully" exports secrets in logs.

One exploit, one leaked key, and you get the purest form of irreversible settlement: nothing comes back.

2) AI as a signer via limited permissions (better, still tricky)

More realistic is an AI acting under policy constraints, like:

transaction limits per day,
allowlists of contracts and tokens,
spend caps,
time delays,
multi-sig co-sign requirements.

This is where smart contract wallets and account abstraction concepts start to matter. If your wallet can enforce rules on-chain, you can let an agent trade while preventing it from bridging to a fresh, unaudited contract at 3am.

The catch: policy design is hard. Attackers do not need full control, they just need a path through your rules. Many "safe" rulesets still allow a malicious approval, and approvals are where a lot of wallet horror stories begin.

3) AI as an adviser, you remain the signer (safest)

This is closer to today's practical reality: the AI recommends, drafts transactions, simulates outcomes, and flags risks, but you click "sign."

It is less degen-fun than full autopilot, but it is the only model that cleanly preserves human intent. And intent is the bit crypto does not natively capture.

The real attack surface: intent, simulation, and toxic contracts

If you want the blunt version, AI makes two things easier:

Good execution, and
Convincing scams at scale.

The key technical failure mode is intent mismatch. Your agent thinks it is swapping Token A for Token B. The transaction it signs approves a proxy that drains everything later. Humans often miss this too, but AI can be herded into it by poisoned data, malicious interfaces, or adversarial prompts embedded in "helpful" content.

Even if the agent runs transaction simulation, simulations can lie if the RPC endpoint is compromised, if the simulation environment differs from mainnet state, or if the contract uses behaviour that is hard to model. The chain is adversarial by default.

What would make AI wallets actually viable?

For this to be more than a headline, you need measurable constraints, visible on-chain:

Permissioned spend policies enforced by the wallet contract, not off-chain promises.
Mandatory simulation and diffing across multiple independent providers.
Revocation automation as a default behaviour, not an optional hygiene step.
Rate limits and circuit breakers that halt on anomalous behaviour (new contracts, unusual gas, new chains).
Transparent logs of what the agent intended versus what it executed, ideally verifiable.

Until you can inspect those controls like you inspect a contract, "trust the AI" is basically "trust me, bro" with extra steps.

Risk box: what invalidates the bullish "AI runs my wallet" thesis

This idea breaks the moment one of these happens:

A widely used agent framework suffers a compromise that results in key leakage or mass malicious signing.
Attackers demonstrate reliable prompt-injection paths that bypass wallet policies and drain funds anyway.
Users realise "AI custody" mostly means "a new hot wallet connected to a cloud model," which is just custodial risk with different branding.
On-chain data shows agent wallets underperform after fees and MEV, proving the edge was marketing, not execution.

If the industry wants AI to run wallets, it needs to prove it on-chain: bounded permissions, auditable policies, and an escape hatch that works when things get dodgy. Otherwise, the most accurate summary of the whole trend is Qureshi's: crypto was already built for machines, and humans are the liquidity exit. ^[4]