MetaMask opens safer route for AI trades

MetaMask has launched Agent Wallet, a self-custodial product designed to let AI agents trade and manage crypto activity while keeping users in control of funds, approvals and risk limits.

The Consensys-owned wallet provider introduced the service on 8 June through a limited early-access programme, initially aimed at traders and developers testing autonomous finance tools. A wider rollout is planned over the coming months as crypto firms race to build infrastructure for software agents that can execute transactions, rebalance portfolios and interact with decentralised applications without constant manual input.

Agent Wallet gives AI systems access to swaps, perpetual futures, prediction markets and liquidity provisioning across Ethereum-compatible networks, with support extending to Hyperliquid. The product is being positioned as a guardrail-heavy alternative to the more hazardous practice of giving autonomous agents direct access to private keys or funding separate wallets that users must monitor manually.

Security is the centre of the launch. MetaMask says every agent-initiated transaction is routed through transaction simulation, scam and malicious-contract detection, threat scanning, clear-signing checks and MEV protection before execution. Transactions considered safe are eligible for protection of up to $10,000 under MetaMask’s Transaction Protection programme, while suspicious activity can trigger additional human approval.

The default setting, called Guard Mode, lets users define spending limits, approved protocols and operating conditions before an AI agent can act. Transactions outside those boundaries, or those flagged as dangerous, require two-factor authentication. A looser Beast Mode gives agents more room to act independently but still requires approval for transactions identified as malicious.

The launch reflects a broader shift in crypto markets, where AI agents are moving from experimental tools into active participants in trading, payments and decentralised finance. Developers are using them to scan markets, automate dollar-cost averaging, manage liquidity positions and execute multi-step strategies. That opens a new efficiency frontier but also adds a security problem: an AI model can be manipulated, misread instructions or follow a malicious prompt into a costly transaction.

MetaMask’s approach accepts that agent behaviour cannot be made fully predictable. Instead, the wallet places limits around what an agent may do, how much it can spend, where it may trade and when a human must intervene. That model builds on MetaMask’s Advanced Permissions framework, launched in April, which allows users to grant scoped, time-bound authority to applications without handing over broad wallet access or signing every transaction separately.

Advanced Permissions uses session accounts and delegation tools to execute actions within pre-set limits. A user can, for example, permit an application or agent to spend a fixed amount of a token over a defined period, while the main wallet remains under the user’s control. The system is intended to reduce approval fatigue without recreating the custody risks that decentralised wallets were designed to avoid.

Competition is building quickly. Coinbase introduced agent-focused wallet tools earlier this year, while MoonPay has expanded work on agent-linked payments and wallet standards. Hardware-wallet makers and infrastructure providers are also seeking a role as AI systems become more active in payments and trading. The emerging contest is not only over which platform can give agents access to crypto markets, but which one can prove that access is safe enough for real capital.

The timing is significant for MetaMask. The wallet has been expanding beyond its original role as an Ethereum browser extension into a broader financial interface covering swaps, staking, tokenised assets, prediction markets, cards and stablecoin-linked services. Agent Wallet adds another layer to that strategy by giving automated software a controlled pathway into the same ecosystem.

Regulatory and liability questions remain unresolved. Autonomous trading agents may create disputes over responsibility when a transaction goes wrong, especially if a user approved broad permissions but did not directly approve the exact trade. Crypto market regulators have already scrutinised wallet-linked swaps, staking and decentralised finance interfaces. AI-driven execution could sharpen those questions by blurring the line between user intent, software autonomy and platform responsibility.

The practical test will be whether MetaMask can make agent activity useful without making wallet security harder for ordinary users to understand. Crypto users have already struggled with phishing, blind signing, malicious contracts and approval scams. Adding AI agents introduces another layer of complexity, even if the interface is built around spending caps and warnings.