I’ve decided to curate weekly digests in a quick manner where builders can get an update with what’s happening without too much digging, or reading articles that are too long to really read Monday morning. These are tidbits, surfaced with the help of our intelligence platform and designed to give you the signal in five minutes. If something here sparks a deeper question, the full sources are linked and the rabbit holes are yours!
This is the first time I am doing this, so these articles should improve as we go along. I am attempting to write these in a way which you can listen to as well. If there’s any feedback, please feel free to let me know.
1. The Grok “Morse Code” wallet drain
On May 8, an attacker drained around $150K from the Bankr ecosystem on Base by sending Grok a “Bankr Club Membership” NFT, which the system interpreted as a permission grant. Subsequently,the attacker issued a Morse-code-encoded prompt that Grok dutifully translated into a transfer instruction for Bankrbot. 3 billion DRB tokens out the door, swapped to ETH and USDC.
My take: This is just a confused-deputy problem. I believe there are two lessons every agent builder should internalize this week:
Receiving an asset is not a permission grant if your agent treats an inbound NFT as a capability token.
Covert-channel prompts (Morse, base64, emoji, image OCR) walk straight past naive natural-language filters. Treat anything your agent translates as untrusted user input first!
The “Permissioning Model” and “Human Override Capability” fields aren’t paperwork anymore — they’re load-bearing.
2. AI-assisted attackers stole $600M from crypto in April
Two April hacks roughly two weeks apart netted attackers nearly $600M combined, with TRM Labs attributing the campaign to North Korea-linked groups and noting that AI was used for both target selection and exploit design.
My take: Lazarus has been on every serious researcher’s watchlist for years, but this is the inflection where “APTs with LLMs” stops being a conference panel and is becoming a real concern. The practical implication for builders is to assume every public contract surface is being fuzzed by an LLM with infinite patience and no working hours. However, I understand this is much easier said than done.
3. Centrifuge ships deRWA on Base
On May 12, Centrifuge deployed its decentralized real-world asset infrastructure on Base with a multimillion-dollar Coinbase investment. The flagship product, deSPXA, is tokenized exposure to the Anemoy S&P 500 Index Fund (with S&P Dow Jones Indices and Janus Henderson). It also has day-one integrations with Morpho (lending), Euler (shorting), Aerodrome (trading), and Multipli (RWA-backed yield), with LayerZero powering multi-chain expansion.
The take: The exciting part isn’t the S&P 500 wrapper. Those already exist. The headline is that the same token is simultaneously collateral, a short leg, an LP position, and a yield input on day one. Composability is the moat, and this is a credible attempt to break the “RWAs sit in silos” problem that’s plagued the category for two years. For builders shipping anything yield-adjacent, I would suggest design assuming the collateral on the other side is an S&P-tracking token with off-chain NAV, not just USDC. That changes liquidation logic, oracle dependencies, and your risk parameters.
4. Ondo + JPMorgan + Mastercard + Ripple: first cross-border tokenized Treasury redemption
Ondo’s tokenized-stocks platform crossed $1B TVL in May (eight months to $1B, versus roughly three years for stablecoins and two for tokenized treasuries). In the same window, Ondo executed the first-ever cross-border tokenized Treasury redemption with JPMorgan, Mastercard, and Ripple. It settled in under five seconds. Broadridge ran the first on-chain proxy vote for tokenized stocks in April, and DTCC has Ondo in its tokenized-securities consortium alongside BlackRock and Goldman Sachs.
My take: The under-priced number here is <5 seconds, cross-border, with a Tier-1 bank in the loop. For enterprise blockchain developer, it won’t come as a surprise that this points at where the real builder opportunity sits. However, for the web3 agentic crowd, a tokenized Treasury that redeems in five seconds is the first realistic candidate for an agent-managed cash management layer.
5. Morpho hits unicorn status and ships a first-party MCP server
Morpho’s April recap landed on May 6. They now have unicorn status at >$1.5B network valuation, $13B in deposits, $4.5B in active loans. The two product drops that matter:
Morpho Midnight (intent-based, fixed-term, fixed-rate markets)
Morpho Agents [Beta], a CLI and first-party MCP server so AI agents can read, simulate, and write into the protocol directly.
My take: Everyone else’s “AI integration” so far has been a community LangChain wrapper. Morpho is the first major protocol treating agents as a primary user persona with a first-party interface. The implication is if your protocol doesn’t expose an MCP or agent-readable interface by the end of 2026, you are illegible to a fast-growing class of users. The “agent SDK” is the new subgraph.
Bonus tidbits
Base + Succinct (May 5): Base Azul will ZK-verify $7.4B of deposits via SP1 + TEEs. The hybrid TEE+ZK pattern is the pragmatic blueprint for verifiable agents too.
CLARITY Act (May 14): Cleared Senate Banking 15–9; the stablecoin-rewards provision is the one to watch for everyone building on monetary rails.
Coinbase Agent.market + x402: Aroud 69,000 active agents, $50M+ transacted, with OpenAI, Bloomberg, AWS Lambda, and Alchemy as launch providers.
Akash Network: AKT up 12.5% on renewed decentralized compute demand; GPU lease demand grew 200%+ YoY heading into this cycle.
Lagrange ZK Coprocessor: Mainnet launching late May with Coinbase and Kraken among announced operators — SQL-based ZK proofs on chain data move from demo to production.
That's the week. Five things to think about, five more to keep in your peripheral vision. If this seems helpful, consider subscribing! Next week's edition lands (around) the same time, same place, with the same promise.