Lately I keep seeing people talk about how amazing AI agents are for automated trading—so I click in and take a look: authorization allowance set to the max, private keys handed to third parties… What’s the difference from sticking your bank card PIN to your forehead?



To put it plainly, the most awkward part of on-chain agents right now is this: smart contracts can be read, but they can’t understand whether “this contract is a phishing version just deployed last night.” They can execute trades, but after getting sandwiched, they won’t even cry.

I’ve seen the most ridiculous demo: the agent detected a “high-yield opportunity” and went all-in, only to be a treasure chest scam— it didn’t even bother to check for a revert. Anyway, once the gas is burned and the task is considered complete, that’s it.

So my attitude is pretty simple: AI can be the hands, but the eyes and the brain still have to be human. Give only as much authorization as you need; split private keys as finely as possible. For key operations, add a second confirmation… Sure, it’s a hassle, but it’s better than getting up at 3:00 AM to call 110.

Anyway, with this whole narrative going around, the people hyping it outnumber those actually digging into security by ten times. For now, that’s all.
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments