Skip to main content

40 posts tagged with "web3"

View all tags

Echo.xyz Transformed Crypto Fundraising in 18 Months, Earning a $375M Coinbase Exit

¡ 33 min read
Dora Noda
Software Engineer

Echo.xyz achieved what seemed improbable: democratizing early-stage crypto investing while maintaining institutional-quality deal flow, resulting in Coinbase acquiring the platform for $375 million just 18 months after launch. Founded in March 2024 by Jordan "Cobie" Fish, the platform facilitated over $200 million across 300+ deals involving 9,000+ investors before its October 2025 acquisition. Echo's significance lies in solving the fundamental tension between exclusive VC access and community participation through group-based, on-chain investment infrastructure that aligns incentives between platforms, lead investors, and followers. The platform's dual products—private investment groups and Sonar public sale infrastructure—position it as comprehensive capital formation infrastructure for web3, now integrated into Coinbase's vision of becoming the "Nasdaq of crypto."

What Echo.xyz solves in the web3 fundraising landscape​

Echo addresses critical structural failures in crypto capital formation that have plagued the industry since the ICO boom collapsed in 2018. The core problem: access inequality—institutional VCs secure early allocations at favorable terms while retail investors face high valuations, low float tokens, and misaligned incentives. Traditional private fundraising excludes regular investors entirely, while public launchpads suffer from centralized control, opaque processes, and speculative behavior divorced from project fundamentals.

The platform operates through two complementary products. Echo Investment Services enables group-based private investing where experienced "Group Leads" (including top VCs like Paradigm, Coinbase Ventures, Hack VC, 1kx, and dao5) share deals with followers who co-invest on identical terms. All transactions execute fully on-chain using USDC on Base network, with investors organized into SPV (Special Purpose Vehicle) structures that simplify cap table management. Critically, group leads must invest on the same price, vesting, and terms as followers, earning compensation only when followers profit—creating genuine alignment versus traditional carry structures.

Sonar, launched May 2025, represents Echo's more revolutionary innovation: self-hosted public token sale infrastructure that founders can deploy independently without platform approval. Unlike traditional launchpads that centrally list and endorse projects, Sonar provides compliance-as-a-service—handling KYC/KYB verification, accreditation checks, sanctions screening, and wallet risk assessment—while allowing founders complete marketing autonomy. This architecture supports "1,000 different sales happening simultaneously" across multiple blockchains (EVM chains, Solana, Hyperliquid, Cardano) without Echo's knowledge, deliberately avoiding the launchpad model's conflicts of interest. The platform's philosophy, articulated by founder Cobie: "Get as close to ICO-era market dynamics as possible while providing compliant tools for founders who don't want to go to jail."

Echo's value proposition crystallizes around four pillars: democratized access (no minimum portfolio size; same terms as institutions), simplified operations (SPVs consolidate dozens of angels into single cap table entities), aligned economics (5% fee only on profitable investments), and blockchain-native execution (instant USDC settlement via smart contracts eliminating banking friction).

Technical architecture balances privacy, compliance, and decentralization​

Echo's technical infrastructure demonstrates sophisticated engineering prioritizing user custody, privacy-preserving compliance, and multi-chain flexibility. The platform operates primarily on Base (Ethereum Layer 2) for managing USDC deposits and settlements, leveraging low-cost transactions while maintaining Ethereum security guarantees. This choice reflects pragmatic infrastructure decisions rather than blockchain maximalism—Sonar supports most EVM-compatible networks plus Solana, Hyperliquid, and Cardano.

Wallet infrastructure via Privy implements enterprise-grade security through multi-layer protection. Private keys undergo Shamir Secret Sharing, splitting keys into multiple shards distributed across isolated services so neither Echo nor Privy can access complete keys. Keys only reconstruct within Trusted Execution Environments (TEEs)—hardware-secured enclaves that protect cryptographic operations even if surrounding systems are compromised. This architecture provides non-custodial control while maintaining seamless UX; users can export keys to any EVM-compatible wallet. Additional layers include SOC 2-certified infrastructure, hardware-level encryption, role-based access control, and two-factor authentication on all critical operations (login, investment, fund transfers).

The Sonar compliance architecture represents Echo's most technically innovative component. Rather than projects managing compliance directly, Sonar operates through an OAuth 2.0 PKCE authentication flow where investors complete KYC/KYB verification once via Sumsub (the same provider used by Binance and Bybit) to receive an "eID Attestation Passport." This credential works across all Sonar sales with one-click registration. When purchasing tokens, Sonar's API validates wallet-entity relationships and generates cryptographically signed permits containing: entity UUID, verification proof, allocation limits (reserved, minimum, maximum), and expiration timestamps. The project's smart contract validates ECDSA signatures against Sonar's authorized signer before executing purchases, recording all transactions on-chain for transparent, immutable audit trails.

Key technical differentiators include privacy-preserving attestations (Sonar attests eligibility without passing personal data to projects), configurable compliance engines (founders select exact requirements by jurisdiction), and anti-sybil protection (Echo detected and banned 19 accounts from a single user attempting to game allocations). The platform partners with Veda for pre-launch vault infrastructure, using the same contracts securing $2.6 billion TVL that have been audited by Spearbit. However, specific Echo.xyz smart contract audits remain undisclosed—the platform relies primarily on audited third-party infrastructure (Privy, Veda) plus established blockchain security rather than publishing independent security audits.

Security posture emphasizes defense-in-depth: distributed key management eliminates single points of failure, SOC 2-certified partners ensure operational security, comprehensive KYC prevents identity fraud, and on-chain transparency provides public accountability. The self-hosted Sonar model further decentralizes risk—if Echo infrastructure fails, individual sales continue operating since founders control their own contracts and compliance flows.

No native token: Echo operates on performance-based fees, not tokenomics​

Echo.xyz explicitly has no native token and has stated there will not be one, making it an outlier in web3 infrastructure. This decision reflects philosophical opposition to extractive tokenomics and aligns with founder Cobie's criticism of protocols that use tokens primarily for founder/VC enrichment rather than genuine utility. A scam token called "ECHO" (contract 0x7246d453327e3e84164fd8338c7b281a001637e8 on Base) circulates but has no affiliation with the official platform—users should verify domains carefully.

The platform operates on a pure fee-based revenue model charging 5% of user profits per deal—the only way Echo generates revenue. This performance-based structure creates powerful alignment: Echo profits exclusively when investors profit, incentivizing quality deal curation over volume. Additional operational costs (token warrant fees paid to founders, SPV regulatory filing costs) pass through to users with no markup. All investments transact in USDC stablecoin with fully on-chain execution.

Group lead compensation follows the same philosophy: leads earn a percentage of followers' profits only when investments succeed, must invest on identical terms as followers (same price, vesting, lock-ups), and never touch follower funds (smart contracts manage custody). This inverts traditional venture fund structures where GPs collect management fees regardless of returns. The legal structure operates through Gm Echo Manager Ltd maintaining smart contract-based ownership claims that prevent leads from accessing investor capital.

Platform statistics demonstrate strong product-market fit despite tokenless operations. By the October 2025 acquisition, Echo facilitated $200 million across 300+ deals involving 9,000+ investors through 80+ active investment groups. Notable transactions include MegaETH's $10 million raise (split into rounds of $4.2M in 56 seconds and $5.8M in 75 seconds), Initia's $2.5M community round (800+ investors in under 2 hours), and Usual Money's $1.5M raise. First-come-first-served allocation within groups creates urgency; high-quality deals sell out in minutes.

Sonar economics remain less disclosed. The product launched May 2025 with Plasma's XPL token sale as the first implementation (10% of supply at $500M FDV). While Sonar provides compliance infrastructure, API access, and signed permit generation, public documentation doesn't specify pricing—likely negotiated per-project or subscription-based. The $375M Coinbase acquisition validates that substantial value accrues without tokenization.

Governance structure is entirely centralized with no token-based voting. Gm Echo Manager Ltd (now owned by Coinbase) controls platform policies, group lead approvals, and terms of service. Individual group leads determine which deals to share, investment minimums/maximums, and membership criteria. Users choose deal-by-deal participation but have no protocol governance rights. Post-acquisition, Echo will remain standalone initially with Sonar integrating into Coinbase, suggesting eventual alignment with Coinbase's governance structures rather than DAO models.

Ecosystem growth driven by top-tier partnerships and 30+ successful raises​

Echo's rapid ecosystem expansion stems from strategic partnerships that provide both infrastructure reliability and deal flow quality. The Coinbase acquisition for approximately $375 million (October 2025) represents the ultimate partnership validation—Coinbase's 8th acquisition of 2025 positions Echo as core infrastructure for onchain capital formation. Prior to acquisition, Coinbase Ventures became a Group Lead (March 2025) launching the "Base Ecosystem Group" to fund Base blockchain builders, demonstrating strategic alignment months before the deal closed.

Technology partnerships provide critical infrastructure layers. Privy supplies embedded wallet services with Shamir Secret Sharing and TEE-based key management, enabling non-custodial user experience. Sumsub handles KYC/KYB verification (the same provider securing Binance and Bybit), processing identity verification and document validation. The platform integrates OAuth 2.0 for authentication and ECDSA signature validation for on-chain permit verification. Veda provides vault contracts for pre-launch deposits with yield generation through Aave and Maker, using battle-tested infrastructure securing $2.6B+ TVL.

Supported blockchain networks span major ecosystems: Base (primary chain for platform operations), Ethereum and most EVM-compatible networks, Solana, Hyperliquid, Cardano, and HyperEVM. Sonar documentation explicitly states support for "most EVM networks" with ongoing expansion—projects should contact support@echo.xyz for specific network availability. This blockchain-agnostic approach contrasts with single-chain launchpads and reflects Echo's infrastructure-layer positioning.

Developer ecosystem centers on Sonar's compliance APIs and integration libraries. Official documentation at docs.echo.xyz provides implementation guides, though no public GitHub repository was found (suggesting proprietary infrastructure). Sonar offers APIs for KYC/KYB verification, US accredited investor checks, sanctions screening, anti-sybil protection, wallet risk assessment, and entity-to-wallet relationship enforcement. The architecture supports flexible sale formats including auctions, options drops, points systems, variable valuations, and commitment request sales—giving founders extensive customization within compliance guardrails.

Community metrics indicate strong engagement despite the private, invite-based model. Echo's Twitter/X account (@echodotxyz) has 119,500+ followers with active announcement cadence. The May 2025 Sonar launch received 569 retweets and 3,700+ views. Platform statistics show 6,104 investment users completing 177 transactions over $5,000, with total capital raised reaching $140M-$200M+ depending on source (Dune Analytics reports $66.6M as of January 2025; Coinbase cites $200M+ by October 2025). The team remains lean at 13 employees, reflecting efficient operations focused on infrastructure over headcount scaling.

Ecosystem projects span leading crypto protocols. The 30+ projects that raised on Echo include: Ethena (synthetic dollar), Monad (high-performance L1), MegaETH (raised $10M in December 2024), Usual Money (stablecoin protocol), Morph (L2 solution), Hyperlane (interoperability), Initia (modular blockchain), Fuel, Solayer, Dawn, Derive, Sphere, OneBalance, Wildcat, and Hoptrail (first UK company to raise on Echo at $5.85M valuation). Plasma used Sonar for its June 2025 XPL public token sale targeting $50M at $500M FDV. These projects represent quality deal flow typically reserved for top-tier VCs, now accessible to community investors on same terms.

The group lead ecosystem includes approximately 80+ active groups led by prominent VCs and crypto investors: Paradigm (where Cobie serves as advisor), Coinbase Ventures, Hack VC, 1kx, dao5, plus individuals like Larry Cermak (CEO of The Block), Marc Zeller (Aave founder), and Path.eth. This concentration of institutional quality leads differentiates Echo from retail-focused launchpads and drives deal flow that sells out in seconds.

Team combines crypto-native credibility with technical execution capability​

Jordan "Cobie" Fish (real name: Jordan Fish) founded Echo in March 2024, bringing exceptional crypto-native credibility and entrepreneurial track record. A British cryptocurrency investor, trader, and influencer with 700,000+ Twitter followers, Cobie previously served as a Monzo Bank executive in product/growth roles, co-founded Lido Finance (a major DeFi liquid staking protocol), and co-hosted the UpOnly podcast with Brian Krogsgard. He graduated from University of Bristol with a Computer Science degree (2013) and began investing in Bitcoin around 2012-2013. His estimated net worth exceeds $100 million. In May 2025, Cobie joined Paradigm as an advisor to support their public market and liquid fund strategies while Paradigm simultaneously opened an Echo group—demonstrating his continued influence across crypto's institutional layer.

Cobie's industry recognition includes CoinDesk's "Most Influential 2022" and Forbes 30 Under 30 mentions. He earned reputation by publicly calling out scams and insider trading, notably exposing Coinbase insider trading in 2022 and documenting the FTX hack in real-time during that exchange's collapse. This track record provides trust capital critical for a platform handling early-stage investments—investors trust Cobie's judgment and operational integrity.

The engineering team draws from Monzo's technical leadership, reflecting Cobie's previous employer connections. Will Demaine (Software Engineer) worked previously at Alba, gm. studio, Monzo Bank, and Fat Llama, holding a BSc in Computer Science from University of Birmingham with skills in C#, Java, PHP, MySQL, and JavaScript. Will Sewell (Platform Engineer) spent 6 years at Pusher working on the Channels product before joining Monzo as a Platform Engineer, where he contributed to Monzo's microservices platform scaling to 2,800+ services. His expertise spans distributed systems, cloud infrastructure, and functional programming (Haskell). Rachael Demaine serves as Operations Manager. Additional team members include James Nicholson though his specific role remains undisclosed.

Team size: Just 13 employees at acquisition, demonstrating exceptional capital efficiency. The company generated $200M+ in deal flow with minimal headcount by focusing on infrastructure and group lead relationships rather than direct sales or marketing. This lean structure maximized value capture—$375M exit divided by 13 employees yields ~$28.8M per employee, among the highest in crypto infrastructure.

Funding history reveals no external venture capital raised prior to acquisition, suggesting Echo was bootstrapped or self-funded by Cobie's personal wealth. The platform's 5% success fee on profitable deals provided revenue from inception, enabling self-sustaining operations. No seed round, Series A, or institutional investors appear in public records. This independence likely provided strategic flexibility—no VC board members pushing for token launches or exit timelines—allowing Echo to execute on founder vision without external pressure.

The $375 million Coinbase acquisition (announced October 20-21, 2025) occurred just 18 months post-launch through a mix of cash and stock subject to customary purchase price adjustments. Coinbase separately spent $25 million to revive Cobie's UpOnly podcast, suggesting strong relationship development prior to acquisition. Post-acquisition, Echo will remain a standalone platform initially with Sonar integrating into Coinbase's ecosystem, likely positioning Cobie in a leadership role within Coinbase's capital formation strategy.

The team's strategic context positions them within crypto's institutional layer. Cobie's dual roles as Echo founder and Paradigm advisor, combined with group leads from Coinbase Ventures, Hack VC, and other top VCs, creates powerful network effects. This concentration of institutional relationships explains Echo's deal flow quality—projects backed by these VCs naturally flow to their Echo groups, creating self-reinforcing cycles where more quality leads attract better deals which attract more followers.

Core product features enable institutional-quality investing for community participants​

Echo's product architecture centers on group-based, on-chain investing that democratizes access while maintaining quality through experienced lead curation. Users join investment groups led by top VCs and crypto investors who share deal opportunities on a deal-by-deal basis. Followers choose which investments to make without mandatory participation, creating flexibility versus traditional fund commitments. All transactions execute fully on-chain using USDC on Base blockchain, eliminating banking friction and enabling instant settlement with transparent, immutable records.

The SPV (Special Purpose Vehicle) structure consolidates multiple investors into single legal entities per deal, solving founders' cap table management nightmares. Instead of managing 100+ individual angels each requiring separate agreements, signatures, and compliance documentation, founders interact with one SPV entity. Hoptrail (first UK company raising on Echo) cited this simplification as a key differentiator—closing their raise in days versus weeks and maintaining clean cap tables. Echo's smart contracts manage asset custody ensuring lead investors never access follower funds directly, preventing potential misappropriation.

Allocation operates on first-come-first-served basis within groups once leads share deals. High-quality opportunities sell out in seconds—MegaETH raised $4.2M in 56 seconds during its first round. This creates urgency and rewards investors who respond quickly, though critics note this favors those constantly monitoring platforms. Group leads set minimum and maximum investment amounts per participant, balancing broad access with deal size requirements.

The embedded wallet service via Privy enables seamless onboarding. Users create non-custodial wallets through email, social login (Twitter/X), or existing wallet connections without managing seed phrases initially. The platform implements two-factor authentication on login, every investment, and all fund transfers, adding security layers beyond standard wallet authentication. Users maintain full custody and can export private keys to any EVM-compatible wallet if choosing to leave Echo's interface.

Sonar's self-hosted sale infrastructure represents Echo's more revolutionary product innovation. Launched May 2025, Sonar enables founders to host public token sales independently without Echo's approval or endorsement. Founders configure compliance requirements based on their jurisdiction—choosing KYC/KYB verification levels, accreditation checks, geographic restrictions, and risk tolerances. The eID Attestation Passport allows investors to verify identity once and participate in unlimited Sonar sales with one-click registration, dramatically reducing friction versus repeated KYC for each project.

Sale format flexibility supports diverse mechanisms: fixed-price allocations, Dutch auctions, options drops, points-based systems, variable valuations, and commitment request sales (launched June 2025). Projects deploy smart contracts validating ECDSA-signed permits from Sonar's compliance API before executing purchases. This architecture enables "1,000 different sales happening simultaneously" across multiple blockchains without Echo serving as central gatekeeper.

Privacy-preserving compliance means Sonar attests investor eligibility without passing personal data to projects. Founders receive cryptographic proof that participants passed KYC, accreditation checks, and jurisdiction requirements but don't access underlying documentation—protecting investor privacy while maintaining compliance. Exceptions exist for court orders or regulatory investigations.

Target users span three constituencies. Investors include sophisticated/accredited individuals globally (subject to jurisdiction), crypto-native angels seeking early-stage exposure, and community members wanting to invest alongside top VCs on identical terms. No minimum portfolio size required, democratizing access beyond wealth-based gatekeeping. Lead investors include established VCs (Paradigm, Coinbase Ventures, Hack VC, 1kx, dao5), prominent crypto figures (Larry Cermak, Marc Zeller), and experienced angels building followings. Leads apply through invitation-based processes prioritizing well-known crypto participants. Founders seeking seed/angel funding who prioritize community alignment, prefer avoiding concentrated VC ownership, and want to construct wider token distributions among crypto-native investors.

Real-world use cases demonstrate product-market fit across project types. Infrastructure protocols like Monad, MegaETH, and Hyperlane raised core development funding. DeFi protocols including Ethena (synthetic dollar), Usual (stablecoin), and Wildcat (lending) secured liquidity and governance distribution. Layer 2 solutions like Morph funded scaling infrastructure. Hoptrail, a traditional crypto business, used Echo to simplify cap table management and close funding in days rather than weeks. The diversity of successful raises—from pure infrastructure to applications to traditional businesses—indicates broad platform utility.

Adoption metrics validate strong traction. As of October 2025: $140M-$200M total raised (sources vary), 340+ completed deals, 9,000+ investors, 6,104 active users, 177 transactions exceeding $5,000, average deal size ~$360K, average 130 participants per deal, average $3,130 investment per user per transaction. Deals with top VC backing fill in seconds while others take hours to days. The platform processed 131 deals in its first 8 months, accelerating to 300+ by month 18.

Competitive positioning: premium access layer between VC exclusivity and public launchpads​

Echo occupies a distinct market position between traditional venture capital and public token launchpads, creating a "premium community access" category that previously didn't exist. This positioning emerged from systematic failures in both incumbent models: VCs concentrating token ownership while retail faces high-FDV-low-float situations, and launchpads suffering from poor quality control, token-gated access requirements, and extractive platform tokenomics.

Primary competitors span multiple categories. Legion operates as a merit-based launchpad incubated by Delphi Labs with backing from cyber•Fund and Alliance DAO. Legion's differentiator lies in its "Legion Score" reputation system tracking on-chain/off-chain activity to determine allocation eligibility—merit-based versus wealth-based or token-gated access. The platform focuses on MiCA compliance (European regulation) and partnered with Kraken. Legion faces similar VC resistance as Echo, with some VCs reportedly blocking portfolio companies from public sales—validating that community fundraising threatens traditional VC gatekeeping power.

CoinList represents the oldest and largest centralized token sale platform, founded 2017 as an AngelList spinout. With 12M+ users globally, CoinList helped launch Solana, Flow, and Filecoin—establishing credibility through successful alumni. The platform implements a "Karma" reputation system rewarding early participation. In January 2025, CoinList partnered with AngelList to launch Crypto SPVs, directly competing with Echo's model. However, CoinList's scale creates quality control challenges; broader retail access reduces average investor sophistication compared to Echo's curated groups.

AngelList invented the syndicate model in 2013 and deployed $5B+ across startup investing, broader than Echo's crypto focus. AngelList serves comprehensive startup ecosystem needs (investing, job boards, fundraising tools) versus Echo's specialized crypto infrastructure. AngelList struggled to launch dedicated crypto products due to token management complexity—the CoinList partnership addresses this gap. However, AngelList's generalist positioning dilutes crypto-native credibility compared to Echo's specialized reputation.

Seedify operates as a decentralized launchpad focused on blockchain gaming, NFTs, Web3, and AI projects. Founded 2021, Seedify launched 60+ projects including Bloktopia (698x ROI) and CryptoMeda (185x ROI). The platform requires $SFUND token staking across 9 tiers to access IDO allocations—creating wealth-based gatekeeping that contradicts democratization rhetoric. Higher tiers demand substantial capital lockup, favoring wealthy participants. Seedify's gaming/NFT specialization differentiates from Echo's broader crypto infrastructure focus.

Republic provides equity crowdfunding for accredited and non-accredited investors across startups, Web3, fintech, and deep tech. Republic's $1B venture arm and $120M+ token platform demonstrate scale, with recent expansion into crypto-focused funds ($700M target). Republic's advantage lies in non-accredited investor access and comprehensive ecosystem beyond crypto. However, broader focus reduces crypto-native specialization versus Echo's pure-play positioning.

PolkaStarter operates as a multi-chain decentralized launchpad with POLS token required for accessing private pools. Originally Polkadot-focused, PolkaStarter expanded to support multiple chains with creative auction mechanisms and password-protected pools. Staking rewards provide additional incentives. Like Seedify, PolkaStarter's token-gated model contradicts democratization goals—participants must buy and stake POLS tokens to access deals.

Echo's competitive advantages cluster around ten core differentiators. On-chain native infrastructure using USDC eliminates banking friction; traditional platforms struggle with token management complexity. Aligned incentives through 5% success fees and mandatory lead co-investment on same terms contrasts with platforms charging regardless of outcomes. SPV structure creates single cap table entries versus managing dozens of individual investors, dramatically reducing founder operational burden. Privacy and confidentiality via private groups without public marketing protects founder information—CoinList/Seedify's public sales create speculation divorced from fundamentals.

Access to top-tier deal flow through 80+ groups led by Paradigm, Coinbase Ventures, and other premier VCs differentiates Echo from retail-focused platforms. Community investors access same terms as institutions—same price, vesting, lock-ups—eliminating traditional VC preferential treatment. Democratization without token requirements avoids wealth-based or token-gated barriers; Seedify/PolkaStarter require expensive staking while Legion uses reputation scores. Speed of execution via on-chain infrastructure enables instant settlement; MegaETH raised $4.2M in 56 seconds while traditional platforms take weeks.

Crypto-native focus provides specialization advantages over generalist platforms like AngelList/Republic adapting from equity models. Echo's infrastructure purpose-built for crypto enables better UX, USDC funding, and smart contract integration. Regulatory compliance at scale via Sumsub enterprise KYC handles jurisdiction-based eligibility globally while maintaining compliance. Community-first philosophy driven by Cobie's 700K+ Twitter following and respected crypto voice creates trust and engagement—transparent communication about challenges (e.g., January 2025 public criticism of VCs blocking community sales) builds credibility versus corporate launchpad messaging.

Market positioning evolution demonstrates platform maturation. Early 2025 saw reported VC "hostility" toward community sales; mid-2025 witnessed top VCs (Paradigm, Coinbase Ventures, Hack VC) joining as group leads; October 2025 culminated in Coinbase's $375M acquisition. This trajectory shows Echo moved from challenger to established infrastructure layer that VCs now embrace rather than resist.

Network effects create growing competitive moat: more quality leads attract better deals which attract more followers which incentivizes more quality leads. Cobie's reputation capital provides trust anchor—investors believe he'll maintain quality standards and operational integrity. Infrastructure lock-in emerges as VCs and founders adopt platform workflows; switching costs increase with integration depth. Transaction history provides unique insights into deal quality and investor behavior, creating data advantages competitors lack.

Recent developments culminated in Coinbase acquisition and Sonar product launch​

The period from May 2025 through October 2025 witnessed rapid product innovation and strategic developments culminating in Echo's acquisition. May 27, 2025 marked Sonar's launch—a revolutionary self-hosted public token sale infrastructure enabling founders to deploy compliant token sales independently across Hyperliquid, Base, Solana, Cardano, and other blockchains without Echo's approval. Sonar's configurable compliance engine allows founders to set regional restrictions, KYC requirements, and accreditation checks based on jurisdiction, supporting flexible sale formats including auctions, options drops, points systems, and variable valuations.

March 13, 2025 established strategic Coinbase alignment when Coinbase Ventures became a Group Lead launching the "Base Ecosystem Group" to fund startups building on Base blockchain. This partnership enabled Coinbase Ventures to deploy capital from its Base Ecosystem Fund (which invested in 40+ projects) while democratizing access for Base community members. The move signaled deep strategic relationship months before acquisition discussions likely began.

June 21, 2025 saw Echo introduce Commitment Request Sale functionality, expanding sale format options beyond fixed allocations. This feature allows projects to gauge community demand before finalizing sale terms—particularly valuable for determining optimal pricing and allocation structures. August 12, 2025 witnessed Echo's first UK deal with Hoptrail raising at $5.85M valuation with 40+ high-net-worth crypto investors led by Path.eth, demonstrating geographic expansion beyond US-centric crypto markets.

October 16, 2025 brought news of a Monad airdrop for Echo platform users, rewarding early investors who participated through the platform. This precedent suggests projects may increasingly use Echo participation history as eligibility criteria for future token distributions—creating additional investor incentives beyond direct returns.

The October 21, 2025 Coinbase acquisition represents the defining strategic milestone. Coinbase acquired Echo for approximately $375 million (mix of cash and stock subject to customary purchase price adjustments) in its 8th acquisition of 2025. Cobie reflected on the journey: "I started Echo 2 years ago with a 95% chance of failing, but it became a noble failure worth attempting" that ultimately succeeded. Post-acquisition, Echo will remain a standalone platform under current branding initially while Sonar integrates into Coinbase's ecosystem, likely in early 2026.

Product milestones demonstrate exceptional execution. Platform statistics show over $200 million facilitated across 300+ completed deals since March 2024 launch—achieving this scale in just 18 months. Assets under management exceeded $100M by April 2025. MegaETH's December 2024 fundraise set records with $10M total raised split into rounds of $4.2M in 56 seconds and $5.8M in 75 seconds, validating platform liquidity and investor demand. Plasma's June 2025 XPL token sale using Sonar infrastructure demonstrated public sale product-market fit, selling 10% of supply at $500M fully diluted valuation with support for multiple stablecoins (USDT/USDC/USDS/DAI).

Technical infrastructure achieved key milestones including embedded wallet service integration via Privy for seamless authentication, eID Attestation Passport enabling one-click registration across Sonar sales, and configurable compliance tools for jurisdiction-specific requirements. The platform onboarded 30+ major crypto projects including Ethena, Monad, Morph, Usual, Hyperlane, Dawn, Initia, Fuel, Solayer, and others—validating quality deal flow and founder satisfaction.

Roadmap and future plans focus on three expansion vectors. Near-term (early 2026): Integrate Sonar into Coinbase platform, providing retail users direct access to early-stage token drops through Coinbase's trusted infrastructure. This integration represents Coinbase's primary acquisition rationale—completing its capital formation stack from token creation (LiquiFi acquisition, July 2025) through fundraising (Echo) to secondary trading (Coinbase exchange). Medium-term: Expand support to tokenized securities beyond crypto tokens, pending regulatory approvals. This move positions Echo/Coinbase for regulated security token offerings as frameworks mature. Long-term: Support real-world asset (RWA) tokenization and fundraising, enabling traditional assets like bonds, equities, and real estate to leverage blockchain-native capital formation infrastructure.

Strategic vision aligns with Coinbase's ambition to build the "Nasdaq of crypto"—a comprehensive onchain capital formation hub where projects can launch tokens, raise capital, list for trading, build community, and scale. Coinbase CEO Brian Armstrong and other executives view Echo as completing their full-stack solution spanning all capital market stages. Echo will remain standalone initially with eventual integration of "new ways for founders to access investors, and for investors to access opportunities" directly through Coinbase, per founder Cobie's statements.

Upcoming features include enhanced founder tools for accessing Coinbase's investor pools, expanded compliance and configuration options for diverse regulatory jurisdictions, and potential extensions supporting tokenized securities and RWA fundraising as regulatory clarity improves. The integration timeline suggests Sonar-Coinbase connectivity by early 2026 with subsequent expansions rolling out through 2026 and beyond.

Critical risks span regulatory uncertainty, market dependency, and competition intensity​

Regulatory risks dominate Echo's threat landscape. Securities laws vary dramatically by jurisdiction with US regulations particularly complex—determining whether token sales constitute securities offerings depends on asset-specific analysis under Howey test criteria. Echo structures private sales using SPVs and Regulation D exemptions while Sonar enables public sales with configurable compliance, but regulatory interpretations evolve unpredictably. The SEC's aggressive enforcement posture toward crypto platforms creates existential risk; a determination that Echo facilitated unregistered securities offerings could trigger enforcement actions, fines, or operational restrictions. International regulatory fragmentation compounds complexity—MiCA in Europe, diverse Asian approaches, and varying national frameworks require jurisdiction-specific compliance infrastructure. Echo's jurisdiction-based eligibility system mitigates this partially, but regulatory shifts could abruptly close major markets.

The self-hosted Sonar model introduces particular regulatory exposure. By enabling founders to deploy public token sales independently, Echo risks being deemed responsible for sales it doesn't directly control—similar to how Bitcoin developers face questions about network use for illicit activities despite not controlling transactions. If regulators determine Echo bears responsibility for compliance failures in self-hosted sales, the entire Sonar model faces jeopardy. Conversely, overly restrictive compliance requirements could make Sonar uncompetitive versus less compliant alternatives, pushing projects to offshore or decentralized platforms.

Market dependency risks reflect crypto's notorious volatility. Bear markets drastically reduce fundraising activity as project valuations compress and investor appetite evaporates. Echo's 5% success fee model creates pronounced revenue sensitivity to market conditions—no successful exits means zero revenue. The 2022-2023 crypto winter demonstrated that capital formation can drop 80-90% during extended downturns. While Echo launched during a recovery phase, a severe bear market could slash deal flow to unsustainable levels. Platform economics amplify this risk: with just 13 employees at acquisition, Echo maintained operational efficiency, but even lean structures require minimum revenue to sustain. Extended zero-revenue periods could force restructuring or strategic pivots.

Token performance correlation creates additional market risk. If tokens acquired through Echo consistently underperform, reputation damage could erode user trust and participation. Unlike traditional VC funds with diversified portfolios and patient capital, retail investors may react emotionally to early losses, creating platform attribution even when broader market conditions caused declines. Lock-up expirations for seed-stage tokens often trigger price crashes when early investors sell, potentially damaging Echo's association with "successful" projects that subsequently collapse.

Competitive risks intensify as crypto capital formation attracts multiple players. CoinList's AngelList partnership directly targets Echo's SPV model with established platforms and massive user bases (CoinList: 12M+ users). Legion's merit-based approach appeals to fairness narratives, potentially attracting projects uncomfortable with wealth-based group lead models. Traditional finance entry poses existential threats—if major investment banks or brokerage platforms launch compliant crypto fundraising products, their regulatory relationships and established investor bases could overwhelm crypto-native startups. Coinbase ownership mitigates this risk but also reduces Echo's independence and agility.

VC conflicts emerged visibly in January 2025 when reports indicated some VCs pressured portfolio companies against conducting public community sales, viewing these as dilutive to VC returns or preferential terms. While top VCs subsequently joined Echo as group leads, structural tension remains: VCs profit from concentration and information asymmetry while community platforms profit from democratization and transparency. If major VCs systematically block portfolio companies from using Echo/Sonar, deal flow quality degrades. The Coinbase acquisition partially resolves this—Coinbase Ventures' participation signals institutional acceptance—but doesn't eliminate underlying conflicts.

Technical risks include smart contract vulnerabilities, wallet security breaches, and infrastructure failures. While Echo uses audited third-party components (Privy, Veda) and established blockchains (Base/Ethereum), the attack surface grows with scale. Custody model creates particular sensitivity: although non-custodial via Shamir Secret Sharing and TEEs, any successful attack compromising user funds would devastate trust regardless of technical sophistication of security measures. KYC data breaches pose separate risks—Sumsub manages sensitive identity documentation that could expose thousands of users if compromised, creating legal liability and reputation damage.

Operational risks center on group lead quality and behavior. Echo's model depends on lead investors maintaining integrity—sharing quality deals, accurately representing terms, and prioritizing follower returns. Conflicts of interest could emerge if leads share deals where they hold material positions benefiting from community liquidity, or if they prioritize deals offering them advantageous terms unavailable to followers. Echo's "same terms" requirement mitigates this partially, but verification challenges remain. Lead reputation damage—if prominent leads face controversies, scandals, or regulatory issues—could taint associated groups and platform credibility.

Scalability challenges accompany growth. With 80+ groups and 300+ deals, Echo maintained quality control through invite-based models and Cobie's direct involvement. Scaling to 1,000+ simultaneous Sonar sales strains compliance infrastructure, customer support, and quality assurance systems. As Echo transitions from startup to Coinbase division, cultural shifts and bureaucratic processes could slow innovation pace or dilute the crypto-native ethos that drove early success.

Acquisition integration risks are substantial. Coinbase's acquisition history shows mixed results—some products thrive under corporate infrastructure while others stagnate or shut down. Cultural mismatches between Echo's lean, crypto-native, founder-driven culture and Coinbase's publicly-traded, compliance-heavy, process-oriented structure could create friction. If key personnel depart post-acquisition (particularly Cobie) or if Coinbase prioritizes other strategic initiatives, Echo could lose momentum. Regulatory complexity increases under public company ownership—Coinbase faces SEC scrutiny, potentially constraining Echo's experimental approaches or forcing conservative compliance interpretations that reduce competitiveness.

Overall assessment: Echo validated community capital formation, now faces execution challenges​

Strengths concentrate in four core areas. Platform-market fit is exceptional: $200M+ raised across 300+ deals in 18 months with $375M acquisition validates demand for democratized early-stage crypto investing. Aligned incentive structures—5% success fees, mandatory lead co-investment, same-terms requirements—create genuine commitment to user returns versus extractive platform tokenomics. Technical infrastructure balancing non-custodial security (Shamir Secret Sharing, TEEs) with seamless UX demonstrates sophisticated engineering. Strategic positioning between exclusive VC access and public launchpads filled a genuine market gap; the Coinbase acquisition provides distribution, capital, and regulatory resources to scale. Founder credibility through Cobie's reputation, Lido co-founder status, and 700K+ following creates trust anchor essential for handling early-stage capital.

Weaknesses cluster around centralization and regulatory exposure. Despite blockchain infrastructure, Echo operates with centralized governance through Gm Echo Manager Ltd (now Coinbase-owned) without token-based voting or DAO structures. This contradicts crypto's decentralization ethos while creating single points of failure. Regulatory vulnerability is acute—securities law ambiguity could trigger enforcement actions jeopardizing platform operations. The invite-based group lead model creates gatekeeping that contradicts full democratization rhetoric; access still depends on connections to established VCs and crypto figures. Limited geographic expansion reflects regulatory complexity; Echo primarily served crypto-native jurisdictions rather than mainstream markets.

Opportunities emerge from Coinbase integration and market trends. Sonar-Coinbase integration provides access to millions of retail users and established compliance infrastructure, dramatically expanding addressable market beyond crypto-native early adopters. Tokenized securities and RWA support positions Echo for traditional asset onchain migration as regulatory frameworks mature—potentially 100x larger market than pure crypto fundraising. International expansion becomes feasible with Coinbase's regulatory relationships and global exchange presence. Network effects strengthen as more quality leads attract better deals attracting more followers, creating self-reinforcing growth. Bear market opportunities allow consolidation if competitors like Legion or CoinList struggle while Echo leverages Coinbase resources to maintain operations.

Threats primarily stem from regulatory and competitive dynamics. SEC enforcement against unregistered securities offerings represents existential risk requiring constant compliance vigilance. VC gatekeeping could resume if institutional investors systematically block portfolio companies from community raises, degrading deal flow quality. Competitive platforms (CoinList, AngelList, Legion, traditional finance entrants) target identical market with varied approaches—some may achieve superior product-market fit or regulatory positioning. Market crashes eliminate fundraising appetite and revenue generation. Integration failures with Coinbase could dilute Echo's culture, slow innovation, or create bureaucratic barriers reducing agility.

As a web3 project assessment, Echo represents atypical positioning—more infrastructure platform than DeFi protocol, with tokenless business model contradicting most web3 norms. This positions Echo as crypto-native infrastructure serving the ecosystem rather than extractive protocol seeking token speculation. The approach aligns with crypto's stated values (transparency, user sovereignty, democratized access) better than many tokenized protocols that prioritize founder/VC enrichment. However, centralized governance and Coinbase ownership raise questions about genuine decentralization commitment versus strategic positioning within crypto markets.

Investment perspective (hypothetical since acquisition completed) suggests Echo validated a genuine need—democratizing early-stage crypto investing—with excellent execution and strategic outcome. The $375M exit in 18 months represents exceptional return for any participants, validating founder vision and operational execution. Risk-reward was highly favorable pre-acquisition; post-acquisition value depends on successful Coinbase integration and market expansion execution.

Broader ecosystem impact: Echo demonstrated that community capital formation can coexist with institutional investing rather than replacing it, creating complementary models where VCs and retail investors co-invest on same terms. The platform proved blockchain-native infrastructure enables superior UX and economics versus adapted equity models. Sonar's self-hosted sale approach with compliance-as-a-service represents genuinely innovative architecture that could reshape how token sales operate industry-wide. If Coinbase successfully integrates and scales Echo, the model could become standard infrastructure for onchain capital formation—realizing the vision of transparent, accessible, efficient capital markets that drove blockchain adoption narratives.

Critical success factors ahead: maintaining quality deal flow as scale increases, executing Sonar-Coinbase integration without cultural dilution, expanding to tokenized securities and RWAs without regulatory mishaps, preserving founder involvement and crypto-native culture under corporate ownership, and navigating inevitable bear market pressure with Coinbase resources enabling survival where competitors fail. Echo's next 18 months determine whether the platform becomes foundational infrastructure for onchain capital markets or a successful but contained Coinbase division serving niche markets.

The evidence suggests Echo solved real problems with genuine innovation, achieved remarkable traction validating product-market fit, and secured strategic ownership enabling long-term scaling. Risks remain substantial—particularly regulatory and integration challenges—but the platform demonstrated that democratized, blockchain-native capital formation represents viable infrastructure for crypto's maturation from speculative trading to productive capital allocation.

Coinbase's 2025 Investment Blueprint: Strategic Patterns and Builder Opportunities

¡ 25 min read
Dora Noda
Software Engineer

Coinbase deployed an unprecedented $3.3+ billion across 34+ investments and acquisitions in 2025, revealing a clear strategic roadmap for where crypto's largest regulated exchange sees the future. This analysis decodes those bets into actionable opportunities for web3 builders.

The "everything exchange" thesis drives massive capital deployment​

Coinbase's 2025 investment strategy centers on becoming a one-stop financial platform where users can trade anything, earn yield, make payments, and access DeFi—all with regulatory compliance as a competitive moat. CEO Brian Armstrong's vision: "Everything you want to trade, in a one-stop shop, on-chain." The company executed 9 acquisitions worth $3.3B (versus just 3 in all of 2024), while Coinbase Ventures deployed capital across 25+ portfolio companies. The $2.9B Deribit acquisition—crypto's largest deal ever—made Coinbase the global derivatives leader overnight, while the $375M Echo purchase positions them as a Binance-style launchpad for token fundraising. This isn't incremental expansion; it's an aggressive land grab across the entire crypto value chain.

The pace accelerated dramatically post-regulatory clarity. With the SEC lawsuit dismissed in February 2025 and a pro-crypto administration in place, Coinbase executives explicitly stated "regulatory clarity allows us to take bigger swings." This confidence shows in their acquisition strategy: nearly one deal per month in 2025, with CEO Brian Armstrong confirming "we are always looking at M&A opportunities" and specifically eyeing "international opportunities" to compete with Binance's global dominance. The company ended Q1 2025 with $9.9B in USD resources, providing substantial dry powder for continued dealmaking.

Five fortune-making themes emerge from the investment data​

Theme 1: AI agents need crypto payment rails (highest conviction signal)​

The convergence of AI and crypto represents Coinbase's single strongest investment theme across both corporate M&A and Coinbase Ventures. This isn't speculative—it's infrastructure for an emerging reality. Coinbase Ventures invested in Catena Labs ($18M), building the first regulated AI-native financial institution with an "Agent Commerce Kit" for AI agent identity and payments, co-founded by Circle's Sean Neville (USDC creator). They backed OpenMind ($20M) to connect "all thinking machines" through decentralized coordination, and funded Billy Bets (AI sports betting agent), Remix (AI-native gaming platform with 570,000+ players), and Yupp ($33M, a16z-led with Coinbase participation).

Strategically, Coinbase partnered with Google on stablecoin payments for AI applications (September 2025), and deployed AgentKit—a toolkit enabling AI agents to handle crypto payments through natural language interfaces. Armstrong reports 40% of Coinbase's daily code is now AI-generated, with a target exceeding 50%, and the company fired engineers who refused to use AI coding assistants. This isn't just investment thesis talk; they're operationally committed to AI as foundational technology.

Builder opportunity: Create middleware for AI agent transactions—think Stripe for AI agents. The gap exists between AI agents that need to transact (OpenAI's o1 wants to order groceries, Claude wants to book travel) and payment rails that verify agent identity, handle micropayments, and provide compliance. Build infrastructure for agent-to-agent commerce, AI agent wallets with smart permissions, or agent payment orchestration systems. Catena's $18M seed validates this market, but there's room for specialized solutions (B2B AI payments, agent expense management, AI subscription billing).

Theme 2: Stablecoin payment infrastructure is the $5B+ opportunity​

Coinbase made stablecoin payments infrastructure their top strategic priority for 2025, evidenced by Paradigm's Tempo blockchain raising $500M at a $5B valuation (joint incubation with Stripe), signaling institutional validation for this thesis. Coinbase Ventures invested heavily: Ubyx ($10M) for stablecoin clearing systems, Mesh (additional Series B funding, powering PayPal's "Pay with Crypto"), Zar ($7M) for cash-to-stablecoin exchanges in emerging markets, and Rain ($24.5M) for stablecoin-powered credit cards.

Coinbase executed strategic partnerships with Shopify (USDC payments to millions of merchants globally on Base), PayPal (PYUSD 1:1 conversions with zero platform fees), and JPMorgan Chase (80M+ customers able to fund Coinbase accounts with Chase cards, redeem Ultimate Rewards points for crypto in 2026). They launched Coinbase Payments with gasless stablecoin checkout and an open-source Commerce Payments Protocol handling refunds, escrow, and delayed capture—solving e-commerce complexities that prevented merchant adoption.

The strategic rationale is clear: $289B in stablecoins circulate globally (up from $205B at year start), with a16z reporting $46T in transaction volume ($9T adjusted) and 87% year-over-year growth. Armstrong predicts stablecoins will become "the money rail of the internet," and Coinbase is positioning Base as that infrastructure layer. The PNC partnership allows 7th-largest US bank customers to buy/sell crypto through bank accounts, while the JPMorgan partnership is even more significant—it's the first major credit card rewards program with crypto redemption.

Builder opportunity: Build stablecoin payment widgets for niche verticals. While Coinbase handles broad infrastructure, opportunities exist in specialized use cases: creator subscription billing in USDC (challenge Patreon/Substack with 24/7 instant settlement, no 30% fees), B2B invoice payments with smart contract escrow for international transactions (challenge Payoneer/Wise), gig economy payroll systems for instant contractor payments (challenge Deel/Remote), or emerging market remittance corridors with cash-in/cash-out points like Zar but focused on specific corridors (Philippines, Mexico, Nigeria). The key is vertical-specific UX that abstracts crypto complexity while leveraging stablecoin speed and cost advantages.

Theme 3: Base ecosystem = the new platform play (200M users, $300M+ deployed)​

Coinbase is building Base into crypto's dominant application platform, mirroring Apple's iOS or Google's Android strategies. The network reached 200M users approaching, $5-8B TVL (grew 118% YTD), 600k-800k daily active addresses, and 38M monthly active addresses representing 60%+ of total L2 activity. This isn't just infrastructure—it's an ecosystem land grab for developer mindshare and application distribution.

Coinbase deployed substantial capital: $40+ teams funded through the Base Ecosystem Fund (moving to Echo.xyz for onchain investing), the Echo acquisition ($375M) to create a Binance-style launchpad for Base projects, and Liquifi acquisition for token cap table management completing the full token lifecycle (creation → fundraising → secondary trading on Coinbase). Coinbase Ventures specifically funded Base-native projects: Limitless ($17M total, prediction markets with $500M+ volume), Legion ($5M, Base Chain launchpad), Towns Protocol ($3.3M via Echo, first public Echo investment), o1.exchange ($4.2M), and integrated Remix (AI gaming platform) into Coinbase Wallet.

Strategic initiatives include the Spindl acquisition (on-chain advertising platform founded by Facebook's former ads architect) to solve the "onchain discovery problem" for Base builders, and exploring a Base network token for decentralization (confirmed by Armstrong at BaseCamp 2025). The rebranding of Coinbase Wallet to "Base App" signals this shift—it's now an all-in-one platform combining social networking, payments, trading, and DeFi access. Coinbase also launched Coinbase One Member Benefits with $1M+ distributed in onchain rewards through partnerships with Aerodrome, PancakeSwap, Zora, Morpho, OpenSea, and others.

Builder opportunity: Build consumer applications exclusively on Base with confidence in distribution and liquidity. The pattern is clear: Base-native projects receive preferential treatment (Echo investments, Ventures funding, platform promotion). Specific opportunities: social-fi applications leveraging Base's low fees and Coinbase's user base (Towns Protocol validates this with $3.3M), prediction markets (Limitless hit $500M volume quickly, showing product-market fit), onchain gaming with instant microtransactions (Remix's 17M+ plays proves engagement), creator monetization tools (tipping, subscriptions, NFT memberships), or DeFi protocols solving mainstream use cases (simplified yield, automated portfolio management). Use AgentKit for AI integration, tap Spindl for user acquisition once available, and apply to the Base Ecosystem Fund for early capital.

Theme 4: Token lifecycle infrastructure captures massive value​

Coinbase assembled a complete token lifecycle platform through strategic acquisitions, positioning to compete directly with Binance and OKX launchpads while maintaining regulatory compliance as differentiation. The Echo acquisition ($375M) provides early-stage token fundraising and capital formation, Liquifi handles cap table management, vesting schedules, and tax withholdings (customers include Uniswap Foundation, OP Labs, Ethena, Zora), and Coinbase's existing exchange provides secondary trading and liquidity. This vertical integration creates powerful network effects: projects use Liquifi for cap tables, raise on Echo, list on Coinbase.

The strategic timing is significant. Coinbase executives stated the Liquifi acquisition was "enabled by regulatory clarity under Trump administration." This suggests compliant token infrastructure is a major opportunity as the US regulatory environment becomes more favorable. Liquifi's existing customers—the who's who of crypto protocols—validate the compliance-first approach for token management. Meanwhile, Echo's founder Jordan "Cobie" Fish expressed surprise at the acquisition: "I definitely didn't expect Echo to be sold to Coinbase, but here we are"—suggesting Coinbase is actively acquiring strategic assets before competitors recognize their value.

Builder opportunity: Build specialized tooling for compliant token launches. While Coinbase owns the full stack, opportunities exist in: regulatory compliance automation (cap table + SEC reporting integration, Form D filings for Reg D offerings, accredited investor verification APIs), token vesting contract templates with legal frameworks (cliff/vesting schedules, secondary sale restrictions, tax optimization), token launch analytics (holder concentration tracking, vesting cliffs visualization, distribution dashboards), or secondary market infrastructure for venture-backed tokens (OTC desks for locked tokens, liquidity before TGE). The key insight: regulatory clarity creates opportunities for compliance as a feature, not a burden.

Theme 5: Derivatives and prediction markets = the trillion-dollar bet​

Coinbase made derivatives their largest single investment category, spending $2.9B to acquire Deribit—making them the global leader in crypto derivatives by open interest and options volume overnight. Deribit processes $1+ trillion annual volume, maintains $60B+ open interest, and delivers positive Adjusted EBITDA consistently. This wasn't just scale acquisition; it was revenue diversification. Options trading is "less cyclical" (used for risk management in all markets), provides institutional access globally, and generated $30M+ transaction revenue in July 2025 alone.

Supporting this thesis, Coinbase acquired Opyn's leadership team (first DeFi options protocol, invented Power Perpetuals and Squeeth) to accelerate Verified Pools development on Base, and invested in prediction markets heavily: Limitless ($17M total, $500M+ volume, 25x volume growth Aug-Sep on Base) and The Clearing Company ($15M, founded by former Polymarket and Kalshi staff, building "onchain, permissionless and regulated" prediction markets). The pattern reveals sophisticated financial instruments onchain are the next growth vertical as crypto matures beyond spot trading.

CEO Brian Armstrong specifically noted that derivatives make revenue "less cyclical" and the company has "large balance sheet that can be put to use" for continued M&A. With the Deribit deal complete, Coinbase now offers the complete derivatives suite: spot, futures, perpetuals, options—positioning to capture institutional flows and sophisticated trader revenue globally.

Builder opportunity: Build prediction market infrastructure and applications for specific verticals. Limitless and The Clearing Company validate the market, but opportunities exist in: sports betting with full on-chain transparency (Billy Bets got Coinbase Ventures backing), political prediction markets compliant with CFTC (now that regulatory clarity exists), enterprise forecasting tools (internal prediction markets for companies, supply chain forecasting), binary options for micro-timeframes (Limitless shows demand for minutes/hours predictions), or parametric insurance built on prediction market primitives (weather derivatives, crop insurance). The key is regulatory-compliant design—Opyn settled with CFTC for $250K in 2023, and that compliance experience was viewed as an asset by Coinbase when acquiring the team.

What Coinbase is NOT investing in (the revealing gaps)​

Analyzing what's absent from Coinbase's 2025 portfolio reveals strategic constraints and potential contrarian opportunities. No investments in: (1) New L1 blockchains (exception: Subzero Labs, Paradigm's Tempo)—consolidation is expected, with focus on Ethereum L2s and Solana; (2) DeFi speculation protocols (yield farming, algorithmic stablecoins)—they want "sustainable business models" per leadership; (3) Metaverse/Web3 social experiments (exception: practical applications like Remix gaming)—the 2021 narrative is dead; (4) Privacy coins (exception: privacy infrastructure like Iron Fish team, Inco)—they differentiate compliant privacy features from anonymous cryptocurrencies; (5) DAO tooling broadly (exception: prediction markets with DAO components)—governance infrastructure isn't a priority.

The speculative DeFi gap is most notable. While Coinbase acquired Sensible's founders (DeFi yield platform) to "bring DeFi directly into Coinbase experience," they avoided algorithmic stablecoin protocols, high-APY farms, or complex derivative instruments that might attract regulatory scrutiny. This suggests builders should focus on DeFi with clear utility (payments, savings, insurance) rather than DeFi for speculation (leveraged yield farming, exotic derivatives on memecoins). The Sensible acquisition specifically valued their "why rather than how" approach—background automation for mainstream users, not 200% APY promises.

The metaverse absence also signals market reality. Despite Meta's continued investment and crypto's historical connection to virtual worlds, Coinbase isn't funding metaverse infrastructure or experiences. The closest investment is Remix (AI-native gaming with 17M+ plays), which is casual mobile gaming, not immersive VR. This suggests gaming opportunities exist in accessible, viral formats (Telegram mini-games, browser-based multiplayer, AI-generated games) rather than expensive 3D metaverse platforms.

Contrarian opportunity: The gaps reveal potential for highly differentiated plays. If you're building privacy-first applications, you could tap growing demand (Coinbase added Iron Fish team for private transactions on Base) while major competitors avoid the space due to regulatory concerns. If you're building DAO infrastructure, the lack of competition means clearer path to dominance—a16z mentioned "DUNA legal framework for DAOs" as a 2025 big idea but limited capital is flowing there. If you're building sustainable DeFi (real yield from productive assets, not ponzinomics), you differentiate from 2021's failed experiments while addressing genuine financial needs.

Competitive positioning reveals strategic differentiation​

Analyzing Coinbase against a16z crypto, Paradigm, and Binance Labs reveals clear strategic moats and whitespace opportunities. All three competitors converge on the same themes—AI x crypto, stablecoin infrastructure, infrastructure maturation—but with different approaches and advantages.

a16z crypto ($7.6B AUM, 169 projects) leads in policy influence and content creation, publishing the authoritative "State of Crypto" report and "7 Big Ideas for 2025." Their major 2025 investments include Jito ($50M, Solana MEV and liquid staking), Catena Labs (co-invested with Coinbase), and Azra Games ($42.7M, GameFi). Their thesis emphasizes stablecoins as killer app ($46T transaction volume, 87% YoY growth), institutional adoption, and Solana momentum (builder interest up 78% in 2 years). Their competitive edge: long-term capital (10+ year holds), 607x retail ROI track record, and regulatory advocacy shaping policy.

Paradigm ($850M third fund) differentiates through building capability—they're not just investors but builders. The Tempo blockchain ($500M Series A at $5B valuation, joint incubation with Stripe) exemplifies this: Paradigm co-founder Matt Huang is leading a payments-focused L1 with design partners including OpenAI, Shopify, Visa, Deutsche Bank, Revolut, Anthropic. They also invested $50M in Nous Research (decentralized AI training on Solana) at $1B valuation. Their edge: elite research capability, founder-friendly reputation, and willingness to incubate (Tempo is rare exception to investor-only model).

Binance Labs (46 investments in 2024, continuing 2025 momentum) operates with high volume + exchange integration strategy. Their portfolio includes 10 DeFi projects, 7 AI projects, 7 Bitcoin ecosystem projects, and they're pioneering DeSci/biotech (BIO Protocol). They're rebranding to YZi Labs with former Binance CEO CZ (Changpeng Zhao) returning to advisory/leadership role post-prison release. Their edge: global reach (not U.S.-centric), exchange liquidity, and high volume of smaller checks (pre-seed to seed focus).

Coinbase's differentiation: (1) Regulatory compliance as moat—partnerships with JPMorgan, PNC impossible for offshore competitors; (2) Vertical integration—owning exchange + L2 + wallet + ventures creates powerful distribution; (3) Base ecosystem platform effects—200M users gives portfolio companies immediate market access; (4) Traditional finance bridges—Shopify, PayPal, JPMorgan partnerships position crypto as complement to fiat, not replacement.

Builder positioning: If you're building compliant-by-design products, Coinbase is your strategic partner (they value regulatory clarity and can't invest in offshore experiments). If you're building experimental/edge tech without clear regulatory path, target a16z or Binance Labs. If you need deep technical partnership and incubation, approach Paradigm (but expect high bar). If you need immediate liquidity and exchange listing, Binance Labs offers clearest path. If you need mainstream user distribution, Coinbase's Base ecosystem and wallet integration provides unmatched access.

Seven actionable strategies for web3 builders in 2025-2026​

Strategy 1: Build on Base with AI integration (highest probability path)​

Deploy consumer applications on Base that leverage AgentKit for AI capabilities and apply to the Base Ecosystem Fund via Echo.xyz for early capital. The formula that's working: prediction markets (Limitless: $17M raised, $500M volume), social-fi (Towns Protocol: $3.3M via Echo), AI-native gaming (Remix: 17M+ plays, Coinbase Wallet integration). Use Base's low fees (gasless transactions for users), Coinbase's distribution (promote through Base App), and ecosystem partnerships (Aerodrome for liquidity, Spindl for user acquisition once available).

Concrete action plan: (1) Build MVP on Base testnet leveraging Commerce Payments Protocol for payments or AgentKit for AI features; (2) Generate traction metrics (Limitless had $250M+ volume shortly after launch, Remix had 570K+ players)—Coinbase invests in proven product-market fit, not concepts; (3) Apply to Base Ecosystem Fund grants (1-5 ETH for early-stage); (4) Once traction is proven, apply for Coinbase Ventures investment via Echo (Towns Protocol got $3.3M as first public Echo investment); (5) Integrate with Coinbase One Member Benefits program for user acquisition.

Risk mitigation: Base is Coinbase-controlled (centralization risk), but the ecosystem is growing 118% YTD and approaching 200M users—the network effects are real. If Base fails, the broader crypto market likely fails, so building here is betting on crypto's success generally. The key is building portable smart contracts that could migrate to other EVM L2s if needed.

Strategy 2: Create AI agent payment middleware (frontier opportunity)​

Build infrastructure for AI agent commerce focusing on agent identity, payment verification, micropayment handling, and compliance. The gap: AI agents can reason but can't transact reliably at scale. Catena Labs ($18M) is building regulated financial institution for agents, but opportunities exist in: agent payment orchestration (routing between chains, gas abstraction, batching), agent identity verification (proof this agent represents a legitimate entity), agent expense management (budgets, approvals, audit trails), agent-to-agent invoicing (B2B commerce between autonomous agents).

Concrete action plan: (1) Identify a niche vertical where AI agents need transactional capability immediately—customer service agents booking refunds, research agents purchasing data, social media agents tipping content, or trading agents executing orders; (2) Build minimal SDK that solves one painful integration (e.g., "give your AI agent a wallet with permission controls in 3 lines of code"); (3) Partner with AI platforms (OpenAI plugins, Anthropic integrations, Hugging Face) for distribution; (4) Target $18M seed round following Catena Labs' precedent, pitching to Coinbase Ventures, a16z crypto, Paradigm (all invested in AI x crypto heavily).

Market timing: Google partnered with Coinbase on stablecoin payments for AI applications (September 2025), validating this trend is now, not future speculation. OpenAI's o1 model demonstrates reasoning capability that will soon extend to transactional actions. Coinbase reports 40% of code is AI-generated—agents are already economically productive and need payment rails.

Strategy 3: Launch vertical-specific stablecoin payment applications (proven demand)​

Build Stripe-like payment infrastructure for specific industries, leveraging USDC on Base with Coinbase's Commerce Payments Protocol as foundation. The pattern that works: Mesh powers PayPal's "Pay with Crypto" (raised $130M+ including Coinbase Ventures), Zar ($7M) targets emerging market bodegas with cash-to-stablecoin, Rain ($24.5M) built stablecoin credit cards. The key: vertical specialization with deep industry knowledge beats horizontal payment platforms.

High-opportunity verticals: (1) Creator economy (challenge Patreon/Substack)—subscriptions in USDC with instant settlement, no 30% fees, global access, micropayment support; (2) B2B international payments (challenge Wise/Payoneer)—invoice payments with smart contract escrow, same-day settlement globally, programmable payment terms; (3) Gig economy payroll (challenge Deel/Remote)—instant contractor payments, compliance automation, multi-currency support; (4) Cross-border remittances (challenge Western Union)—specific corridors like Philippines/Mexico with cash-in/cash-out partnerships following Zar's model.

Concrete action plan: (1) Choose vertical where you have domain expertise and existing relationships; (2) Build on Coinbase Payments infrastructure (gasless stablecoin checkout, ecommerce engine APIs) to avoid reinventing base layer; (3) Focus on 10x better experience in your vertical, not marginal improvement (Mesh succeeded because PayPal integration made crypto payments invisible to users); (4) Target $5-10M seed round using Ubyx ($10M), Zar ($7M), Rain ($24.5M) as precedents; (5) Partner with Coinbase for distribution through bank partnerships (JPMorgan's 80M customers, PNC's customer base).

Go-to-market: Lead with cost savings (2-3% credit card fees → 0.1% stablecoin fees) and speed (3-5 day ACH → instant settlement), hide crypto complexity completely. Mesh succeeded because users experience "Pay with Crypto" in PayPal—they don't see blockchain, gas fees, or wallets.

Strategy 4: Build compliant token launch infrastructure (regulatory moat)​

Create specialized tooling for SEC-compliant token launches as regulatory clarity in the US creates opportunity for builders who embrace compliance. The insight: Coinbase paid $375M for Echo and acquired Liquifi to own token lifecycle infrastructure, suggesting massive value accrues to compliant token tooling. Current portfolio companies using Liquifi include Uniswap Foundation, OP Labs, Ethena, Zora—demonstrating sophisticated protocols choose compliance-first vendors.

Specific product opportunities: (1) Cap table + SEC reporting integration (Liquifi handles vesting, but gap exists for Form D filings, Reg D offerings, accredited investor verification); (2) Token vesting contract libraries with legal frameworks (cliff/vesting schedules audited for tax optimization, secondary sale restrictions enforced programmatically); (3) Token launch analytics for compliance teams (holder concentration monitoring, vesting cliff visualization, whale wallet tracking, distribution compliance dashboards); (4) Secondary market infrastructure for locked tokens (OTC desks for venture-backed tokens, liquidity provision before TGE).

Concrete action plan: (1) Partner with law firms specializing in token offerings (Cooley, Latham & Watkins) to build compliant-by-design products; (2) Target protocols raising on Echo platform as customers (they need cap table management, compliance reporting, vesting schedules); (3) Offer white-glove service initially (high-touch, expensive) to establish track record, then productize; (4) Position as compliance insurance—using your tools reduces regulatory risk; (5) Target $3-5M seed from Coinbase Ventures, Haun Ventures (regulatory focus), Castle Island Ventures (institutional crypto focus).

Market timing: Coinbase executives stated Liquifi acquisition was "enabled by regulatory clarity under Trump administration." This suggests 2025-2026 is the window for compliant token infrastructure before market gets crowded. The first movers with regulatory pedigree (law firm partnerships, FINRA/SEC expertise) will capture market.

Strategy 5: Create prediction market applications for specific domains (proven PMF)​

Build vertical-specific prediction markets following Limitless's success ($17M raised, $500M+ volume, 25x growth Aug-Sep) and The Clearing Company's validation ($15M, founded by Polymarket/Kalshi alumni). The opportunity: Polymarket proved macro demand, but specialized markets for specific domains remain underserved.

High-opportunity domains: (1) Sports betting with full transparency (Billy Bets got Coinbase Ventures backing)—every bet on-chain, provably fair odds, no counterparty risk, instant settlement; (2) Enterprise forecasting tools (internal prediction markets for companies)—sales forecasting, product launch predictions, supply chain estimates; (3) Political prediction markets with CFTC compliance (regulatory clarity now exists); (4) Scientific research predictions (which experiments will replicate, which drugs will pass trials)—monetize expert opinion; (5) Parametric insurance on prediction market primitives (weather derivatives for agriculture, flight delay insurance).

Concrete action plan: (1) Build on Base following Limitless's path (launched on Base, raised from Coinbase Ventures + Base Ecosystem Fund); (2) Start with binary options on short timeframes (minutes, hours, days) like Limitless—generates high volume, immediate settlement, clear outcomes; (3) Focus on mobile-first UX (prediction markets succeed when frictionless); (4) Partner with Opyn team at Coinbase for derivatives expertise (they're building Verified Pools for on-chain liquidity); (5) Target $5-10M seed using Limitless ($7M initial, $17M total) and The Clearing Company ($15M) as precedents.

Regulatory strategy: The Clearing Company is building "onchain, permissionless and regulated" prediction markets, suggesting regulatory compliance is possible. Work with CFTC-registered law firms from day one. Opyn settled with CFTC for $250K in 2023, and Coinbase viewed that compliance experience as an asset when acquiring the team—proving regulators will engage with good-faith actors.

Strategy 6: Develop privacy-preserving infrastructure for Base (underfunded frontier)​

Build privacy features for Base leveraging zero-knowledge proofs and fully homomorphic encryption, addressing the gap between compliance requirements and user privacy needs. Coinbase acquired Iron Fish team (privacy-focused L1 using ZKPs) in March 2025 specifically to develop "privacy pod" for private stablecoin transactions on Base, and Brian Armstrong confirmed (October 22, 2025) they're building private transactions for Base. This signals strategic priority for privacy while maintaining regulatory compliance.

Specific opportunities: (1) Private payment channels for Base (shielded USDC transfers for B2B transactions where companies need privacy but not anonymity); (2) Confidential smart contracts using FHE (Inco raised $5M strategic with Coinbase Ventures participation)—contracts that compute on encrypted data; (3) Privacy-preserving identity (Google building ZK identity per a16z report, Worldcoin proving demand)—users prove attributes without revealing identity; (4) Selective disclosure frameworks for DeFi (prove you're not sanctioned entity without revealing full identity).

Concrete action plan: (1) Collaborate with Iron Fish team at Coinbase (they're building privacy features for Base, opportunities for external tooling); (2) Focus on compliance-compatible privacy (selective disclosure, auditable privacy, regulatory backdoors for valid warrants)—not Tornado Cash-style full anonymity; (3) Target enterprise/institutional use cases first (corporate payments need privacy more than retail); (4) Build Inco integration for Base (Inco has FHE/MPC solution, partners include Circle); (5) Target $5M strategic round from Coinbase Ventures (Inco precedent), a16z crypto (ZK focus), Haun Ventures (privacy + compliance).

Market positioning: Differentiate from privacy coins (Monero, Zcash) which face regulatory hostility by emphasizing privacy for compliance (corporate trade secrets, competitive sensitivity, personal financial privacy) not privacy for evasion. Work with TradFi partners (banks need private transactions for commercial clients) to establish legitimate use cases.

Strategy 7: Build consumer-grade crypto products with TradFi integration (distribution hack)​

Create crypto products that integrate with traditional banking following Coinbase's partnership strategy: JPMorgan (80M customers), PNC (7th-largest US bank), Shopify (millions of merchants). The pattern: crypto infrastructure with fiat onramps integrated into existing user experiences captures mainstream adoption faster than crypto-native apps.

Proven opportunities: (1) Credit cards with crypto rewards (Coinbase One Card offers 4% Bitcoin rewards)—issue cards with stablecoin settlement, crypto cashback, travel rewards in crypto; (2) Savings accounts with crypto yield (Nook raised $2.5M from Coinbase Ventures)—offer high-yield savings backed by USDC/DeFi protocols; (3) Loyalty programs with crypto redemption (JPMorgan letting Chase Ultimate Rewards redeem for crypto in 2026)—partner with airlines, hotels, retailers for crypto reward redemption; (4) Business checking with stablecoin settlement (Coinbase Business account)—SMB banking with crypto payment acceptance.

Concrete action plan: (1) Partner with banks/fintechs rather than competing—license banking-as-a-service platforms (Unit, Treasury Prime, Synapse) with crypto integration; (2) Get state money transmitter licenses or partner with licensed entities (regulatory requirement for fiat integration); (3) Focus on net-new revenue for partners (attract crypto-native customers banks can't reach, increase engagement with rewards); (4) Use USDC on Base for backend settlement (instant, low-cost) while showing dollar balances to users; (5) Target $10-25M Series A using Rain ($24.5M) and Nook ($2.5M) as references.

Distribution strategy: Don't build another crypto exchange/wallet (Coinbase has distribution locked). Build specialized financial products that leverage crypto rails but feel like traditional banking products. Nook (built by 3 former Coinbase engineers) raised from Coinbase Ventures by focusing on savings specifically, not general crypto banking.

The fortune-making synthesis: where to focus now​

Synthesizing 34+ investments and $3.3B+ in capital deployment, the highest-conviction opportunities for web3 builders are:

Tier 1 (build immediately, capital is flowing):

  • AI agent payment infrastructure: Catena Labs ($18M), OpenMind ($20M), Google partnership prove market
  • Stablecoin payment widgets for specific verticals: Ubyx ($10M), Zar ($7M), Rain ($24.5M), Mesh ($130M+)
  • Base ecosystem consumer applications: Limitless ($17M), Towns Protocol ($3.3M), Legion ($5M) show path

Tier 2 (build for 2025-2026, emerging opportunities):

  • Prediction market infrastructure: Limitless/The Clearing Company validate, but niche domains underserved
  • Token launch compliance tooling: Echo ($375M), Liquifi acquisitions signal value
  • Privacy-preserving Base infrastructure: Iron Fish team acquisition, Brian Armstrong's commitment

Tier 3 (contrarian/longer-term, less competition):

  • DAO infrastructure (a16z interested, limited capital deployed)
  • Sustainable DeFi (differentiate from failed 2021 experiments)
  • Privacy-first applications (Coinbase adding features, competitors avoiding due to regulatory concerns)

The "fortune-making" insight: Coinbase isn't just placing bets—they're building a platform (Base) with 200M users, distribution channels (JPMorgan, Shopify, PayPal), and full-stack infrastructure (payments, derivatives, token lifecycle). Builders who align with this ecosystem (build on Base, leverage Coinbase's partnerships, solve problems Coinbase's investments signal) gain unfair advantages: funding via Base Ecosystem Fund, distribution through Coinbase Wallet/Base App, liquidity from Coinbase exchange listing, partnership opportunities as Coinbase scales.

The pattern across all successful investments: real traction before funding (Limitless had $250M volume, Remix had 570K players, Mesh powered PayPal), regulatory-compatible design (compliance is competitive advantage, not burden), and vertical specialization (best horizontal platforms, win specific use cases first). The builders who will capture disproportionate value in 2025-2026 are those who combine crypto's infrastructure advantages (instant settlement, global reach, programmability) with mainstream UX (hide blockchain complexity, integrate with existing workflows) and regulatory pedigree (compliance from day one, not as afterthought).

The crypto industry is transitioning from speculation to utility, from infrastructure to applications, from crypto-native to mainstream. Coinbase's $3.3B+ in strategic bets reveals exactly where that transition is happening fastest—and where builders should focus to capture the next wave of value creation.

The New Gaming Paradigm: Five Leaders Shaping Web3's Future

¡ 28 min read
Dora Noda
Software Engineer

Web3 gaming leaders are converging on a radical vision: gaming's $150 billion economy will grow to trillions by restoring digital property rights to 3 billion players—but their paths to get there diverge in fascinating ways. From Animoca Brands' democratic ownership thesis to Immutable's cooperative economics, these pioneers are architecting fundamentally new relationships between players, creators, and platforms that challenge decades of extractive gaming business models.

This comprehensive analysis examines how Yat Siu (Animoca Brands), Jeffrey Zirlin (Sky Mavis), Sebastien Borget (The Sandbox), Robbie Ferguson (Immutable), and Mackenzie Hom (Metaplex Foundation) envision gaming's transformation through blockchain technology, digital ownership, and community-driven economies. Despite coming from different technical infrastructures and regional markets, their perspectives reveal both striking consensus on core problems and creative divergence on solutions—offering a multi-dimensional view of gaming's inevitable evolution.

The foundational crisis all five leaders identify​

Every leader interviewed begins from the same damning diagnosis: traditional gaming systematically extracts value from players while denying them ownership. Ferguson captures this starkly: "Players spend $150BN every year on in-game items and own $0 of it." Borget experienced this firsthand when The Sandbox's original mobile version achieved 40 million downloads and 70 million player creations, yet "app store and Google Play limitations prevented us from sharing revenue, leading creators to leave over time."

This extraction goes beyond simple business models to what Siu frames as a fundamental denial of digital property rights. "Digital property rights can provide the basis for a fairer society," he argues, drawing parallels to 19th-century land reforms. "Property rights and capitalism are the foundation that allows for democracy to happen... Web3 can save the capitalist narrative by turning users into stakeholders and co-owners." His framing elevates gaming economics to questions of democratic participation and human rights.

Zirlin brings practitioner perspective from Axie Infinity's explosive growth and subsequent challenges. His key insight: "Web3 gamers are traders, they're speculators, that's part of their persona." Unlike traditional gamers, this audience analyzes ROI, understands tokenomics, and sees games as part of broader financial activity. "Teams that don't understand that and just think that they're normal gamers, they're going to have a hard time," he warns. This recognition fundamentally reshapes what "player-first design" means in Web3 contexts.

Ferguson defines the breakthrough as "cooperative ownership"—"the first time the system is trying to align the incentives of players and publishers." He notes bitterly that "everyone hated free-to-play when it first came out... and quite frankly, why shouldn't they because it's often been at their expense. But web3 gaming is steered by passionate CEOs and founders who are enormously driven to prevent players from continuously getting ripped off."

From play-to-earn hype to sustainable gaming economies​

The most significant evolution across all five leaders involves moving beyond pure "play-to-earn" speculation toward sustainable, engagement-based models. Zirlin, whose Axie Infinity pioneered the category, offers the most candid reflection on what went wrong and what's being corrected.

The Axie lessons and aftermath​

Zirlin's admission cuts to the heart of first-generation play-to-earn failures: "When I think about my childhood, I think about my relationship with Charmander. Actually, the thing that got me so addicted to Pokemon was I really needed to level up my Charmander to Charmeleon to Charizard... That's actually what got me into it—that same experience, that same emotion is really needed in the Axie universe. It's actually to be honest, the thing that we didn't have last cycle. That was the hole in the ship that prevented us from reaching the grand line."

Early Axie focused heavily on earning mechanics but lacked emotional progression systems that create genuine attachment to digital creatures. When token prices collapsed and earnings evaporated, nothing retained players who had joined purely for income. Zirlin now advocates "risk-to-earn" models like competitive tournaments where players pay entry fees and prize pools distribute to winners—creating sustainable, player-funded economies rather than inflationary token systems.

His strategic framing now treats Web3 gaming as "a seasonal business where it's like during the bull market, it's kind of like the holiday season" for user acquisition, while bear markets focus on product development and community building. This cyclical thinking represents sophisticated adaptation to crypto's volatility rather than fighting it.

Terminology shifts signal philosophical evolution​

Siu has moved deliberately from "play-to-earn" to "play-and-earn": "Earning is something you have the option to do but is not the sole reason to play a game. In terms of value, whatever you earn in a game need not simply be financial in nature, but could also be reputational, social, and/or cultural." This reframing acknowledges that financial incentives alone create extractive player behavior rather than vibrant communities.

Hom's Token 2049 statement crystallizes the industry consensus: "Pure speculation >> loyalty and contribution based rewards." The ">>" notation signals an irreversible transition—speculation may have bootstrapped initial attention, but sustainable Web3 gaming requires rewarding genuine engagement, skill development, and community contribution rather than purely extractive mechanics.

Borget emphasizes that games must prioritize fun regardless of blockchain features: "No matter the platform or technology behind a game, it must be enjoyable to play. The core measure of a game's success is often linked to how long users engage with it and whether they are willing to make in-game purchases." The Sandbox's LiveOps seasonal model—running regular in-game events, quests, and mission-based rewards—demonstrates this philosophy in practice.

Ferguson sets the quality bar explicitly: "The games we work with have to be fundamental quality games that you would want to play outside of web3. That's a really important bar." Web3 features can add value and new monetization, but cannot salvage poor gameplay.

Digital ownership reimagined: From assets to economies​

All five leaders champion digital ownership through NFTs and blockchain technology, but their conceptions differ in sophistication and emphasis.

Property rights as economic and democratic foundation​

Siu's vision is the most philosophically ambitious. He seeks Web3 gaming's "Torrens moment"—referencing Sir Richard Torrens who created government-backed land title registries in the 19th century. "Digital property rights and capitalism are the foundation that allows for democracy to happen," he argues, positioning blockchain as providing similar transformative proof of ownership for digital assets.

His economic thesis: "You could say we're living in a $100 billion virtual economy—what happens if you turn that $100 billion economy into an ownership one? We think it will be worth trillions." The logic: ownership enables capital formation, financialization through DeFi (loans against NFTs, fractionalization, lending), and most critically, users treating virtual assets with the same care and investment as physical property.

The paradigm inversion: Assets over ecosystems​

Siu articulates perhaps the most radical reframing of gaming architecture: "In traditional gaming, all of a game's assets benefit only the game, and engagement benefits only the ecosystem. Our view is exactly the opposite: we think that it's all about the assets, and that the ecosystem is at the service of the assets and their owners."

This inversion suggests games should be designed to add value to assets players already own rather than assets existing solely to serve game mechanics. "The content is the platform as opposed to the platform delivering the content," Siu explains. In this model, players accumulate valuable digital property across games, with each new experience designed to make those assets more useful or valuable—similar to how new apps add utility to smartphones you already own.

Ferguson validates this from infrastructure perspective: "We have brand new monetization mechanisms, secondary marketplaces, royalties. But you also will take the size of gaming from $150 billion to trillions of dollars." His example: Magic: The Gathering has "$20 billion of cards out there in the world, physical cards, but every year they can't monetize any of the secondary trading." Blockchain enables perpetual royalties—taking "2% of every transaction in perpetuity, no matter where they trade"—transforming business models fundamentally.

Creator economies and revenue sharing​

Borget's vision centers on creator empowerment through true ownership and monetization. The Sandbox's three-pillar approach (VoxEdit for 3D creation, Game Maker for no-code game creation, LAND virtual real estate) enables what he calls "create-to-earn" models alongside play-to-earn.

India has emerged as The Sandbox's largest creator market with 66,000 creators (versus 59,989 in the US), demonstrating Web3's global democratization. "We've proven that India is not like just the tech workforce of the world," Borget notes. "We've shown that blockchain projects can be successful... in the content and entertainment side."

His core philosophy: "We've brought this ecosystem into being, but experiences and assets that players make and share are what drives it." This positions platforms as facilitators rather than gatekeepers—a fundamental role inversion from Web2 where platforms extract most value while creators receive minimal revenue share.

Infrastructure as the invisible enabler​

All leaders acknowledge that blockchain technology must become invisible to players for mass adoption. Ferguson captures the UX crisis: "If you ask someone to sign up, and write down 24 seed words, you are losing 99.99% of your customers."

The passport breakthrough​

Ferguson describes the "magic moment" from Guild of Guardians' launch: "There are so many comments around people saying, 'I hated web3 gaming. I never got it.' There was literally a tweet here, which is, 'My brother has never tried web3 gaming before. He never wanted to write down his seed words. But he's been playing Guild of Guardians, he's created a passport account, and he's completely addicted.'"

Immutable Passport (2.5+ million signups by Q3 2024) offers passwordless sign-on with non-custodial wallets, solving the onboarding friction that killed previous Web3 gaming attempts. Ferguson's infrastructure-first approach—building Immutable X (ZK-rollup handling 9,000+ transactions per second) and Immutable zkEVM (first EVM-compatible chain specifically for games)—demonstrates commitment to solving scalability before hype.

Cost reduction as enabling innovation​

Hom's strategic work at Metaplex addresses the economic viability challenge. Metaplex's compressed NFTs enable minting 100,000 NFTs for just $100 (less than $0.001 per mint), compared to Ethereum's prohibitive costs. This 1,000x+ cost reduction makes gaming-scale asset creation economically viable—enabling not just expensive rare items but abundant consumables, currency, and environmental objects.

Metaplex Core's single-account design further reduces costs by 85%, with NFT minting costing 0.0029 SOL versus 0.022 SOL for legacy standards. The February 2025 Execute feature introduces Asset Signers—allowing NFTs to autonomously sign transactions, enabling AI-driven NPCs and agents within game economies.

Zirlin's Ronin blockchain demonstrates the value of gaming-specific infrastructure. "We realized that, hey, we're the only ones who really understand the Web3 gaming users and nobody is out there building the blockchain, the wallet, the marketplace that really works for Web3 games," he explains. Ronin reached 1.6 million daily active users in 2024—proving purpose-built infrastructure can achieve scale.

The simplicity paradox​

Borget identifies a crucial 2024 insight: "The most popular web3 applications are the simplest ones, proving that you do not always need to build triple-A games to match the demand of users." TON's 900 million user base powering hypercasual mini-games demonstrates that accessible experiences with clear ownership value can onboard users faster than complex AAA titles requiring years of development.

This doesn't negate the need for high-quality games, but suggests the path to mass adoption may run through simple, immediately enjoyable experiences that teach blockchain concepts implicitly rather than requiring upfront crypto expertise.

Decentralization and the open metaverse vision​

Four of five leaders (excluding Hom, who has limited public statements on this) explicitly advocate for open, interoperable metaverse architectures rather than closed proprietary systems.

The walled garden threat​

Borget frames this as an existential battle: "We strongly advocate for the core of the open metaverse to be decentralization, interoperability and creator-generated content." He explicitly rejects Meta's closed metaverse approach, stating "this diversity of ownership means that no single party can control the metaverse."

Siu co-founded the Open Metaverse Alliance (OMA3) to establish open standards: "What we want to prevent is that people are going to create sort of an API-based, permission-based, metaverse alliance where people give access to each other and then they can turn it off whenever they want to, almost like sort of a trade war style. It's supposed to be that the end user actually has most of the agency. It's their assets. You can't take it away from them."

Ferguson's position from his 2021 London Real interview: "The most important fight of our lives is to keep the Metaverse open." Even acknowledging Meta's entry as "a fundamental core admission of the value that digital ownership provides," he insists on open infrastructure rather than proprietary ecosystems.

Interoperability as value multiplier​

The technical vision involves assets that work across multiple games and platforms. Siu offers a flexible interpretation: "Nobody said that an asset has to exist in the same way—who said that a Formula One car has to be a car in a medieval game, it could be a shield, or be whatever. This is a digital world, why do you have to restrict yourself to the traditional thing."

Borget emphasizes: "It's important to us that the content you own or create in The Sandbox can be transferred to other open metaverses, and vice versa." The Sandbox's partnerships with 400+ brands create network effects where popular IP becomes more valuable as it achieves utility across multiple virtual worlds.

Progressive decentralization through DAOs​

All leaders describe gradual transitions from centralized founding teams to community governance. Borget: "Since the original whitepaper, it's been part of our plan to progressively decentralize Sandbox over five years... progressively, we want to give more power, freedom and autonomy to the players and creators who are contributing to the success and the growth of the platform."

The Sandbox DAO launched May 2024 with 16 community-submitted improvement proposals voted upon. Siu sees DAOs as civilizational transformation: "We think DAOs are the future of most organizations, big and small. It's the next evolution of business, allowing it to integrate the community into the organization... DAOs are going to reinvigorate democratic ideals because we will be able to iterate on democratic concepts at the speed of digital."

Metaplex's MPLX token governance and movement toward immutable protocols (no entity can modify standards) demonstrates infrastructure-layer decentralization—ensuring game developers building on these foundations can trust long-term stability independent of any single organization's decisions.

Regional strategies and market insights​

The leaders reveal divergent geographic focuses reflecting their different market positions.

Asia-first versus global approaches​

Borget explicitly built The Sandbox as "a metaverse of culture" with regional localization from the start. "Unlike some Western companies that prioritize the U.S. first, we... embed small, regionally-focused teams in each country." His Asian focus stems from early fundraising: "We pitched over 100 investors before securing seed funding from Animoca Brands, True Global Ventures, Square Enix and HashKey—all based in Asia. That was our first indicator that Asia had a stronger appetite for blockchain gaming than the West."

His cultural analysis: "Technology is ingrained into the culture and the daily habits of people in Korea, Japan, China and other Asian markets." He contrasts this with Western resistance to new technology adoption, particularly among older generations: "older generations already invested in stocks, real estate, digital payments and transportation systems. There's no resistance to adopting new technology."

Zirlin maintains deep ties to the Philippines, which powered Axie's initial growth. "The Philippines is the beating heart of web3 gaming," he declares. "In the last day, 82,000 Filipinos have played Pixels... for all of the doubters, these are real people, these are Filipinos." His respect for the community that survived through Axie earnings during COVID reflects genuine appreciation beyond extractive player relationships.

Ferguson's strategy involves building the largest gaming ecosystem regardless of geography, though with notable Korean partnerships (NetMarble's MARBLEX, MapleStory Universe) and emphasis on Ethereum security and Western institutional investors.

Siu, operating through Animoca's 540+ portfolio companies, takes the most globally distributed approach while championing Hong Kong as a Web3 hub. His appointment to Hong Kong's Task Force on Promoting Web3 Development signals governmental recognition of Web3's strategic importance.

Timeline of evolution: Bear markets build foundations​

Examining how thinking evolved from 2023-2025 reveals pattern recognition around market cycles and sustainable building.

2023: Cleanup year and foundation strengthening​

Siu framed 2023 as "a cleanup year... a degree of purging, particularly of bad actors." The market crash eliminated unsustainable projects: "When you go through these cycles, there's a maturation, because we've also had a lot of Web3 gaming companies shut down. And the ones who shut down really probably didn't have any business being around in the first place."

Zirlin focused on product improvements and emotional engagement systems. Axie Evolution launched, allowing NFTs to upgrade through gameplay—creating the progression mechanics he identified as missing from the original success.

Borget used the bear market to refine no-code creation tools and strengthen brand partnerships: "many brands and celebrities are looking for novel ways to engage with their audience through UGC-driven entertainment. They see that value regardless of Web3 market conditions."

2024: Infrastructure maturity and quality games launching​

Ferguson described 2024 as infrastructure breakthrough year with Immutable Passport scaling to 2.5 million users and zkEVM processing 150 million transactions. Guild of Guardians launched to 4.9/5 ratings and 1+ million downloads, proving Web3 gaming could achieve mainstream quality.

Zirlin called 2024 "a year of building and foundation setting for web3 games." Ronin welcomed high-quality titles (Forgotten Runiverse, Lumiterra, Pixel Heroes Adventures, Fableborne) and shifted from competitive to collaborative: "While the bear market was very much a competitive environment, in '24 we began to see the web3 gaming sector unify and focus on points of collaboration."

Borget launched The Sandbox DAO in May 2024, marked Alpha Season 4's success (580,000+ unique players across 10 weeks playing an average of two hours), and announced the Voxel Games Program enabling developers to build cross-platform experiences using Unity, Unreal, or HTML5 while connecting to Sandbox assets.

Hom moderated the major gaming panel at Token 2049 Singapore alongside industry leaders, positioning Metaplex's role in gaming infrastructure evolution.

2025: Regulatory clarity and mass adoption predictions​

All leaders express optimism for 2025 as breakthrough year. Ferguson: "Web3 gaming is poised for a breakthrough, with top-quality games, many years in development set to launch in the next 12 months. These titles are projected to attract hundreds of thousands, and in some cases, millions of active users."

Zirlin's New Year's resolution: "It's time for unity. With gaming season + Open Ronin on the horizon, we're now entering an era where web3 gaming will be working together and winning together." The merger of Ronin's ecosystem and opening to more developers signals confidence in sustainable growth.

Siu predicts: "By the end of the next year... substantial progress will be made around the world in establishing regulations governing digital asset ownership. This will empower users by providing them with explicit rights over their digital property."

Borget plans to expand from one major season per year to four seasonal events in 2025, scaling engagement while maintaining quality: "My New Year's resolution for 2025 is to focus on improving what we're already doing best. The Sandbox is a lifetime journey."

Key challenges identified across leaders​

Despite optimism, all five acknowledge significant obstacles requiring solutions.

Cross-chain fragmentation and liquidity​

Borget identifies a critical infrastructure problem: "Web3 gaming has never been as big as it is today... yet it is more fragmented than it has ever been." Games exist across Ethereum/Polygon (Sandbox), Ronin (Axie, Pixels), Avalanche (Off The Grid), Immutable, and Solana with "very little permeability of their audience from one game to another." His 2025 prediction: "more cross-chain solutions will appear that will address this issue and ensure users can swiftly move assets and liquidity across any of these ecosystems."

Ferguson has focused on this through Immutable's global orderbook vision: "creating a world where users will be able to trade any digital asset on any wallet, rollup, marketplace, and game."

Platform restrictions and regulatory uncertainty​

Siu notes that "leading platforms like Apple, Facebook, and Google currently restrict the use of NFTs in games," limiting utility and hindering growth. These gatekeepers control mobile distribution—the largest gaming market—creating existential risk for Web3 gaming business models.

Ferguson sees regulatory clarity as 2025 opportunity: "With the likelihood of regulatory clarity around many aspects of web3 in the US and across major markets, teams across gaming and broader web3 could benefit and unleash new and exciting innovations."

Reputation and Sybil attacks​

Siu addresses the identity and trust crisis: "The genesis of Moca ID came from issues we faced with KYC wallets being sold to third parties who shouldn't have passed KYC. Sometimes up to 70 or 80% of wallets were mixtures of farming or people just hoping for good luck. This is a problem that plagues our industry."

Animoca's Moca ID attempts to solve this with reputation systems: "creating a reputation stat that indicates how you've behaved in the Web3 space. Think of it almost like a Certificate of Good Standing in Web3."

Developer support gaps​

Borget criticizes blockchain networks for failing to support game developers: "In contrast [to console platforms like PlayStation and Xbox], blockchain networks have not yet assumed a similar role." The expected network effects "where value and users flow freely across games on a shared chain—have not fully materialized. As a result, many web3 games lack the visibility and user acquisition support needed to grow."

This represents a call to action for Layer 1 and Layer 2 networks to provide marketing, distribution, and user acquisition support similar to traditional platform holders.

Sustainable tokenomics remains unsolved​

Despite progress beyond pure speculation, Ferguson acknowledges: "Web3 monetization is still evolving." Models showing promise include The Sandbox's LiveOps events, tournament-based "risk-to-earn," hybrid Web2/Web3 monetization combining battle passes with tradeable assets, and tokens used for user acquisition rather than primary revenue.

Zirlin frames the question directly: "Right now, if you look at which tokens are performing well, it's tokens that are able to have buybacks, and buybacks are typically a function of are you able to generate revenue? So then the question becomes what revenue models are working for Web3 Games?" This remains an open question requiring more experimentation.

Unique perspectives: Where leaders diverge​

While consensus exists on core problems and directional solutions, each leader brings distinctive philosophy.

Yat Siu: Democratic ownership and financial literacy​

Siu uniquely frames Web3 gaming as political and civilizational transformation. His Axie Infinity case study: "Most of those people don't have a university degree... nor do they have a strong education in financial education—however, they were completely able to grasp the use of a crypto wallet... helping them survive basically the Covid crisis at the time."

His conclusion: Gaming teaches financial literacy faster than traditional education while demonstrating that Web3 provides more accessible financial infrastructure than legacy banking. "Opening up a physical bank account" is harder than learning MetaMask, he argues—suggesting Web3 gaming could bank the unbanked globally.

His prediction: By 2030, billions using Web3 will think like investors or owners rather than passive consumers, fundamentally altering social contracts between platforms and users.

Jeffrey Zirlin: Web3 as seasonal business with trader-gamers​

Zirlin's recognition that "Web3 gamers are traders, they're speculators" fundamentally changes design priorities. Rather than hiding economic gameplay, successful Web3 games should embrace it—providing transparent tokenomics, market mechanics as core features, and respecting players' financial sophistication.

His seasonal business framework offers strategic clarity: use bull markets for aggressive user acquisition and token launches; use bear markets for product development and community cultivation. This acceptance of cyclicality rather than fighting it represents mature adaptation to crypto's inherent volatility.

His Philippines-centric perspective maintains humanity in often-abstract discussions of gaming economies, remembering actual people whose lives improved through earning opportunities.

Sebastien Borget: Cultural metaverse and creation democratization​

Borget's vision centers accessibility and cultural diversity. His "digital Legos" metaphor—emphasizing that "anyone knows how to use it without reading the user manual"—guides design decisions prioritizing simplicity over technical complexity.

His insight that "the simplest [Web3 applications] are the most popular" in 2024 challenges assumptions that only AAA-quality games can succeed. The Sandbox's no-code Game Maker reflects this philosophy, enabling 66,000 Indian creators without technical blockchain expertise to build experiences.

His commitment to "metaverse of culture" with regional localization distinguishes The Sandbox from Western-centric platforms, suggesting virtual worlds must reflect diverse cultural values and aesthetics to achieve global adoption.

Robbie Ferguson: Cooperative ownership and quality bar​

Ferguson's "cooperative ownership" framing most clearly articulates the economic realignment Web3 enables. Rather than zero-sum extraction where publishers profit at player expense, blockchain creates positive-sum economies where both benefit from ecosystem growth.

His quality bar—that games "have to be fundamental quality games that you would want to play outside of web3"—sets the highest standard among the five leaders. He refuses to accept that Web3 features can compensate for poor gameplay, positioning blockchain as enhancement rather than excuse.

His infrastructure obsession (Immutable X, zkEVM, Passport) demonstrates belief that technology must work flawlessly before mass adoption. Building for years through bear markets to solve scalability and UX before seeking mainstream attention reflects patient, foundational thinking.

Mackenzie Hom: Contribution over speculation​

While Hom has the most limited public presence, her Token 2049 statement captures essential evolution: "Pure speculation >> loyalty and contribution based rewards." This positions Metaplex's strategic focus on infrastructure enabling sustainable reward systems rather than extractive token mechanics.

Her work on Solana gaming infrastructure (Metaplex Core reducing costs 85%, compressed NFTs enabling billions of assets for minimal cost, Asset Signers for autonomous NPCs) demonstrates belief that technical capabilities unlock new design possibilities. Solana's 400ms block times and sub-penny transactions enable real-time gameplay impossible on higher-latency chains.

Implementations and exemplar games​

The leaders' visions manifest in specific games and platforms demonstrating new models.

The Sandbox: Creator economy at scale​

With 6.3+ million user accounts, 400+ brand partnerships, and 1,500+ user-generated games, The Sandbox exemplifies Borget's creator empowerment vision. Alpha Season 4 achieved 580,000+ unique players spending average two hours playing, demonstrating sustainable engagement beyond speculation.

The DAO governance with 16 community-submitted proposals voted upon realizes progressive decentralization. The Sandbox's achievement of 66,000 creators in India alone validates the global creator economy thesis.

Axie Infinity: Play-to-earn evolution and emotional design​

Zirlin's incorporation of Axie Evolution system (allowing NFTs to upgrade through gameplay) addresses his identified missing piece—emotional progression creating attachment. The multi-game universe (Origins card battler, Classic returned with new rewards, Homeland land-based farming) diversifies beyond single gameplay loop.

Ronin's achievement of 1.6 million daily active users and success stories (Pixels growing from 5,000 to 1.4 million DAU after migrating to Ronin, Apeiron from 8,000 to 80,000 DAU) validate gaming-specific blockchain infrastructure.

Immutable ecosystem: Quality and cooperative ownership​

Guild of Guardians' 4.9/5 rating, 1+ million downloads, and testimonials from players who "hated Web3 gaming" but became "completely addicted" demonstrate Ferguson's thesis that invisible blockchain enhances rather than defines experience.

The ecosystem's 330+ games and 71% year-over-year growth in new game announcements (fastest in industry per Game7 report) shows developer momentum toward Immutable's infrastructure-first approach.

Gods Unchained's 25+ million cards in existence—more NFTs than every other Ethereum blockchain game combined—proves trading card games as natural Web3 fit with digital ownership.

Animoca Brands: Portfolio approach and property rights​

Siu's 540+ Web3-related investments including OpenSea, Yuga Labs, Axie Infinity, Dapper Labs, Sky Mavis, Polygon create an ecosystem rather than single product. This network approach enables cross-portfolio value creation and the MoCA Portfolio Token offering index exposure.

Mocaverse's Moca ID reputation system addresses Sybil attacks and trust issues, while Open Campus education initiatives expand digital ownership beyond gaming into $5 trillion education market.

Metaplex: Infrastructure enabling abundance​

Metaplex's achievement of 99%+ of Solana NFT mints using their protocols and powering $9.2 billion in economic activity across 980+ million transactions demonstrates infrastructure dominance. The ability to mint 100,000 compressed NFTs for $100 enables gaming-scale asset creation previously economically impossible.

Major games leveraging Metaplex (Nyan Heroes, Star Atlas, Honeyland, Aurory, DeFi Land) validate Solana as gaming blockchain with speed and cost advantages.

Common themes synthesized: The convergence​

Despite different technical stacks, regional focuses, and specific implementations, the five leaders converge on core principles:

1. Digital ownership is inevitable and transformative - Not optional feature but fundamental restructuring of player-platform relationships

2. Speculation must evolve to sustainable engagement - Pure token speculation created boom-bust cycles; sustainable models reward genuine contribution

3. Quality games are non-negotiable - Web3 features cannot save poor gameplay; blockchain should enhance already-excellent experiences

4. Infrastructure must be invisible - Mass adoption requires removing blockchain complexity from user experience

5. Creators must be empowered and compensated - Platforms should facilitate rather than extract; creators deserve ownership and revenue share

6. Interoperability and openness create more value than closed systems - Network effects and composability multiply value beyond proprietary walled gardens

7. Community governance through progressive decentralization - Long-term vision involves shifting control from founding teams to DAOs and token holders

8. Gaming will onboard billions to Web3 - Gaming provides most natural entry point for mainstream blockchain adoption

9. Patient building through market cycles - Bear markets for development, bull markets for distribution; focus on foundations not hype

10. The opportunity is measured in trillions - Converting $150B gaming economy to ownership-based model creates multi-trillion dollar opportunity

Looking forward: The decade ahead​

The leaders project Web3 gaming's trajectory with remarkable consistency despite their different vantage points.

Ferguson predicts: "Everyone is still massively underestimating how big web3 gaming is going to be." He sees Web3 gaming reaching $100 billion in the next decade while growing the overall gaming market to trillions through new monetization and engagement models.

Siu's 2030 predictions: (1) Billions using Web3 with better financial literacy, (2) People expecting value for their data and engagement, (3) DAOs becoming bigger than traditional organizations through token networks.

Zirlin frames 2025 as "gaming season" with regulatory clarity enabling innovation: "Innovation when it comes to the web3 game economy is set to explode in 2025. Regulatory clarity is set to unleash more experiments when it comes to novel mechanics for distributing tokens."

Borget sees AI integration as next frontier: "I'm interested in the evolution of AI-powered virtual agents, moving beyond static NPCs to fully interactive, AI-driven characters that enhance immersion in gaming." His implementation of AI for chat moderation, motion capture, and planned intelligent NPCs positions The Sandbox at the convergence of AI and Web3.

The consensus: One breakout 100+ million player Web3 game will trigger mass adoption, proving the model works at scale and forcing traditional publishers to adapt. Ferguson: "The answer to skeptics is not debate. It's building an exceptional game that 100 million people play without knowing that they're even touching NFTs, but experience far more value because of it."

Conclusion​

These five leaders are architecting nothing less than gaming's fundamental restructuring from extractive to cooperative economics. Their convergence on digital ownership, player empowerment, and sustainable engagement models—despite coming from different technical infrastructures and regional markets—suggests inevitable rather than speculative transformation.

The evolution from 2023's cleanup through 2024's infrastructure maturity to 2025's anticipated breakthrough follows a pattern of patient foundation-building during bear markets followed by scaled deployment during bull cycles. Their collective $300+ million in funding, 3+ billion in company valuations, 10+ million users across their platforms, and 1,000+ games in development represent not speculative positioning but years of grinding toward product-market fit.

The most compelling aspect: These leaders openly acknowledge challenges (fragmentation, platform restrictions, sustainable tokenomics, Sybil attacks, developer support gaps) rather than claiming problems are solved. This intellectual honesty, combined with demonstrated traction (Ronin's 1.6M DAU, Immutable's 2.5M Passport users, Sandbox's 580K Season 4 players, Metaplex's $9.2B economic activity), suggests the vision is grounded in reality rather than hype.

Gaming's $150 billion economy built on extraction and zero-sum mechanics faces competition from a model offering ownership, cooperative economics, creator empowerment, and genuine digital property rights. The leaders profiled here aren't predicting this transformation—they're building it, one game, one player, one community at a time. Whether it takes five years or fifteen, the direction appears set: gaming's future runs through true digital ownership, and these five leaders are charting the course.

Tokenized Identity and AI Companions Converge as Web3's Next Frontier

¡ 28 min read
Dora Noda
Software Engineer

The real bottleneck isn't compute speed—it's identity. This insight from Matthew Graham, Managing Partner at Ryze Labs, captures the fundamental shift happening at the intersection of AI companions and blockchain identity systems. As the AI companion market explodes toward $140.75 billion by 2030 and decentralized identity scales from $4.89 billion today to $41.73 billion by decade's end, these technologies are converging to enable a new paradigm: truly owned, portable, privacy-preserving AI relationships. Graham's firm has deployed concrete capital—incubating Amiko's personal AI platform, backing the $420,000 Eliza humanoid robot, investing in EdgeX Labs' 30,000+ TEE infrastructure, and launching a $5 million AI Combinator fund—positioning Ryze at the vanguard of what Graham calls "the most important wave of innovation since DeFi summer."

This convergence matters because AI companions currently exist in walled gardens, unable to move between platforms, with users possessing no true ownership of their AI relationships or data. Simultaneously, blockchain-based identity systems have matured from theoretical frameworks to production infrastructure managing $2+ billion in AI agent market capitalization. When combined, tokenized identity provides the ownership layer AI companions lack, while AI agents solve blockchain's user experience problem. The result: digital companions you genuinely own, can take anywhere, and interact with privately through cryptographic proofs rather than corporate surveillance.

Matthew Graham's vision: identity infrastructure as the foundational layer​

Graham's intellectual journey tracks the industry's evolution from Bitcoin enthusiast in 2013 to crypto VC managing 51 portfolio companies to AI companion advocate experiencing a "stop-everything moment" with Terminal of Truths in 2024. His progression mirrors the sector's maturation, but his recent pivot represents something more fundamental: recognition that identity infrastructure, not computational power or model sophistication, determines whether autonomous AI agents can operate at scale.

In January 2025, Graham commented "waifu infrastructure layer" on Amiko's declaration that "the real challenge is not speed. It is identity." This marked the culmination of his thinking—a shift from focusing on AI capabilities to recognizing that without standardized, decentralized identity systems, AI agents cannot verify themselves, transact securely, or persist across platforms. Through Ryze Labs' portfolio strategy, Graham is systematically building this infrastructure stack: hardware-level privacy through EdgeX Labs' distributed computing, identity-aware AI platforms through Amiko, physical manifestation through Eliza Wakes Up, and ecosystem development through AI Combinator's 10-12 investments.

His investment thesis centers on three convergent beliefs. First, AI agents require blockchain rails for autonomous operation—"they are going to have to be making transactions, microtransactions, whatever it is… this is very naturally a crypto rail situation." Second, the future of AI lives locally on user-owned devices rather than in corporate clouds, necessitating decentralized infrastructure that's "not only decentralized, but also physically distributed and able to run locally." Third, companionship represents "one of the most untapped psychological needs in the world today," positioning AI companions as social infrastructure rather than mere entertainment. Graham has named his planned digital twin "Marty" and envisions a world where everyone has a deeply personal AI that knows them intimately: "Marty, you know everything about me... Marty, what does mom like? Go order some Christmas gifts for mom."

Graham's geographic strategy adds another dimension—focusing on emerging markets like Lagos and Bangalore where "the next wave of users and builders will come from." This positions Ryze to capture AI companion adoption in regions potentially leapfrogging developed markets, similar to mobile payments in Africa. His emphasis on "lore" and cultural phenomena suggests understanding that AI companion adoption follows social dynamics rather than pure technological merit: drawing "parallels to cultural phenomena like internet memes and lore... internet lore and culture can synergize movements across time and space."

At Token 2049 appearances spanning Singapore 2023 and beyond, Graham articulated this vision to global audiences. His Bloomberg interview positioned AI as "crypto's third act" after stablecoins, while his participation in The Scoop podcast explored "how crypto, AI and robotics are converging into the future economy." The common thread: AI agents need identity systems for trusted interactions, ownership mechanisms for autonomous operation, and transaction rails for economic activity—precisely what blockchain technology provides.

Decentralized identity reaches production scale with major protocols operational​

Tokenized identity has evolved from whitepaper concept to production infrastructure managing billions in value. The technology stack comprises three foundational layers: Decentralized Identifiers (DIDs) as W3C-standardized, globally unique identifiers requiring no centralized authority; Verifiable Credentials (VCs) as cryptographically-secured, instantly verifiable credentials forming a trust triangle between issuer, holder, and verifier; and Soulbound Tokens (SBTs) as non-transferable NFTs representing reputation, achievements, and affiliations—proposed by Vitalik Buterin in May 2022 and now deployed in systems like Binance's Account Bound token and Optimism's Citizens' House governance.

Major protocols have achieved significant scale by October 2025. Ethereum Name Service (ENS) leads with 2 million+ .eth domains registered, $667-885 million market cap, and imminent migration to "Namechain" L2 expecting 80-90% gas fee reduction. Lens Protocol has built 650,000+ user profiles with 28 million social connections on its decentralized social graph, recently securing $46 million in funding and transitioning to Lens v3 on zkSync-based Lens Network. Worldcoin (rebranded "World") has verified 12-16 million users across 25+ countries through iris-scanning Orbs, though facing regulatory challenges including bans in Spain, Portugal, and Philippines cease-and-desist orders. Polygon ID deployed the first ZK-powered identity solution mid-2022, with October 2025's Release 6 introducing dynamic credentials and private proof of uniqueness. Civic provides compliance-focused blockchain identity verification, generating $4.8 million annual revenue through its Civic Pass system enabling KYC/liveness checks for dApps.

The technical architecture enables privacy-preserving verification through multiple cryptographic approaches. Zero-knowledge proofs allow proving attributes (age, nationality, account balance thresholds) without revealing underlying data. Selective disclosure lets users share only necessary information for each interaction rather than full credentials. Off-chain storage keeps sensitive personal data off public blockchains, recording only hashes and attestations on-chain. This design addresses the apparent contradiction between blockchain transparency and identity privacy—a critical challenge Graham's portfolio companies like Amiko explicitly tackle through local processing rather than cloud dependency.

Current implementations span diverse sectors demonstrating real-world utility. Financial services use reusable KYC credentials cutting onboarding costs 60%, with Uniswap v4 and Aave integrating Polygon ID for verified liquidity providers and undercollateralized lending based on SBT credit history. Healthcare applications enable portable medical records and HIPAA-compliant prescription verification. Education credentials as verifiable diplomas allow instant employer verification. Government services include mobile driver's licenses (mDLs) accepted for TSA domestic air travel and EU's mandatory EUDI Wallet rollout by 2026 for all member states. DAO governance uses SBTs for one-person-one-vote mechanisms and Sybil resistance—Optimism's Citizens' House pioneered this approach.

The regulatory landscape is crystallizing faster than expected. Europe's eIDAS 2.0 (Regulation EU 2024/1183) passed April 11, 2024, mandates all EU member states offer EUDI Wallets by 2026 with cross-sector acceptance required by 2027, creating the first comprehensive legal framework recognizing decentralized identity. The ISO 18013 standard aligns US mobile driver's licenses with EU systems, enabling cross-continental interoperability. GDPR concerns about blockchain immutability are addressed through off-chain storage and user-controlled data minimization. The United States has seen Biden's Cybersecurity Executive Order funding mDL adoption, TSA approval for domestic air travel, and state-level implementations spreading from Louisiana's pioneering deployment.

Economic models around tokenized identity reveal multiple value capture mechanisms. ENS governance tokens grant voting rights on protocol changes. Civic's CVC utility tokens purchase identity verification services. Worldcoin's WLD aims for universal basic income distribution to verified humans. The broader Web3 identity market sits at $21 billion (2023) projecting to $77 billion by 2032—14-16% CAGR—while overall Web3 markets grew from $2.18 billion (2023) to $49.18 billion (2025), representing explosive 44.9% compound annual growth. Investment highlights include Lens Protocol's $46 million raise, Worldcoin's $250 million from Andreessen Horowitz, and $814 million flowing to 108 Web3 companies in Q1 2023 alone.

AI companions reach 220 million downloads as market dynamics shift toward monetization​

The AI companion sector has achieved mainstream consumer scale with 337 active revenue-generating apps generating $221 million cumulative consumer spending by July 2025. The market reached $28.19 billion in 2024 and projects to $140.75 billion by 2030—a 30.8% CAGR driven by emotional support demand, mental health applications, and entertainment use cases. This growth trajectory positions AI companions as one of the fastest-expanding AI segments, with downloads surging 88% year-over-year to 60 million in H1 2025 alone.

Platform leaders have established dominant positions through differentiated approaches. Character.AI commands 20-28 million monthly active users with 18 million+ user-created chatbots, achieving 2-hour average daily usage and 10 billion messages monthly—48% higher retention than traditional social media. The platform's strength lies in role-playing and character interaction, attracting a young demographic (53% aged 18-24) with nearly equal gender split. Following Google's $2.7 billion investment, Character.AI reached $10 billion valuation despite generating only $32.2 million revenue in 2024, reflecting investor confidence in long-term monetization potential. Replika focuses on personalized emotional support with 10+ million users, offering 3D avatar customization, voice/AR interactions, and relationship modes (friend/romantic/mentor) priced at $19.99 monthly or $69.99 annually. Pi from Inflection AI emphasizes empathetic conversation across multiple platforms (iOS, web, messaging apps) without visual character representation, remaining free while building several million users. Friend represents the hardware frontier—a $99-129 wearable AI necklace providing always-listening companionship powered by Claude 3.5, generating controversy over constant audio monitoring but pioneering physical AI companion devices.

Technical capabilities have advanced significantly yet remain bounded by fundamental limitations. Current systems excel at natural language processing with context retention across conversations, personalization through learning user preferences over time, multimodal integration combining text/voice/image/video, and platform connectivity with IoT devices and productivity tools. Advanced emotional intelligence enables sentiment analysis and empathetic responses, while memory systems create continuity across interactions. However, critical limitations persist: no true consciousness or genuine emotional understanding (simulated rather than felt empathy), tendency toward hallucinations and fabricated information, dependence on internet connectivity for advanced features, difficulty with complex reasoning and nuanced social situations, and biases inherited from training data.

Use cases span personal, professional, healthcare, and educational applications with distinct value propositions. Personal/consumer applications dominate with 43.4% market share, addressing loneliness epidemic (61% of young US adults report serious loneliness) through 24/7 emotional support, role-playing entertainment (51% interactions in fantasy/sci-fi), and virtual romantic relationships (17% of apps explicitly market as "AI girlfriend"). Over 65% of Gen Z users report emotional connection with AI characters. Professional applications include workplace productivity (Zoom AI Companion 2.0), customer service automation (80% of interactions AI-handleable), and sales/marketing personalization like Amazon's Rufus shopping companion. Healthcare implementations provide medication reminders, symptom checking, elderly companionship reducing depression in isolated seniors, and accessible mental health support between therapy sessions. Education applications offer personalized tutoring, language learning practice, and Google's "Learn About" AI learning companion.

Business model evolution reflects maturation from experimentation toward sustainable monetization. Freemium/subscription models currently dominate, with Character.AI Plus at $9.99 monthly and Replika Pro at $19.99 monthly offering priority access, faster responses, voice calls, and advanced customization. Revenue per download increased 127% from $0.52 (2024) to $1.18 (2025), signaling improved conversion. Consumption-based pricing is emerging as the sustainable model—pay per interaction, token, or message rather than flat subscriptions—better aligning costs with usage. Advertising integration represents the projected future as AI inference costs decline; ARK Invest predicts revenue per hour will increase from current $0.03 to $0.16 (similar to social media), potentially generating $70-150 billion by 2030 in their base and bull cases. Virtual goods and microtransactions for avatar customization, premium character access, and special experiences are expected to reach monetization parity with gaming services.

Ethical concerns have triggered regulatory action following documented harms. Character.AI faces 2024 lawsuit after teen suicide linked to chatbot interactions, while Disney issued cease-and-desist orders for copyrighted character usage. The FTC launched inquiry in September 2025 ordering seven companies to report child safety measures. California Senator Steve Padilla introduced legislation requiring safeguards, while Assembly member Rebecca Bauer-Kahan proposed banning AI companions for under-16s. Primary ethical issues include emotional dependency risks particularly concerning for vulnerable populations (teens, elderly, isolated individuals), authenticity and deception as AI simulates but doesn't genuinely feel emotions, privacy and surveillance through extensive personal data collection with unclear retention policies, safety and harmful advice given AI's tendency to hallucinate, and "social deskilling" where over-reliance erodes human social capabilities.

Expert predictions converge on continued rapid advancement with divergent views on societal impact. Sam Altman projects AGI within 5 years with GPT-5 achieving "PhD-level" reasoning (launched August 2025). Elon Musk expects AI smarter than smartest human by 2026 with Optimus robots in commercial production at $20,000-30,000 price points. Dario Amodei suggests singularity by 2026. The near-term trajectory (2025-2027) emphasizes agentic AI systems shifting from chatbots to autonomous task-completing agents, enhanced reasoning and memory with longer context windows, multimodal evolution with mainstream video generation, and hardware integration through wearables and physical robotics. The consensus: AI companions are here to stay with massive growth ahead, though social impact remains hotly debated between proponents emphasizing accessible mental health support and critics warning of technology not ready for emotional support roles with inadequate safeguards.

Technical convergence enables owned, portable, private AI companions through blockchain infrastructure​

The intersection of tokenized identity and AI companions solves fundamental problems plaguing both technologies—AI companions lack true ownership and portability while blockchain suffers from poor user experience and limited utility. When combined through cryptographic identity systems, users can genuinely own their AI relationships as digital assets, port companion memories and personalities across platforms, and interact privately through zero-knowledge proofs rather than corporate surveillance.

The technical architecture rests on several breakthrough innovations deployed in 2024-2025. ERC-7857, proposed by 0G Labs, provides the first NFT standard specifically for AI agents with private metadata. This enables neural networks, memory, and character traits to be stored encrypted on-chain, with secure transfer protocols using oracles and cryptographic systems that re-encrypt during ownership changes. The transfer process generates metadata hashes as authenticity proofs, decrypts in Trusted Execution Environment (TEE), re-encrypts with new owner's key, and requires signature verification before smart contract execution. Traditional NFT standards (ERC-721/1155) failed for AI because they have static, public metadata with no secure transfer mechanisms or support for dynamic learning—ERC-7857 solves these limitations.

Phala Network has deployed the largest TEE infrastructure globally with 30,000+ devices providing hardware-level security for AI computations. TEEs enable secure isolation where computations are protected from external threats with remote attestation providing cryptographic proof of non-interference. This represents the only way to achieve true exclusive ownership for digital assets executing sensitive operations. Phala processed 849,000 off-chain queries in 2023 (versus Ethereum's 1.1 million on-chain), demonstrating production scale. Their AI Agent Contracts allow TypeScript/JavaScript execution in TEEs for applications like Agent Wars—a live game with tokenized agents using staking-based DAO governance where "keys" function as shares granting usage rights and voting power.

Privacy-preserving architecture layers multiple cryptographic approaches for comprehensive protection. Fully Homomorphic Encryption (FHE) enables processing data while keeping it fully encrypted—AI agents never access plaintext, providing post-quantum security through NIST-approved lattice cryptography (2024). Use cases include private DeFi portfolio advice without exposing holdings, healthcare analysis of encrypted medical records without revealing data, and prediction markets aggregating encrypted inputs. MindNetwork and Fhenix are building FHE-native platforms for encrypted Web3 and digital sovereignty. Zero-knowledge proofs complement TEEs and FHE by enabling private authentication (proving age without revealing birthdate), confidential smart contracts executing logic without exposing data, verifiable AI operations proving task completion without revealing inputs, and cross-chain privacy for secure interoperability. ZK Zyra + Ispolink demonstrate production zero-knowledge proofs for AI-powered Web3 gaming.

Ownership models using blockchain tokens have reached significant market scale. Virtuals Protocol leads with $700+ million market cap managing $2+ billion in AI agent market capitalization, representing 85% of marketplace activity and generating $60 million protocol revenue by December 2024. Users purchase tokens representing agent stakes, enabling co-ownership with full trading, transfer, and revenue-sharing rights. SentrAI focuses on tradable AI personas as programmable on-chain assets partnering with Stability World AI for visual capabilities, creating a social-to-AI economy with cross-platform monetizable experiences. Grok Ani Companion demonstrates mainstream adoption with ANI token at $0.03 ($30 million market cap) generating $27-36 million daily trading volume through smart contracts securing interactions and on-chain metadata storage.

NFT-based ownership provides alternative models emphasizing uniqueness over fungibility. FURO on Ethereum offers 3D AI companions that learn, remember, and evolve for $10 NFT plus $FURO tokens, with personalization adapting to user style and reflecting emotions—planning physical toy integration. AXYC (AxyCoin) integrates AI with GameFi and EdTech using AR token collection, NFT marketplace, and educational modules where AI pets function as tutors for languages, STEM, and cognitive training with milestone rewards incentivizing long-term development.

Data portability and interoperability remain works in progress with important caveats. Working implementations include Gitcoin Passport's cross-platform identity with "stamps" from multiple authenticators, Civic Pass on-chain identity management across dApps/DeFi/NFTs, and T3id (Trident3) aggregating 1,000+ identity technologies. On-chain metadata stores preferences, memories, and milestones immutably, while blockchain attestations through Ceramic and KILT Protocol link AI model states to identities. However, current limitations include no universal SSI agreement yet, portability limited to specific ecosystems, evolving regulatory frameworks (GDPR, DMA, Data Act), and requirement for ecosystem-wide adoption before seamless cross-platform migration becomes reality. The 103+ experimental DID methods create fragmentation, with Gartner predicting 70% of SSI adoption depends on achieving cross-platform compatibility by 2027.

Monetization opportunities at the intersection enable entirely new economic models. Usage-based pricing charges per API call, token, task, or compute time—Hugging Face Inference Endpoints achieved $4.5 billion valuation (2023) on this model. Subscription models provide predictable revenue, with Cognigy deriving 60% of $28 million ARR from subscriptions. Outcome-based pricing aligns payment with results (leads generated, tickets resolved, hours saved) as demonstrated by Zendesk, Intercom, and Chargeflow. Agent-as-a-Service positions AI as "digital employees" with monthly fees—Harvey, 11x, and Vivun pioneer enterprise-grade AI workforce. Transaction fees take percentage of agent-facilitated commerce, emerging in agentic platforms requiring high volume for viability.

Blockchain-specific revenue models create token economics where value appreciates with ecosystem growth, staking rewards compensate service providers, governance rights provide premium features for holders, and NFT royalties generate secondary market earnings. Agent-to-agent economy enables autonomous payments where AI agents compensate each other using USDC through Circle's Programmable Wallets, marketplace platforms taking percentage of inter-agent transactions, and smart contracts automating payments based on verified completed work. The AI agent market projects from $5.3 billion (2024) to $47.1 billion (2030) at 44.8% CAGR, potentially reaching $216 billion by 2035, with Web3 AI attracting $213 million from crypto VCs in Q3 2024 alone.

Investment landscape shows convergence thesis gaining institutional validation​

Capital deployment across tokenized identity and AI companions accelerated dramatically in 2024-2025 as institutional investors recognized the convergence opportunity. AI captured $100+ billion in venture funding during 2024—representing 33% of all global VC—with 80% increase from 2023's $55.6 billion. Generative AI specifically attracted $45 billion, nearly doubling from $24 billion in 2023, while late-stage GenAI deals averaged $327 million compared to $48 million in 2023. This capital concentration reflects investor conviction that AI represents a secular technology shift rather than cyclical hype.

Web3 and decentralized identity funding followed parallel trajectory. The Web3 market grew from $2.18 billion (2023) to $49.18 billion (2025)—44.9% compound annual growth rate—with 85% of deals at seed or Series A stages signaling infrastructure-building phase. Tokenized Real-World Assets reached $24 billion (2025), up 308% over three years, with projections to $412 billion globally. Decentralized identity specifically scaled from $156.8 million (2021) toward projected $77.8 billion by 2031—87.9% CAGR. Private credit tokenization drove 58% of tokenized RWA flows in H1 2025, while tokenized treasury and money market funds reached $7.4 billion with 80% year-over-year increase.

Matthew Graham's Ryze Labs exemplifies the convergence investment thesis through systematic portfolio construction. The firm incubated Amiko, a personal AI platform combining portable hardware (Kick device), home-based hub (Brain), local inference, structured memory, coordinated agents, and emotionally-aware AI including Eliza character. Amiko's positioning emphasizes "high-fidelity digital twins that capture behavior, not just words" with privacy-first local processing—directly addressing Graham's identity infrastructure thesis. Ryze also incubated Eliza Wakes Up, bringing AI agents to life through humanoid robotics powered by ElizaOS at $420,000 pre-orders for 5'10" humanoid with silicone animatronic face, emotional intelligence, and ability to perform physical tasks and blockchain transactions. Graham advises the project, calling it "the most advanced humanoid robot ever seen outside a lab" and "the most ambitious since Sophia the Robot."

Strategic infrastructure investment came through EdgeX Labs backing in April 2025—decentralized edge computing with 10,000+ live nodes deployed globally providing the substrate for multi-agent coordination and local inference. The AI Combinator program launched 2024/2025 with $5 million funding 10-12 projects at AI/crypto intersection in partnership with Shaw (Eliza Labs) and a16z. Graham described it as targeting "the Cambrian explosion of AI agent innovation" as "the most important development in the industry since DeFi." Technical partners include Polyhedra Network (verifiable computing) and Phala Network (trustless computing), with ecosystem partners like TON Ventures bringing AI agents to multiple Layer 1 blockchains.

Major VCs have published explicit crypto+AI investment theses. Coinbase Ventures articulated that "crypto and blockchain-based systems are a natural complement to generative AI" with these "two secular technologies going to interweave like a DNA double-helix to make the scaffolding for our digital lives." Portfolio companies include Skyfire and Payman. a16z, Paradigm, Delphi Ventures, and Dragonfly Capital (raising $500 million fund in 2025) actively invest in agent infrastructure. New dedicated funds emerged: Gate Ventures + Movement Labs ($20 million Web3 fund), Gate Ventures + UAE ($100 million fund), Avalanche + Aethir ($100 million with AI agents focus), and aelf Ventures ($50 million dedicated fund).

Institutional adoption validates the tokenization narrative with traditional finance giants deploying production systems. BlackRock's BUIDL became the largest tokenized private fund at $2.5 billion AUM, while CEO Larry Fink declared "every asset can be tokenized... it will revolutionize investing." Franklin Templeton's FOBXX reached $708 million AUM, Circle/Hashnote's USYC $488 million. Goldman Sachs operates its DAP end-to-end tokenized asset infrastructure for over one year. J.P. Morgan's Kinexys platform integrates digital identity in Web3 with blockchain identity verification. HSBC launched Orion tokenized bond issuance platform. Bank of America plans stablecoin market entry pending approval with $3.26 trillion in assets positioned for digital payment innovation.

Regional dynamics show Middle East emerging as Web3 capital hub. Gate Ventures launched $100 million UAE fund while Abu Dhabi invested $2 billion in Binance. Conferences reflect industry maturation—TOKEN2049 Singapore drew 25,000 attendees from 160+ countries (70% C-suite), while ETHDenver 2025 attracted 25,000 under theme "From Hype to Impact: Web3 Goes Value-Driven." Investment strategy shifted from "aggressive funding and rapid scaling" toward "disciplined and strategic approaches" emphasizing profitability and sustainable growth, signaling transition from speculation to operational focus.

Challenges persist but technical solutions emerge across privacy, scalability, and interoperability​

Despite impressive progress, significant technical and adoption challenges must be resolved before tokenized identity and AI companions achieve mainstream integration. These obstacles shape development timelines and determine which projects succeed in building sustainable user bases.

The privacy versus transparency tradeoff represents the fundamental tension—blockchain transparency conflicts with AI privacy needs for processing sensitive personal data and intimate conversations. Solutions have emerged through multi-layered cryptographic approaches: TEE isolation provides hardware-level privacy (Phala's 30,000+ devices operational), FHE computation enables encrypted processing eliminating plaintext exposure with post-quantum security, ZKP verification proves correctness without revealing data, and hybrid architectures combine on-chain governance with off-chain private computation. These technologies are production-ready but require ecosystem-wide adoption.

Computational scalability challenges arise from AI inference expense combined with blockchain's limited throughput. Layer-2 scaling solutions address this through zkSync, StarkNet, and Arbitrum handling off-chain compute with on-chain verification. Modular architecture using Polkadot's XCM enables cross-chain coordination without mainnet congestion. Off-chain computation pioneered by Phala allows agents executing off-chain while settling on-chain. Purpose-built chains optimize specifically for AI operations rather than general computation. Current average public chain throughput of 17,000 TPS creates bottlenecks, making L2 migration essential for consumer-scale applications.

Data ownership and licensing complexity stems from unclear intellectual property rights across base models, fine-tuning data, and AI outputs. Smart contract licensing embeds usage conditions directly in tokens with automated enforcement. Provenance tracking through Ceramic and KILT Protocol links model states to identities creating audit trails. NFT ownership via ERC-7857 provides clear transfer mechanisms and custody rules. Automated royalty distribution through smart contracts ensures proper value capture. However, legal frameworks lag technology with regulatory uncertainty deterring institutional adoption—who bears liability when decentralized credentials fail? Can global interoperability standards emerge or will regionalization prevail?

Interoperability fragmentation with 103+ DID methods and different ecosystems/identity standards/AI frameworks creates walled gardens. Cross-chain messaging protocols like Polkadot XCM and Cosmos IBC are under development. Universal standards through W3C DIDs and DIF specifications progress slowly requiring consensus-building. Multi-chain wallets like Safe smart accounts with programmable permissions enable some portability. Abstraction layers such as MIT's NANDA project building agentic web indexes attempt ecosystem bridging. Gartner predicts 70% of SSI adoption depends on achieving cross-platform compatibility by 2027, making interoperability the critical path dependency.

User experience complexity remains the primary adoption barrier. Wallet setup sees 68% user abandonment during seed-phrase generation. Key management creates existential risk—lost private keys mean permanently lost identity with no recovery mechanism. The balance between security and recoverability proves elusive; social recovery systems add complexity while maintaining self-custody principles. Cognitive load from understanding blockchain concepts, wallets, gas fees, and DIDs overwhelms non-technical users. This explains why institutional B2B adoption progresses faster than consumer B2C—enterprises can absorb complexity costs while consumers demand seamless experiences.

Economic sustainability challenges arise from high infrastructure costs (GPUs, storage, compute) required for AI operations. Decentralized compute networks distribute costs across multiple providers competing on price. DePIN (Decentralized Physical Infrastructure Networks) with 1,170+ projects spread resource provisioning burden. Usage-based models align costs with value delivered. Staking economics provide token incentives for resource provision. However, VC-backed growth strategies often subsidize user acquisition with unsustainable unit economics—the shift toward profitability in 2025 investment strategy reflects recognition that business model validation matters more than raw user growth.

Trust and verification issues center on ensuring AI agents act as intended without manipulation or drift. Remote attestation from TEEs issues cryptographic proofs of execution integrity. On-chain audit trails create transparent records of all actions. Cryptographic proofs via ZKPs verify computation correctness. DAO governance enables community oversight through token-weighted voting. Yet verification of AI decision-making processes remains challenging given LLM opacity—even with cryptographic proofs of correct execution, understanding why an AI agent made specific choices proves difficult.

The regulatory landscape presents both opportunities and risks. Europe's eIDAS 2.0 mandatory digital wallets by 2026 create massive distribution channel, while US pro-crypto policy shift in 2025 removes friction. However, Worldcoin bans in multiple jurisdictions demonstrate government concerns about biometric data collection and centralization risks. GDPR "right to erasure" conflicts with blockchain immutability despite off-chain storage workarounds. AI agent legal personhood and liability frameworks remain undefined—can AI agents own property, sign contracts, or bear responsibility for harms? These questions lack clear answers as of October 2025.

Looking ahead: near-term infrastructure buildout enables medium-term consumer adoption​

Timeline projections from industry experts, market analysts, and technical assessment converge around a multi-phase rollout. Near-term (2025-2026) brings regulatory clarity from US pro-crypto policies, major institutions entering RWA tokenization at scale, universal identity standards emerging through W3C and DIF convergence, and multiple projects moving from testnet to mainnet. Sahara AI mainnet launches Q2-Q3 2025, ENS Namechain migration completes Q4 2025 with 80-90% gas reduction, Lens v3 on zkSync deploys, and Ronin AI agent SDK reaches public release. Investment activity remains focused 85% on early-stage (seed/Series A) infrastructure plays, with $213 million flowing from crypto VCs to AI projects in Q3 2024 alone signaling sustained capital commitment.

Medium-term (2027-2030) expects AI agent market reaching $47.1 billion by 2030 from $5.3 billion (2024)—44.8% CAGR. Cross-chain AI agents become standard as interoperability protocols mature. Agent-to-agent economy generates measurable GDP contribution as autonomous transactions scale. Comprehensive global regulations establish legal frameworks for AI agent operations and liability. Decentralized identity reaches $41.73 billion (2030) from $4.89 billion (2025)—53.48% CAGR—with mainstream adoption in finance, healthcare, and government services. User experience improvements through abstraction layers make blockchain complexity invisible to end users.

Long-term (2030-2035) could see market reaching $216 billion by 2035 for AI agents with true cross-platform AI companion migration enabling users taking their AI relationships anywhere. Potential AGI integration transforms capabilities beyond current narrow AI applications. AI agents might become primary digital economy interface replacing apps and websites as interaction layer. Decentralized identity market hits $77.8 billion (2031) becoming default for digital interactions. However, these projections carry substantial uncertainty—they assume continued technological progress, favorable regulatory evolution, and successful resolution of UX challenges.

What separates realistic from speculative visions? Currently operational and production-ready: Phala's 30,000+ TEE devices processing real workloads, ERC-7857 standard formally proposed with implementations underway, Virtuals Protocol managing $2+ billion AI agent market cap, multiple AI agent marketplaces operational (Virtuals, Holoworld), DeFi AI agents actively trading (Fetch.ai, AIXBT), working products like Agent Wars game, FURO/AXYC NFT companions, Grok Ani with $27-36 million daily trading volume, and proven technologies (TEE, ZKP, FHE, smart contract automation).

Still speculative and not yet realized: universal AI companion portability across ALL platforms, fully autonomous agents managing significant wealth unsupervised, agent-to-agent economy as major percentage of global GDP, complete regulatory framework for AI agent rights, AGI integration with decentralized identity, seamless Web2-Web3 identity bridging at scale, quantum-resistant implementations deployed broadly, and AI agents as primary internet interface for masses. Market projections ($47 billion by 2030, $216 billion by 2035) extrapolate current trends but depend on assumptions about regulatory clarity, technological breakthroughs, and mainstream adoption rates that remain uncertain.

Matthew Graham's positioning reflects this nuanced view—deploying capital in production infrastructure today (EdgeX Labs, Phala Network partnerships) while incubating consumer applications (Amiko, Eliza Wakes Up) that will mature as underlying infrastructure scales. His emphasis on emerging markets (Lagos, Bangalore) suggests patience for developed market regulatory clarity while capturing growth in regions with lighter regulatory burdens. The "waifu infrastructure layer" comment positions identity as foundational requirement rather than nice-to-have feature, implying multi-year buildout before consumer-scale AI companion portability becomes reality.

Industry consensus centers on technical feasibility being high (7-8/10)—TEE, FHE, ZKP technologies proven and deployed, multiple working implementations exist, scalability addressed through Layer-2s, and standards actively progressing. Economic feasibility rates medium-high (6-7/10) with clear monetization models emerging, consistent VC funding flow, decreasing infrastructure costs, and validated market demand. Regulatory feasibility remains medium (5-6/10) as US shifts pro-crypto but EU develops frameworks slowly, privacy regulations need adaptation, and AI agent IP rights remain unclear. Adoption feasibility sits at medium (5/10)—early adopters engaged, but UX challenges persist, limited current interoperability, and significant education/trust-building needed.

The convergence of tokenized identity and AI companions represents not speculative fiction but an actively developing sector with real infrastructure, operational marketplaces, proven technologies, and significant capital investment. Production reality shows $2+ billion in managed assets, 30,000+ deployed TEE devices, $60 million protocol revenue from Virtuals alone, and daily trading volumes in tens of millions. Development status includes proposed standards (ERC-7857), deployed technologies (TEE/FHE/ZKP), and operational frameworks (Virtuals, Phala, Fetch.ai).

The convergence works because blockchain solves AI's ownership problem—who owns the agent, its memories, its economic value?—while AI solves blockchain's UX problem of how users interact with complex cryptographic systems. Privacy tech (TEE/FHE/ZKP) enables this convergence without sacrificing user sovereignty. This is an emerging but real market with clear technical paths, proven economic models, and growing ecosystem adoption. Success hinges on UX improvements, regulatory clarity, interoperability standards, and continued infrastructure development—all actively progressing through 2025 and beyond. Matthew Graham's systematic infrastructure investments position Ryze Labs to capture value as the "most important wave of innovation since DeFi summer" moves from technical buildout toward consumer adoption at scale.

GameFi Industry Overview: A PM's Guide to Web3 Gaming in 2025

¡ 32 min read
Dora Noda
Software Engineer

The GameFi market reached $18-19 billion in 2024 with projections to hit $95-200 billion by 2034, yet faces a brutal reality check: 93% of projects fail and 60% of users abandon games within 30 days. This paradox defines the current state—massive growth potential colliding with fundamental sustainability challenges. The industry is pivoting from speculative "play-to-earn" models that attracted mercenary users toward "play-and-earn" experiences prioritizing entertainment value with blockchain benefits as secondary. Success in 2025 requires understanding five distinct user personas, designing for multiple "jobs to be done" beyond just earning, implementing sustainable tokenomics that don't rely on infinite user growth, and learning from both the successes of Axie Infinity's $4+ billion in NFT sales and the failures of its 95% user collapse. The winners will be products that abstract blockchain complexity, deliver AAA-quality gameplay, and build genuine communities rather than speculation farms.

Target user personas: Who's actually playing GameFi​

The GameFi audience spans from Filipino pedicab drivers earning rent money to wealthy crypto investors treating games as asset portfolios. Understanding these personas is critical for product-market fit.

The Income Seeker represents 35-40% of users​

This persona dominates Southeast Asia—particularly the Philippines, Vietnam, and Indonesia—where 40% of Axie Infinity's peak users originated. These are 20-35 year olds from below-minimum-wage households who view GameFi as legitimate employment, not entertainment. They invest 6-10 hours daily treating gameplay as a full-time job, often entering through scholarship programs where guilds provide NFTs in exchange for 30-75% of earnings. During Axie's peak, Filipino players earned $400-1,200 monthly compared to $200 minimum wage, enabling life-changing outcomes like paying university fees and buying groceries. However, this persona is extremely vulnerable to token volatility—when SLP crashed 99% from peak, earnings fell below minimum wage and retention collapsed. Their pain points center on high entry costs ($400-1,000+ for starter NFTs at peak), complex crypto-to-fiat conversion, and unsustainable tokenomics. For product managers, this persona requires free-to-play or scholarship models, mobile-first design, local language support, and transparent earning projections. The scholarship model pioneered by Yield Guild Games (30,000+ scholarships) democratizes access but raises exploitation concerns given the 10-30% commission structure.

The Gamer-Investor accounts for 25-30% of users​

These are 25-40 year old professionals from developed markets—US, South Korea, Japan—with middle to upper-middle class incomes and college education. They're experienced core gamers seeking both entertainment value and financial returns, comfortable navigating DeFi ecosystems across 3.8 Layer 1 chains and 3.6 Layer 2 chains on average. Unlike Income Seekers, they directly purchase premium NFTs ($1,000-10,000+ single investments) and diversify portfolios across 3-5 games. They invest 2-4 hours daily and often act as guild owners rather than scholars, managing others' gameplay. Their primary frustration is poor gameplay quality in most GameFi titles—they want AAA production values matching traditional games, not "spreadsheets with graphics." This persona is critical for sustainability because they provide capital inflows and longer-term engagement. Product managers should focus on compelling gameplay mechanics, high production values, sophisticated tokenomics transparency, and governance participation through DAOs. They're willing to pay premium prices but demand quality and won't tolerate pay-to-win dynamics, which ranks as the top reason players quit traditional games.

The Casual Dabbler makes up 20-25% of users​

Global and primarily mobile-first, these 18-35 year old students and young professionals are motivated by curiosity, FOMO, and the "why not earn while playing?" value proposition. They invest only 30 minutes to 2 hours daily with inconsistent engagement patterns. This persona increasingly discovers GameFi through Telegram mini-apps like Hamster Kombat (239 million users in 3 months) and Notcoin ($1.6 billion market cap), which offer zero-friction onboarding without wallet setup. However, they exhibit the highest churn rate—60%+ abandon within 30 days—because poor UX/UI (cited by 53% as biggest challenge), complex wallet setup (deters 11%), and repetitive gameplay drive them away. The discovery method matters: 60% learn about GameFi from friends and family, making viral mechanics essential. For product managers, this persona demands simplified onboarding (hosted wallets, no crypto knowledge required), social features for friend recruitment, and genuinely entertaining gameplay that works as a standalone experience. The trap is designing purely for token farming, which attracts this persona temporarily but fails to retain them beyond airdrops—Hamster Kombat lost 86% of users post-airdrop (300M to 41M).

The Crypto Native comprises 10-15% of users​

These 22-45 year old crypto professionals, developers, and traders from global crypto hubs possess expert-level blockchain knowledge and variable gaming backgrounds. They view GameFi as an asset class and technological experiment rather than primary entertainment, seeking alpha opportunities, early adoption status, and governance participation. This persona trades high-frequency, provides liquidity, stakes governance tokens, and participates in DAOs (25% actively engage in governance). They're sophisticated enough to analyze smart contract code and tokenomics sustainability, making them the harshest critics of unsustainable models. Their investment approach focuses on high-value NFTs, land sales, and governance tokens rather than grinding for small rewards. Product managers should engage this persona for credibility and capital but recognize they're often early exiters—flipping positions before mainstream adoption. They value innovative tokenomics, transparent on-chain data, and utility beyond speculation. Major pain points include unsustainable token emissions, regulatory uncertainty, bot manipulation, and rug pulls. This persona is essential for initial liquidity and word-of-mouth but represents too small an audience (4.5 million crypto gamers vs 3 billion total gamers) to build a mass-market product around exclusively.

The Community Builder represents 5-10% of users​

Guild owners, scholarship managers, content creators, and influencers—these 25-40 year olds with middle incomes invest 4-8 hours daily managing operations rather than playing directly. They built the infrastructure enabling Income Seekers to participate, managing anywhere from 10 to 1,000+ players and earning through 10-30% commissions on scholar earnings. At Axie's 2021 peak, successful guild leaders earned $20,000+ monthly. They create educational content, strategy guides, and market analysis while using rudimentary tools (often Google Sheets for scholar management). This persona is critical for user acquisition and education—Yield Guild Games managed 5,000+ scholars with 60,000 on waitlist—but faces sustainability challenges as token prices affect entire guild economics. Their pain points include lack of guild CRM tools, performance tracking difficulty, regulatory uncertainty around taxation, and the sustainability concerns of the scholar economy model (criticized as digital-age "gold farming"). Product managers should build tools specifically for this persona—guild dashboards, automated payouts, performance analytics—and recognize they serve as distribution channels, onboarding infrastructure, and community evangelists.

Jobs to be done: What users hire GameFi products for​

GameFi products are hired to do multiple jobs simultaneously across functional, emotional, and social dimensions. Understanding these layered motivations explains why users adopt, engage with, and ultimately abandon these products.

Functional jobs: Practical problems being solved​

The primary functional job for Southeast Asian users is generating income when traditional employment is unavailable or insufficient. During COVID-19 lockdowns, Axie Infinity players in the Philippines earned $155-$600 monthly compared to $200 minimum wage, with earnings enabling concrete outcomes like paying for mothers' medication and children's school fees. One 26-year-old line cook made $29 weekly playing, and professional players bought houses. This represents a genuine economic opportunity in markets with 60%+ unbanked populations and minimum daily wages of $7-25 USD. However, the job extends beyond primary income to supplementary earnings—content moderators playing 2 hours daily earned $155-$195 monthly (nearly half their salary) for grocery money and electricity bills. For developed market users, the functional job shifts to investment and wealth accumulation through asset appreciation. Early Axie adopters bought teams for $5 in 2020; by 2021 prices reached $50,000+ for starter teams. Virtual land in Decentraland and The Sandbox sold for substantial amounts, and the guild model emerged where "managers" own multiple teams and rent to "scholars" for 10-30% commission. The portfolio diversification job involves gaining crypto asset exposure through engaging activity rather than pure speculation, accessing DeFi features (staking, yield farming) embedded in gameplay. GameFi competes with traditional employment (offering flexible hours, work-from-home, no commute), traditional gaming (offering real money earnings), cryptocurrency trading (offering more engaging skill-based earnings), and gig economy work (offering more enjoyable activity for comparable pay).

Emotional jobs: Feelings and experiences being sought​

Achievement and mastery drive engagement as users seek to feel accomplished through challenging gameplay and visible progress. Academic research shows "advancement" and "achievement" as top gaming motivations, satisfied through breeding optimal Axies, winning battles, climbing leaderboards, and progression systems creating dopamine-driven engagement. One study found 72.1% of players experienced mood uplift during play. However, the grinding nature creates tension—players describe initial happiness followed by "sleepiness and stress of the game." Escapism and stress relief became particularly important during COVID lockdowns, with one player noting being "protected from virus, play cute game, earn money." Academic research confirms escapism as a major motivation, though studies show gamers with escapism motivation had higher psychological issue risk when external problems persisted. The excitement and entertainment job represents the 2024 industry shift from pure "play-to-earn" to "play-and-earn," with criticism that early GameFi projects prioritized "blockchain gimmicks over genuine gameplay quality." AAA titles launching in 2024-2025 (Shrapnel, Off The Grid) focus on compelling narratives and graphics, recognizing players want fun first. Perhaps most importantly, GameFi provides hope and optimism about financial futures. Players express being "relentlessly optimistic" about achieving goals, with GameFi offering a bottom-up voluntary alternative to Universal Basic Income. The sense of autonomy and control over financial destiny—rather than dependence on employers or government—emerges through player ownership of assets via NFTs (versus traditional games where developers control everything) and decentralized governance through DAO voting rights.

Social jobs: Identity and social needs being met​

Community belonging proves as important as financial returns. Discord servers reach 100,000+ members, guild systems like Yield Guild Games manage 8,000 scholars with 60,000 waitlists, and scholarship models create mentor-mentee relationships. The social element drives viral growth—Telegram mini-apps leveraging existing social graphs achieved 35 million (Notcoin) and 239 million (Hamster Kombat) users. Community-driven development is expected in 50%+ of GameFi projects by 2024. Early adopter and innovator status attracts participants wanting to be seen as tech-savvy and ahead of mainstream trends. Web3 gaming attracts "tech enthusiasts" and "crypto natives" beyond traditional gamers, with first-mover advantage in token accumulation creating status hierarchies. The wealth display and "flex culture" job manifests through rare NFT Axies with "limited-edition body parts that will never be released again" serving as status symbols, X-integrated leaderboards letting "players flex their rank to mainstream audience," and virtual real estate ownership demonstrating wealth. Stories of buying houses and land shared virally reinforce this job. For Income Seekers, the provider and family support role proves especially powerful—an 18-year-old breadwinner supporting family after father's COVID death, players paying children's school fees and parents' medication. One quote captures it: "It's food on the table." The helper and mentor status job emerges through scholarship models where successful players provide Axie NFTs to those who can't afford entry, with community managers organizing and training new players. Finally, GameFi enables gamer identity reinforcement by bridging traditional gaming culture with financial responsibility, legitimizing gaming as a career path and reducing stigma of gaming as "waste of time."

Progress users are trying to make in their lives​

Users aren't hiring "blockchain games"—they're hiring solutions to make specific life progress. Financial progress involves moving from "barely surviving paycheck to paycheck" to "building savings and supporting family comfortably," from "dependent on unstable job market" to "multiple income streams with more control," and from "unable to afford children's education" to "paying school fees and buying digital devices." Social progress means shifting from "gaming seen as waste of time" to "gaming as legitimate income source and career," from "isolated during pandemic" to "connected to global community with shared interests," and from "consumer in gaming ecosystem" to "stakeholder with ownership and governance rights." Emotional progress involves transforming from "hopeless about financial future" to "optimistic about wealth accumulation possibilities," from "time spent gaming feels guilty" to "productive use of gaming skills," and from "passive entertainment consumer" to "active creator and earner in digital economy." Identity progress encompasses moving from "just a player" to "investor, community leader, entrepreneur," from "late to crypto" to "early adopter in emerging technology," and from "separated from family (migrant worker)" to "at home while earning comparable income." Understanding these progress paths—rather than just product features—is essential for product-market fit.

Monetization models: How GameFi companies make money​

GameFi monetization has evolved significantly from the unsustainable 2021 boom toward diversified revenue streams and balanced tokenomics. Successful projects in 2024-2025 demonstrate multiple revenue sources rather than relying solely on token speculation.

Play-to-earn mechanics have transformed toward sustainability​

The original play-to-earn model rewarded players with cryptocurrency tokens for achievements, which could be traded for fiat currency. Axie Infinity pioneered the dual-token system with AXS (governance, capped supply) and SLP (utility, inflationary), where players earned SLP through battles and quests then burned it for breeding. At peak in 2021, players earned $400-1,200+ monthly, but the model collapsed as SLP crashed 99% due to hyperinflation and unsustainable token emissions requiring constant new player influx. The 2024 resurgence shows how sustainability is achieved: Axie now generates $3.2M+ annually in treasury revenue (averaging $330K monthly) with 162,828 monthly active users through diversified sources—4.25% marketplace fees on all NFT transactions, breeding fees paid in AXS/SLP, and Part Evolution fees (75,477 AXS earned). Critically, the SLP Stability Fund created 0.57% annualized deflation in 2024, with more tokens burned than minted for the first time. STEPN's move-to-earn model with GST (unlimited supply, in-game rewards) and GMT (6 billion fixed supply, governance) demonstrated the failure mode—GST reached $8-9 at peak but collapsed due to hyperinflation from oversupply and Chinese market restrictions. The 2023-2024 evolution emphasizes "play-and-own" over "play-to-earn," stake-to-play models where players stake tokens to access features, and fun-first design where games must be enjoyable independent of earning potential. Balanced token sinks—requiring spending for upgrades, breeding, repairs, crafting—prove essential for sustainability.

NFT sales generate revenue through primary and secondary markets​

Primary NFT sales include public launches, thematic partnerships, and land drops. The Sandbox's primary LAND sales drove 17.3% quarter-over-quarter growth in Q3 2024, with LAND buyer activity surging 94.11% quarter-over-quarter in Q4 2024. The platform's market cap reached $2.27 billion at December 2024 peak, with only 166,464 LAND parcels ever existing (creating scarcity). The Sandbox's Beta launch generated $1.3M+ in transactions in one day. Axie Infinity's Wings of Nightmare collection in November 2024 drove $4M treasury growth, while breeding mechanics create deflationary pressure (116,079 Axies released for materials, net reduction of 28.5K Axies in 2024). Secondary market royalties provide ongoing revenue through automated smart contracts using the ERC-2981 standard. The Sandbox implements a 5% total fee on secondary sales, split 2.5% to the platform and 2.5% to the original NFT creator, providing continuous creator income. However, marketplace dynamics shifted in 2024 as major platforms (Magic Eden, LooksRare, X2Y2) made royalties optional, reducing creator income significantly from 2022-2024 peaks. OpenSea maintains enforced royalties for new collections using filter registry, while Blur honors 0.5% minimum fees on immutable collections. The lands segment holds over 25% of NFT market revenue (2024's dominant category), with total NFT segments accounting for 77.1% of GameFi usage. This marketplace fragmentation around royalty enforcement creates strategic considerations for which platforms to prioritize.

In-game token economics balance emissions with sinks​

Dual-token models dominate successful projects. Axie Infinity's AXS (governance) has fixed supply, staking rewards, governance voting rights, and requirements for breeding/upgrades, while SLP (utility) has unlimited supply earned through gameplay but is burned for breeding and activities, managed by SLP Stability Fund to control inflation. AXS joined Coinbase 50 Index in 2024 as a top gaming token. The Sandbox uses a single-token model (3 billion SAND capped supply, full dilution expected 2026) with multiple utilities: purchasing LAND and assets, staking for passive yields, governance voting, transaction medium, and premium content access. The platform implements 5% fees on all transactions split between platform and creators, with 50% distribution to Foundation (staking rewards, creator funds, P2E prizes) and 50% to Company. Token sinks are critical for sustainability, with effective burn mechanisms including repairs and maintenance (sneaker durability in STEPN), leveling and upgrades (Part Evolution in Axie burned 75,477 AXS), breeding/minting NFT creation costs (StarSharks burns 90% of utility tokens from blind box sales), crafting and combining (Gem/Catalyst systems in The Sandbox), land development (staking DEC in Splinterlands for upgrades), and continuous marketplace fee burns. Splinterlands' 2024 innovation requiring DEC staking for land upgrades creates strong demand. Best practices emerging for 2024-2025 include ensuring token sinks exceed faucets (emissions), time-locked rewards (Illuvium's sILV prevents immediate dumping), seasonal mechanics forcing regular purchases, NFT durability limiting earning potential, and negative-sum PvP where players willingly consume tokens for entertainment.

Transaction fees and marketplace commissions provide predictable revenue​

Platform fees vary by game. Axie Infinity charges 4.25% on all in-game purchases (land, NFT trading, breeding) as Sky Mavis's primary monetization source, plus variable breeding costs requiring both AXS and SLP tokens. The Sandbox implements 5% on all marketplace transactions, split 50-50 between platform (2.5%) and NFT creators (2.5%), plus premium NFT sales, subscriptions, and services. Gas fee mitigation became essential as 80% of GameFi platforms incorporated Layer 2 solutions by 2024. Ronin Network (Axie's custom sidechain) provides minimal gas fees through 27 validator nodes, while Polygon integration (The Sandbox) reduced fees significantly. TON blockchain enables minimal fees for Telegram mini-apps (Hamster Kombat, Notcoin), though the trade-off matters—Manta Pacific's Celestia integration reduced gas fees but decreased revenue by 70.2% quarter-over-quarter in Q3 2024 (lower fees increase user activity but reduce protocol revenue). Smart contract fees automate royalty payments (ERC-2981 standard), breeding contract fees, staking/unstaking fees, and land upgrade fees. Marketplace commissions vary: OpenSea charges 2.5% platform fee plus creator royalties (if enforced), Blur charges 0.5% minimum on immutable collections using aggressive zero-fee trading for user acquisition, Magic Eden evolved from enforced to optional royalties with 25% of protocol fees distributed to creators as compromise, while The Sandbox's internal marketplace maintains 5% with 2.5% automatic creator royalty.

Diversified revenue streams reduce reliance on speculation​

Land sales dominate with over 25% of NFT market revenue in 2024, representing the fastest-growing digital asset class. The Sandbox's 166,464 capped LAND parcels create scarcity, with developed land enabling creators to earn 95% of SAND revenue while maintaining 2.5% on secondary sales. Corporate interest from JPMorgan, Samsung, Gucci, and Nike established virtual presence, with high-traffic zones commanding premium prices and prime locations generating $5,000+/month in rental income. Breeding fees create token sinks while balancing new NFT supply—Axie's breeding requires AXS + SLP with costs increasing each generation, while Part Evolution requires Axie sacrifices generating 75,477 AXS in treasury revenue. Battle passes and seasonal content drive engagement and revenue. Axie's Bounty Board system (April 2024) and Coinbase Learn and Earn partnership (June 2024) drove 691% increase in Monthly Active Accounts and 80% increase in Origins DAU, while competitive seasons offer AXS prize pools (Season 9: 24,300 AXS total). The Sandbox's Alpha Season 4 in Q4 2024 reached 580,778 unique players, 49 million quests completed, and 1.4 million hours of gameplay, distributing 600,000 SAND to 404 unique creators and running Builders' Challenge with 1.5M SAND prize pool. Sponsorships and partnerships generate significant revenue—The Sandbox has 800+ brand partnerships including Atari, Adidas, Gucci, and Ralph Lauren, with virtual fashion shows and corporate metaverse lounges. Revenue models include licensing fees, sponsored events, and virtual advertising billboards in high-traffic zones.

The scholarship guild model represents a unique revenue stream where guilds own NFTs and lend to players unable to afford entry. Yield Guild Games provided 30,000+ scholarships with standard revenue-sharing of 70% scholar, 20% manager, 10% guild (though some guilds use 50-50 splits). MetaGaming Guild expanded Pixels scholarship from 100 to 1,500 slots using a 70-30 model (70% to scholars hitting 2,000 BERRY daily quota), while GuildFi aggregates scholarships from multiple sources. Guild monetization includes passive income from NFT lending, token appreciation from guild tokens (YGG, GF, etc.), management fees (10-30% of player earnings), and investment returns from early game backing. At 2021 peak, guild leaders earned $20,000+ monthly, enabling life-changing impact in developing nations where scholarship players earn $20/day versus previous $5/day in traditional work.

Major players: Leading projects, platforms, and infrastructure​

The GameFi ecosystem consolidated around proven platforms and experienced significant evolution from speculative 2021 peaks toward quality-focused 2024-2025 landscape.

Top games span casual to AAA experiences​

Lumiterra leads with 300,000+ daily active unique wallets on Ronin (July 2025), ranking #1 by onchain activity through MMORPG mechanics and MegaDrop campaign. Axie Infinity stabilized around 100,000 daily active unique wallets after pioneering play-to-earn, generating $4+ billion cumulative NFT sales despite losing 95% of users from peak. The dual-token AXS/SLP model and scholarship program defined the industry, though unsustainable tokenomics caused the collapse before 2024 resurgence with improved sustainability. Alien Worlds maintains ~100,000 daily active unique wallets on WAX blockchain through mining-focused metaverse with strong retention, while Boxing Star X by Delabs reaches ~100,000 daily active unique wallets through Telegram Mini-App integration on TON/Kaia chains showing strong growth since April 2025. MapleStory N by Nexon represents traditional gaming entering Web3 with 50,000-80,000 daily active unique wallets on Avalanche's Henesys chain as the biggest 2025 blockchain launch bringing AAA IP credibility. Pixels peaked at 260,000+ daily users at launch with $731M market cap and $1.4B trading volume in February 2024, utilizing dual tokens (PIXEL + BERRY) after migrating from Polygon to Ronin and bringing 87K addresses to the platform. The Sandbox built 5+ million user wallets and 800+ brand partnerships (Atari, Snoop Dogg, Gucci) using SAND token as the leading metaverse platform for user-generated content and virtual real estate. Guild of Guardians on Immutable reached 1+ million pre-registrations and top 10 on iOS/Android stores, driving Immutable's 274% daily unique active wallets increase in May 2024.

The Telegram phenomenon disrupted traditional onboarding with Hamster Kombat reaching 239 MILLION users in 3 months through tap-to-earn mechanics on TON blockchain, though losing 86% post-airdrop (300M to 41M) highlights retention challenges. Notcoin achieved $1.6+ billion market cap as #2 gaming token by market cap with zero crypto onboarding friction, while Catizen built multi-million user base with successful token airdrop. Other notable games include Illuvium (AAA RPG, highly anticipated), Gala Games (multi-game platform), Decentraland (metaverse pioneer with MANA token), Gods Unchained (leading trading card game on Immutable), Off The Grid (console/PC shooter on Gunz chain), Splinterlands (established TCG with 6-year track record on Hive), and Heroes of Mavia (2.6+ million users with 3-token system on Ronin).

Blockchain platforms compete on speed, cost, and developer tools​

Ronin Network by Sky Mavis holds #1 gaming blockchain position in 2024 with 836K daily unique active wallets peak, hosting Axie Infinity, Pixels, Lumiterra, and Heroes of Mavia. Purpose-built for gaming with sub-second transactions, low fees, and proven scale, Ronin serves as a migration magnet. Immutable (X + zkEVM) achieved fastest growth at 71% year-over-year, surpassing Ronin in late 2024 with 250,000+ monthly active users, 5.5 million Passport signups, $40M total value locked, 250+ games (most in industry), 181 new games in 2024, and 1.1 million daily transactions (414% quarter-over-quarter growth). The dual solution—Immutable X on StarkWare and zkEVM on Polygon—offers zero gas fees for NFTs, EVM compatibility, best developer tools, and major partnerships (Ubisoft, NetMarble). Polygon Network maintains 550K daily unique active wallets, 220M+ addresses, and 2.48B transactions with Ethereum security, massive ecosystem, corporate partnerships, and multiple scaling solutions providing strong metaverse presence. Solana captures approximately 50% of GameFi application fees in Q1 2025 through highest throughput, lowest costs, fast finality, and trading-focused ecosystem. BNB Chain (+ opBNB) replaced Ethereum as volume leader, with opBNB providing $0.0001 gas fees (lowest) and 97 TPS average (highest), offering cost-effectiveness and strong Asian market presence. TON (The Open Network) integrated with Telegram's 700M+ users enabling Hamster Kombat, Notcoin, and Catizen with zero-friction onboarding, social integration, and viral growth potential. Other platforms include Ethereum (20-30% trading share, Layer 2 foundation), Avalanche (customizable subnets, Henesys chain), NEAR (human-readable accounts), and Gunz (Off The Grid dedicated chain).

Traditional gaming giants and VCs shape the future​

Animoca Brands dominates as #1 most active investor with portfolio of 400+ companies, $880M raised over 22 rounds (latest $110M from Temasek, Boyu, GGV), key investments in Axie, Sandbox, OpenSea, Dapper Labs, and Yield Guild Games, plus Animoca Ventures $800M-$1B fund with 38+ investments in 2024 (most active in space). GameFi Ventures based in Hong Kong manages portfolio of 21 companies focusing on seed rounds and co-investing with Animoca, while Andreessen Horowitz (a16z) deployed $40M to CCP Games from multi-billion crypto fund. Other major VCs include Bitkraft (gaming/esports focus), Hashed (South Korea, Asian market), NGC Ventures ($100M Fund III, 246 portfolio companies), Paradigm (infrastructure focus), Infinity Ventures Crypto ($70M fund), Makers Fund, and Kingsway Capital.

Ubisoft leads traditional gaming entry with Champions Tactics: Grimoria Chronicles (October 2024 on Oasys) and Might & Magic: Fates (2025 on Immutable), featuring partnerships with Immutable, Animoca, Oasys, and Starknet. The studio sold 10K Warlords and 75K Champions NFTs (sold out) with potential to leverage 138 million players. Square Enix launched Symbiogenesis (Arbitrum/Polygon, 1,500 NFTs) and Final Fantasy VII NFTs, pursuing "blockchain entertainment/Web3" strategy through Animoca Brands Japan partnership. Nexon delivered MapleStory N as major 2025 launch with 50K-80K daily users, while Epic Games shifted policy to welcome P2E games in late 2024, hosting Gods Unchained and Striker Manager 3. CCP Games (EVE Online) raised $40M (a16z lead) for new AAA EVE Web3 game. Additional activity includes Konami (Project Zircon, Castlevania), NetMarble (Immutable partnership, MARBLEX), Sony PlayStation (exploring Web3), Sega, Bandai Namco (research phase), and The PokĂŠmon Company (exploring). Industry data shows 29 of 40 largest gaming companies exploring Web3.

Infrastructure providers enable ecosystem growth​

Immutable Passport leads with 5.5 million signups (industry leading), providing seamless Web3 onboarding and game integration, while MetaMask serves 100M+ users as most popular Ethereum wallet with new Stablecoin Earn feature. Others include Trust Wallet, Coinbase Wallet, Phantom (Solana), and WalletConnect. Enjin SDK provides dedicated NFT blockchain with Unity integration, ENJ token (36.2% staking APY), and comprehensive tools (Wallet, Platform, Marketplace, Beam) plus Efinity Matrixchain for cross-chain functionality. ChainSafe Gaming (web3.unity) offers open-source Unity SDK with C#, C++, Blueprints support as premier Unity-blockchain tool with AAA studio adoption. Venly provides multi-chain wallet API and Unity/Unreal plugins with cross-platform toolkit. Others include Moralis Unity SDK, Stardust (API), Halliday, GameSwift (complete platform), Alchemy (infrastructure), and Thirdweb (smart contracts). Game engines include Unity (most popular for Web3 with SDKs from Enjin, ChainSafe, Moralis, Venly), Unreal Engine (AAA graphics, Epic Games now accepts Web3, Web3.js integration), and Godot (open-source, flexible blockchain integration).

DappRadar serves as industry standard tracking 35+ blockchains, 2,000+ games with real-time rankings as primary discovery platform. Footprint Analytics indexes 20+ blockchains, 2,000+ games with deep on-chain analysis and bot detection (developing), used by CoinMarketCap and DeGame. Nansen provides on-chain intelligence with wallet profiling and regular GameFi reports. DeGame covers 3,106 projects across 55+ blockchains with player-focused discovery. Others include Messari, CryptoSlam, and GameFi.org. Middleware and launchpads include EnjinStarter (80+ successful IDOs, $6 minimum stake, multi-chain support), GameFi.org Launchpad (IDO platform with KYC integrated), and Polygon Studios/Immutable Platform (complete development suites).

Market dynamics and strategic considerations​

The GameFi market in 2024-2025 represents a critical inflection point, transitioning from speculative hype toward sustainable product-market fit with clear opportunities and severe challenges requiring strategic navigation.

The shift toward quality and sustainability defines success​

The pure play-to-earn model collapsed spectacularly—Axie Infinity's 95% user decline, SLP's 99% crash, and the industry's 93% project failure rate proved that attracting mercenary users seeking quick profits creates unsustainable token economies with hyperinflation and Ponzi-scheme dynamics. The 2024-2025 evolution prioritizes "play-and-earn" and "play-to-own" models where gameplay quality comes first with earning as secondary benefit, entertainment value matters over financial speculation, and long-term engagement trumps extraction mechanics. This shift responds to data showing the top reason players quit is games becoming "too pay-to-win" and that 53% cite poor UX/UI as the biggest barrier. The emerging "Web2.5 mullet" strategy—mainstream free-to-play mechanics and UX on surface with blockchain features abstracted away or hidden, listed in traditional app stores (Apple, Google now allowing certain Web3 games), and onboarding requiring zero crypto knowledge—enables mainstream adoption. AAA quality games with 2-5 year development cycles, indie games with compelling gameplay loops, and traditional gaming studios entering space (Ubisoft, Epic Games, Animoca) represent the maturation of production values to compete with traditional gaming's 3.09 billion players worldwide versus only 4.5 million daily active Web3 gamers.

Massive opportunities exist in underserved segments​

True Web2 gamers represent the biggest opportunity—3.09B gamers worldwide versus 4.5M daily active Web3 gamers, with 52% not knowing what blockchain games are and 32% having heard of them but never played. The strategy requires abstracting blockchain away completely, marketing as normal games, and onboarding without requiring crypto knowledge or wallets initially. Mobile-first markets offer untapped potential with 73% of global gaming audience on mobile, Southeast Asia and Latin America being smartphone-first with lower entry barriers, and lower-cost blockchains (Solana, Polygon, opBNB) enabling mobile accessibility. The content creator economy remains underutilized—creator-owned economies with fair royalties, NFT-based asset creation and trading, user-generated content with blockchain ownership, and platforms that enforce creator royalties unlike OpenSea controversies. Subscription and hybrid monetization models address over-reliance on token mints and marketplace fees, with subscription models (à la Coinsub) providing predictable revenue, blending free-to-play + in-app purchases + blockchain rewards, and targeting "whale economy" with staking and premium memberships. Emerging niches include fully on-chain games (all logic and state on blockchain enabled by account abstraction wallets and better infrastructure like Dojo on Starknet and MUD on OP Stack with backing from a16z and Jump Crypto), AI-powered GameFi (50% of new projects expected to leverage AI for personalized experiences, dynamic NPCs, procedural content generation), and genre-specific opportunities in RPGs (best suited for Web3 due to character progression, economies, item ownership) and strategy games (complex economies benefit from blockchain transparency).

Retention crisis and tokenomics failures demand solutions​

The 60-90% churn within 30 days defines the existential crisis, with 99% drop-off threshold marking failure per CoinGecko and Hamster Kombat's 86% loss (300M to 41M users) after airdrop exemplifying the problem. Root causes include lack of long-term incentives beyond token speculation, poor gameplay mechanics, unsustainable tokenomics with inflation eroding value, bots and mercenary behavior, and airdrop farming without genuine engagement. Solution pathways require dynamic loot distribution, staking-based rewards, skill-based progression, player-controlled economies via DAOs, and immersive storytelling with compelling game loops. Common tokenomics pitfalls include hyperinflation (excessive token minting crashes value), death spirals (declining players → lower demand → price crash → more players leave), pay-to-win concerns (top reason players quit traditional games), Ponzi dynamics (early adopters profit, late entrants lose), and unsustainable supply (DeFi Kingdoms' JEWEL supply expanded 500% to 500M by mid-2024). Best practices emphasize single-token economies (not dual tokens), fixed supply with deflationary mechanisms, token sinks exceeding token faucets (incentivize keeping assets in-game), tying tokens to narratives/characters/utility not just speculation, and controlling inflation through burning, staking, and crafting requirements.

UX complexity and security vulnerabilities create barriers​

Barriers identified in 2024 Blockchain Game Alliance survey show 53% cite poor UX/UI as biggest challenge, 33% cite poor gameplay experiences, and 11% are deterred by wallet setup complexity. Technical literacy requirements include wallets, private keys, gas fees, and DEX navigation. Solutions demand hosted/custodial wallets managed by game (users don't see private keys initially), gasless transactions through Layer 2 solutions, fiat onramps, Web2-style login (email/social), and progressive disclosure of Web3 features. Security risks include smart contract vulnerabilities (immutable code means bugs can't be easily fixed), phishing attacks and private key theft, bridge exploits (Ronin Network $600M hack in 2022), and rug pulls with fraud (decentralized means less oversight). Mitigation requires comprehensive smart contract audits (Beosin, CertiK), bug bounty programs, insurance protocols, user education on wallet security, and multi-sig requirements for treasury. The regulatory landscape remains unclear—CyberKongz litigation classified ERC-20 tokens as securities, China bans GameFi entirely, South Korea bans converting game currency to cash (2004 law), Japan has restrictions, US has bipartisan proposals with mid-2023 legislation expected, and at least 20 countries predicted to have GameFi frameworks by end 2024. Implications require extensive disclosure and KYC, may restrict US participation, necessitate legal teams from day one, demand token design considering securities law, and navigate gambling regulations in some jurisdictions.

Product managers must prioritize execution and community​

Web3 product management demands 95/5 execution over vision split (versus Web2's 70/30) because the market moves too fast for long-term strategic planning, vision lives in whitepapers (done by technical architects), speed of iteration matters most, and market conditions change weekly. This means quick specs over Telegram with developers, launch/measure/iterate rapidly, build hype on Twitter/Discord in real-time, QA carefully but ship fast, and remember smart contract audits are critical (can't patch easily). Product managers must wear many hats with ultra-versatile skill sets including user research (Discord, Twitter listening), data analysis (Dune Analytics, on-chain metrics), UX/UI design (sketch flows, tokenomics), partnership/BD (protocol integrations, guilds), marketing (blogs, Twitter, memes), community management (AMAs, Discord moderation), growth hacking (airdrops, quests, referrals), tokenomics design, and understanding regulatory landscape. Teams are small with roles not unbundled like Web2.

Community-first mindset proves essential—success equals thriving community not just revenue metrics, community owns and governs (DAOs), direct interaction expected (Twitter, Discord), transparency paramount (all on-chain), with the maxim "if community fails, you're NGMI (not gonna make it)." Tactics include regular AMAs and town halls, user-generated content programs, creator support (tools, royalties), guild partnerships, governance tokens and voting, plus memes and viral content. Prioritizing fun gameplay is non-negotiable—players must enjoy the game intrinsically, earning is secondary to entertainment, compelling narrative/characters/worlds matter, tight game loops (not tedious grinding), and polish/quality (compete with Web2 AAA). Avoid games that are "spreadsheets with graphics," pure economic simulators, pay-to-win dynamics, and repetitive boring tasks for token rewards. Understanding tokenomics deeply requires critical knowledge of supply/demand dynamics, inflation/deflation mechanisms, token sinks versus faucets, staking/burning/vesting schedules, liquidity pool management, and secondary market dynamics. Security is paramount because smart contracts are immutable (bugs can't be easily fixed), hacks result in permanent loss, every transaction involves funds (wallets don't separate game from finance), and exploits can drain entire treasury—requiring multiple audits, bug bounties, conservative permissions, multi-sig wallets, incident response plans, and user education.

Winning strategies for 2025 and beyond​

Successful GameFi products in 2025 will balance gameplay quality above all else (fun over financialization), community engagement and trust (build loyal authentic fan base), sustainable tokenomics (single token, deflationary, utility-driven), abstract blockchain complexity (Web2.5 approach for onboarding), security first (audits, testing, conservative permissions), hybrid monetization (free-to-play + in-app purchases + blockchain rewards), traditional distribution (app stores not just DApp browsers), data discipline (track retention and lifetime value not vanity metrics), speed of execution (ship/learn/iterate faster than competition), and regulatory compliance (legal from day one). Common pitfalls to avoid include tokenomics over gameplay (building DeFi protocol with game graphics), dual/triple token complexity (confusing, hard to balance, inflation-prone), pay-to-win dynamics (top reason players quit), pure play-to-earn model (attracts mercenaries not genuine players), DAO-led development (bureaucracy kills creativity), ignoring Web2 gamers (targeting only 4.5M crypto natives versus 3B gamers), NFT speculation focus (pre-sales without product), poor onboarding (requiring wallet setup and crypto knowledge upfront), insufficient smart contract audits (hacks destroy projects permanently), neglecting security ("approve all" permissions, weak key management), ignoring regulations (legal issues can shut down project), no go-to-market strategy ("build it and they will come" doesn't work), vanity metrics (volume ≠ success; focus on retention/DAU/lifetime value), poor community management (ghosting Discord, ignoring feedback), launching too early (unfinished game kills reputation), fighting platform incumbents (Apple/Google bans isolate you), ignoring fraud/bots (airdrop farmers and Sybil attacks distort metrics), no token sinks (all faucets, no utility equals hyperinflation), and copying Axie Infinity (that model failed; learn from it).

The path forward requires building incredible games first (not financial instruments), using blockchain strategically not dogmatically, making onboarding invisible (Web2.5 approach), designing sustainable economics (single token, deflationary), prioritizing community and trust, moving fast and iterating constantly, securing everything meticulously, and staying compliant with evolving regulations. The $95-200 billion market size projections are achievable—but only if the industry collectively shifts from speculation to substance. The next 18 months will separate genuine innovation from hype, with product managers who combine Web2 gaming expertise with Web3 technical knowledge, execute ruthlessly, and keep players at the center building the defining products of this era. The future of gaming may indeed be decentralized, but it will succeed by being first and foremost fun.

Balaji's Vision for Cryptoidentity: From Keys to Network States

¡ 10 min read
Dora Noda
Software Engineer

1) What Balaji means by “cryptoidentity”​

In Balaji’s vocabulary, cryptoidentity is identity that is rooted in cryptography—specifically public–private keypairs—and then extended with on‑chain names, verifiable credentials/attestations, and interfaces to legacy (“fiat”) identity. In his words and work:

  • Keys as identity. The bedrock is the idea that, in Bitcoin and web3, your keypair is your identity; authentication and authorization flow from control of private keys rather than from accounts in a corporate database. (balajis.com)
  • Names and reputation on-chain. Naming systems like ENS/SNS anchor human‑readable identities to addresses; credentials (NFTs, “soulbound” tokens, on‑chain “cryptocredentials”) and attestations layer reputation and history onto those identities.
  • On‑chain, auditable “census.” For societies and network states, identity participates in a cryptographically auditable census (proof‑of‑human/unique person, proof‑of‑income, proof‑of‑real‑estate) to demonstrate real population and economic activity.
  • Bridging legacy ID ↔ crypto ID. He explicitly argues we need a “fiat identity ↔ crypto identity exchange”—akin to fiat↔crypto exchanges—so “digital passports follow digital currency.” He highlights “crypto passports” as the next interface after stablecoins. (Circle)
  • Identity for a “web3 of trust” in the AI era. To counter deepfakes and bots, he promotes content signed by on‑chain identities (e.g., ENS) so provenance and authorship are cryptographically verifiable across the open web. (Chainlink Today)
  • Civic protection. In his shorthand: “Cryptocurrency partially protects you from debanking. Cryptoidentity partially protects you from denaturalization.” (X (formerly Twitter))

2) How his view evolved (a short chronology)​

  • 2019–2020 – cryptographic identity & pseudonymity. Balaji’s writings emphasize public‑key cryptography as identity (keys-as-ID) and forecast decentralized identity + reputation growing through the 2020s. At the same time, his “pseudonymous economy” talk argues for persistent, reputation‑bearing pseudonyms to protect speech and experiment with new kinds of work and organization. (balajis.com)
  • 2022 – The Network State. He formalizes identity’s job in a network state: on‑chain census; ENS‑style identity; cryptographic proofs (of personhood/income/real‑estate); and crypto‑credentials/soulbounds. Identity is infrastructural—what the society counts and what the world can verify.
  • 2022–2024 – bridges to legacy systems. In public interviews and his podcast, he calls for fiat↔crypto identity bridges (e.g., Palau’s RNS.ID digital residency) and stresses moving “paper” records to code. (Circle)
  • 2023–present – identity as defense against AI fakes. He frames cryptoidentity as the backbone of a “web3 of trust”: signed content, on‑chain provenance, and economic friction (staking, payments) to separate humans from bots. (Chainlink Today)

3) The technical stack Balaji gestures toward​

Root primitive: keys & wallets

  • Control of a private key = control of an identity; rotate/partition keys for different personas and risk profiles. (balajis.com)

Resolution & login

  • ENS/SNS map human‑readable names to addresses; Sign‑In with Ethereum (EIP‑4361) turns those addresses into a standard way to authenticate to off‑chain apps.

Credentials & attestations (reputation layer)

  • W3C Verifiable Credentials (VC 2.0) define an interoperable way to issue/hold/verify claims (e.g., KYC checks, diplomas).
  • Ethereum Attestation Service (EAS) provides a public good layer for on‑ or off‑chain attestations to build identity, reputation, and registries that applications can verify. (W3C)

Proof‑of‑personhood & uniqueness

  • In The Network State, Balaji sketches “proof‑of‑human” techniques for the on‑chain census; outside his work, approaches like World ID try to verify humanness/uniqueness, which has also raised data‑protection concerns—illustrating the trade‑offs of biometric PoP.

Bridges to legacy identity

  • Palau RNS.ID is a prominent example of a sovereign issuing legal ID with on‑chain components; acceptance is uneven across platforms, underscoring the “bridge” problem Balaji highlights. (Biometric Update)

Provenance & anti‑deepfake

  • He advocates signing content from ENS‑linked addresses so every image/post/video can be traced to a cryptographic identity in a “web3 of trust.” (Chainlink Today)

4) Why it matters (Balaji’s strategic claims)​

  1. Censorship & deplatforming resistance: Keys and decentralized naming reduce reliance on centralized ID providers. (Keys are bearer‑style identities.) (balajis.com)
  2. Auditability for societies: Network states require verifiable population/income/footprint; auditability is impossible without identity that can be proven on‑chain.
  3. AI resilience: A cryptographic identity layer (plus signatures/attestations) underpins authenticity online, reversing AI‑driven fakery. (Chainlink Today)
  4. Interoperability & composability: Standards (ENS, SIWE, VC/EAS) make identity portable across apps and jurisdictions.

5) How it connects to The Network State​

Balaji’s book repeatedly pairs identity with a real‑time, on‑chain census—including proof‑of‑human, proof‑of‑income, and proof‑of‑real‑estate—and highlights naming (ENS) and crypto‑credentials as core primitives. He also describes “ENS‑login‑to‑physical‑world” patterns (digital keys to doors/services) embedded in a social smart contract, pointing to cryptoidentity as the access layer for both digital and (eventually) physical governance.


6) Implementation blueprint (a practical path you can execute today)​

A. Establish the base identities

  1. Generate separate keypairs for: (i) legal/“real name”, (ii) work/professional pseudonym, (iii) public‑speech pseudonym. Store each in a different wallet configuration (hardware, MPC, or smart accounts with guardians). (balajis.com)
  2. Register ENS names for each persona; publish minimal public profile metadata.

B. Add authentication & content provenance 3) Enable SIWE (EIP‑4361) for app logins; phase out passwords/social logins. (Ethereum Improvement Proposals) 4) Sign public artifacts (posts, images, code releases) from your ENS‑linked address; publish a simple “signed‑content” feed others can verify. (Chainlink Today)

C. Layer credentials and attestations 5) Issue/collect VCs for legal facts (company role, licenses) and EAS attestations for soft signals (reputation, verified contributions, attendance). Keep sensitive claims off‑chain with only hashes/receipts on‑chain. (W3C)

D. Bridge to legacy identity when needed 6) Where lawful and useful, link a sovereign/enterprise ID (e.g., Palau RNS.ID) to your cryptoidentity for KYC‑gated venues. Expect heterogeneous acceptance and maintain alternates. (Biometric Update)

E. Deploy for groups/societies 7) For a startup society or DAO:

  • Gate membership with ENS + a proof‑of‑human method you deem acceptable.
  • Maintain a public, auditable census (counts of members/income/holdings) using oracles plus signed attestations, not raw PII.

7) Risks, critiques, and open questions​

  • Privacy/pseudonymity erosion. Blockchain analysis can cluster wallets; Balaji’s own pseudonymity framing warns how a handful of data “bits” can re‑identify you. Use mixers/privacy tech carefully and lawfully—but recognize limits. (blog.blockstack.org)
  • Proof‑of‑personhood trade‑offs. Biometric PoP (e.g., iris) invites significant data‑protection scrutiny; alternative PoP methods reduce risk but may increase Sybil vulnerability. (law.kuleuven.be)
  • Bridge brittleness. Palau‑style IDs are not a universal KYC pass; acceptance varies by platform and jurisdiction and can change. Build for graceful degradation. (Malakouti Law)
  • Key loss & coercion. Keys can be stolen/coerced; use multi‑sig/guardians and incident‑response policies. (Balaji’s model assumes cryptography + consent, which must be engineered socially.) (balajis.com)
  • Name/registry centralization. ENS or any naming authority becomes a policy chokepoint; mitigate via multi‑persona design and exportable proofs.

8) How Balaji’s cryptoidentity maps to standards (and where it differs)​

  • Alignment:

    • DIDs + VCs (W3C) = portable, interoperable identity/claims; SIWE = wallet‑native authentication; EAS = attestations for reputation/registries. These are the components he points to—even if he uses plain language (ENS, credentials) rather than standards acronyms. (W3C)
  • Differences/emphasis:

    • He elevates societal auditability (on‑chain census) and AI‑era provenance (signed content) more than many DID/VC discussions, and he explicitly pushes fiat↔crypto identity bridges and crypto passports as a near‑term priority.

9) If you’re building: a minimal viable “cryptoidentity” rollout (90 days)​

  1. Week 1–2: Keys, ENS, SIWE enabled; publish your signing policy and start signing public posts/releases. (Ethereum Improvement Proposals)
  2. Week 3–6: Integrate VCs/EAS for role/membership/participation; build a public “trust page” that verifies these programmatically. (W3C)
  3. Week 7–10: Stand up a basic census dashboard (aggregate member count, on‑chain treasury/income proofs) with clear privacy posture.
  4. Week 11–13: Pilot a legacy bridge (e.g., RNS.ID where appropriate) for one compliance‑intensive flow; publish results (what worked/failed). (Biometric Update)

Selected sources (primary and load‑bearing)​

  • The Network State (on‑chain census; ENS/identity; crypto‑credentials) and “ENS‑login‑to‑physical‑world” examples.
  • Public‑Key Cryptography (keys as identity). (balajis.com)
  • Circle – The Money Movement (Ep. 74) (fiat↔crypto identity bridge; “crypto passports”). (Circle)
  • The Network State podcast, Ep. 10 (fiat‑identity→crypto‑identity exchange; Palau RNS.ID). (thenetworkstate.com)
  • Chainlink Today (signed content/ENS to fight deepfakes; “web3 of trust”). (Chainlink Today)
  • Balaji on X (“Cryptoidentity…denaturalization”). (X (formerly Twitter))
  • Standards: W3C DID Core, VC 2.0; EIP‑4361 (SIWE); EAS docs. (W3C)
  • RNS.ID / Palau (real‑world bridge; mixed acceptance). (Biometric Update)
  • Pseudonymous Economy (identity & 33‑bits re‑identification intuition). (blog.blockstack.org)

Bottom line​

For Balaji, cryptoidentity is not just “DID tech.” It’s a civilizational primitive: keys and signatures at the base; names and credentials on top; bridges to legacy identity; and a verifiable public record that scales from individuals to network societies. It’s how you get authentic people and authentic records in an AI‑flooded internet—and how a startup society can prove it’s real without asking the world to trust its word. (Chainlink Today)

If you want, I can tailor the implementation blueprint to your specific use case (consumer app, DAO, enterprise, or a startup‑society pilot) and produce concrete schemas/flows for SIWE, EAS, and VC 2.0 that match your regulatory and UX constraints.

MCP in the Web3 Ecosystem: A Comprehensive Review

¡ 49 min read
Dora Noda
Software Engineer

1. Definition and Origin of MCP in Web3 Context​

The Model Context Protocol (MCP) is an open standard that connects AI assistants (like large language models) to external data sources, tools, and environments. Often described as a "USB-C port for AI" due to its universal plug-and-play nature, MCP was developed by Anthropic and first introduced in late November 2024. It emerged as a solution to break AI models out of isolation by securely bridging them with the “systems where data lives” – from databases and APIs to development environments and blockchains.

Originally an experimental side project at Anthropic, MCP quickly gained traction. By mid-2024, open-source reference implementations appeared, and by early 2025 it had become the de facto standard for agentic AI integration, with leading AI labs (OpenAI, Google DeepMind, Meta AI) adopting it natively. This rapid uptake was especially notable in the Web3 community. Blockchain developers saw MCP as a way to infuse AI capabilities into decentralized applications, leading to a proliferation of community-built MCP connectors for on-chain data and services. In fact, some analysts argue MCP may fulfill Web3’s original vision of a decentralized, user-centric internet in a more practical way than blockchain alone, by using natural language interfaces to empower users.

In summary, MCP is not a blockchain or token, but an open protocol born in the AI world that has rapidly been embraced within the Web3 ecosystem as a bridge between AI agents and decentralized data sources. Anthropic open-sourced the standard (with an initial GitHub spec and SDKs) and cultivated an open community around it. This community-driven approach set the stage for MCP’s integration into Web3, where it is now viewed as foundational infrastructure for AI-enabled decentralized applications.

2. Technical Architecture and Core Protocols​

MCP operates on a lightweight client–server architecture with three principal roles:

  • MCP Host: The AI application or agent itself, which orchestrates requests. This could be a chatbot (Claude, ChatGPT) or an AI-powered app that needs external data. The host initiates interactions, asking for tools or information via MCP.
  • MCP Client: A connector component that the host uses to communicate with servers. The client maintains the connection, manages request/response messaging, and can handle multiple servers in parallel. For example, a developer tool like Cursor or VS Code’s agent mode can act as an MCP client bridging the local AI environment with various MCP servers.
  • MCP Server: A service that exposes some contextual data or functionality to the AI. Servers provide tools, resources, or prompts that the AI can use. In practice, an MCP server could interface with a database, a cloud app, or a blockchain node, and present a standardized set of operations to the AI. Each client-server pair communicates over its own channel, so an AI agent can tap multiple servers concurrently for different needs.

Core Primitives: MCP defines a set of standard message types and primitives that structure the AI-tool interaction. The three fundamental primitives are:

  • Tools: Discrete operations or functions the AI can invoke on a server. For instance, a “searchDocuments” tool or an “eth_call” tool. Tools encapsulate actions like querying an API, performing a calculation, or calling a smart contract function. The MCP client can request a list of available tools from a server and call them as needed.
  • Resources: Data endpoints that the AI can read from (or sometimes write to) via the server. These could be files, database entries, blockchain state (blocks, transactions), or any contextual data. The AI can list resources and retrieve their content through standard MCP messages (e.g. ListResources and ReadResource requests).
  • Prompts: Structured prompt templates or instructions that servers can provide to guide the AI’s reasoning. For example, a server might supply a formatting template or a pre-defined query prompt. The AI can request a list of prompt templates and use them to maintain consistency in how it interacts with that server.

Under the hood, MCP communications are typically JSON-based and follow a request-response pattern similar to RPC (Remote Procedure Call). The protocol’s specification defines messages like InitializeRequest, ListTools, CallTool, ListResources, etc., which ensure that any MCP-compliant client can talk to any MCP server in a uniform way. This standardization is what allows an AI agent to discover what it can do: upon connecting to a new server, it can inquire “what tools and data do you offer?” and then dynamically decide how to use them.

Security and Execution Model: MCP was designed with secure, controlled interactions in mind. The AI model itself doesn’t execute arbitrary code; it sends high-level intents (via the client) to the server, which then performs the actual operation (e.g., fetching data or calling an API) and returns results. This separation means sensitive actions (like blockchain transactions or database writes) can be sandboxed or require explicit user approval. For example, there are messages like Ping (to keep connections alive) and even a CreateMessageRequest which allows an MCP server to ask the client’s AI to generate a sub-response, typically gated by user confirmation. Features like authentication, access control, and audit logging are being actively developed to ensure MCP can be used safely in enterprise and decentralized environments (more on this in the Roadmap section).

In summary, MCP’s architecture relies on a standardized message protocol (with JSON-RPC style calls) that connects AI agents (hosts) to a flexible array of servers providing tools, data, and actions. This open architecture is model-agnostic and platform-agnostic – any AI agent can use MCP to talk to any resource, and any developer can create a new MCP server for a data source without needing to modify the AI’s core code. This plug-and-play extensibility is what makes MCP powerful in Web3: one can build servers for blockchain nodes, smart contracts, wallets, or oracles and have AI agents seamlessly integrate those capabilities alongside web2 APIs.

3. Use Cases and Applications of MCP in Web3​

MCP unlocks a wide range of use cases by enabling AI-driven applications to access blockchain data and execute on-chain or off-chain actions in a secure, high-level way. Here are some key applications and problems it helps solve in the Web3 domain:

  • On-Chain Data Analysis and Querying: AI agents can query live blockchain state in real-time to provide insights or trigger actions. For example, an MCP server connected to an Ethereum node allows an AI to fetch account balances, read smart contract storage, trace transactions, or retrieve event logs on demand. This turns a chatbot or coding assistant into a blockchain explorer. Developers can ask an AI assistant questions like “What’s the current liquidity in Uniswap pool X?” or “Simulate this Ethereum transaction’s gas cost,” and the AI will use MCP tools to call an RPC node and get the answer from the live chain. This is far more powerful than relying on the AI’s training data or static snapshots.
  • Automated DeFi Portfolio Management: By combining data access and action tools, AI agents can manage crypto portfolios or DeFi positions. For instance, an “AI Vault Optimizer” could monitor a user’s positions across yield farms and automatically suggest or execute rebalancing strategies based on real-time market conditions. Similarly, an AI could act as a DeFi portfolio manager, adjusting allocations between protocols when risk or rates change. MCP provides the standard interface for the AI to read on-chain metrics (prices, liquidity, collateral ratios) and then invoke tools to execute transactions (like moving funds or swapping assets) if permitted. This can help users maximize yield or manage risk 24/7 in a way that would be hard to do manually.
  • AI-Powered User Agents for Transactions: Think of a personal AI assistant that can handle blockchain interactions for a user. With MCP, such an agent can integrate with wallets and DApps to perform tasks via natural language commands. For example, a user could say, "AI, send 0.5 ETH from my wallet to Alice" or "Stake my tokens in the highest-APY pool." The AI, through MCP, would use a secure wallet server (holding the user’s private key) to create and sign the transaction, and a blockchain MCP server to broadcast it. This scenario turns complex command-line or Metamask interactions into a conversational experience. It’s crucial that secure wallet MCP servers are used here, enforcing permissions and confirmations, but the end result is streamlining on-chain transactions through AI assistance.
  • Developer Assistants and Smart Contract Debugging: Web3 developers can leverage MCP-based AI assistants that are context-aware of blockchain infrastructure. For example, Chainstack’s MCP servers for EVM and Solana give AI coding copilots deep visibility into the developer’s blockchain environment. A smart contract engineer using an AI assistant (in VS Code or an IDE) can have the AI fetch the current state of a contract on a testnet, run a simulation of a transaction, or check logs – all via MCP calls to local blockchain nodes. This helps in debugging and testing contracts. The AI is no longer coding “blindly”; it can actually verify how code behaves on-chain in real time. This use case solves a major pain point by allowing AI to continuously ingest up-to-date docs (via a documentation MCP server) and to query the blockchain directly, reducing hallucinations and making suggestions far more accurate.
  • Cross-Protocol Coordination: Because MCP is a unified interface, a single AI agent can coordinate across multiple protocols and services simultaneously – something extremely powerful in Web3’s interconnected landscape. Imagine an autonomous trading agent that monitors various DeFi platforms for arbitrage. Through MCP, one agent could concurrently interface with Aave’s lending markets, a LayerZero cross-chain bridge, and an MEV (Miner Extractable Value) analytics service, all through a coherent interface. The AI could, in one “thought process,” gather liquidity data from Ethereum (via an MCP server on an Ethereum node), get price info or oracle data (via another server), and even invoke bridging or swapping operations. Previously, such multi-platform coordination would require complex custom-coded bots, but MCP gives a generalizable way for an AI to navigate the entire Web3 ecosystem as if it were one big data/resource pool. This could enable advanced use cases like cross-chain yield optimization or automated liquidation protection, where an AI moves assets or collateral across chains proactively.
  • AI Advisory and Support Bots: Another category is user-facing advisors in crypto applications. For instance, a DeFi help chatbot integrated into a platform like Uniswap or Compound could use MCP to pull in real-time info for the user. If a user asks, “What’s the best way to hedge my position?”, the AI can fetch current rates, volatility data, and the user’s portfolio details via MCP, then give a context-aware answer. Platforms are exploring AI-powered assistants embedded in wallets or dApps that can guide users through complex transactions, explain risks, and even execute sequences of steps with approval. These AI agents effectively sit on top of multiple Web3 services (DEXes, lending pools, insurance protocols), using MCP to query and command them as needed, thereby simplifying the user experience.
  • Beyond Web3 – Multi-Domain Workflows: Although our focus is Web3, it's worth noting MCP’s use cases extend to any domain where AI needs external data. It’s already being used to connect AI to things like Google Drive, Slack, GitHub, Figma, and more. In practice, a single AI agent could straddle Web3 and Web2: e.g., analyzing an Excel financial model from Google Drive, then suggesting on-chain trades based on that analysis, all in one workflow. MCP’s flexibility allows cross-domain automation (e.g., "schedule my meeting if my DAO vote passes, and email the results") that blends blockchain actions with everyday tools.

Problems Solved: The overarching problem MCP addresses is the lack of a unified interface for AI to interact with live data and services. Before MCP, if you wanted an AI to use a new service, you had to hand-code a plugin or integration for that specific service’s API, often in an ad-hoc way. In Web3 this was especially cumbersome – every blockchain or protocol has its own interfaces, and no AI could hope to support them all. MCP solves this by standardizing how the AI describes what it wants (natural language mapped to tool calls) and how services describe what they offer. This drastically reduces integration work. For example, instead of writing a custom plugin for each DeFi protocol, a developer can write one MCP server for that protocol (essentially annotating its functions in natural language). Any MCP-enabled AI (whether Claude, ChatGPT, or open-source models) can then immediately utilize it. This makes AI extensible in a plug-and-play fashion, much like how adding a new device via a universal port is easier than installing a new interface card.

In sum, MCP in Web3 enables AI agents to become first-class citizens of the blockchain world – querying, analyzing, and even transacting across decentralized systems, all through safe, standardized channels. This opens the door to more autonomous dApps, smarter user agents, and seamless integration of on-chain and off-chain intelligence.

4. Tokenomics and Governance Model​

Unlike typical Web3 protocols, MCP does not have a native token or cryptocurrency. It is not a blockchain or a decentralized network on its own, but rather an open protocol specification (more akin to HTTP or JSON-RPC in spirit). Thus, there is no built-in tokenomics – no token issuance, staking, or fee model inherent to using MCP. AI applications and servers communicate via MCP without any cryptocurrency involved; for instance, an AI calling a blockchain via MCP might pay gas fees for the blockchain transaction, but MCP itself adds no extra token fee. This design reflects MCP’s origin in the AI community: it was introduced as a technical standard to improve AI-tool interactions, not as a tokenized project.

Governance of MCP is carried out in an open-source, community-driven fashion. After releasing MCP as an open standard, Anthropic signaled a commitment to collaborative development. A broad steering committee and working groups have formed to shepherd the protocol’s evolution. Notably, by mid-2025, major stakeholders like Microsoft and GitHub joined the MCP steering committee alongside Anthropic. This was announced at Microsoft Build 2025, indicating a coalition of industry players guiding MCP’s roadmap and standards decisions. The committee and maintainers work via an open governance process: proposals to change or extend MCP are typically discussed publicly (e.g. via GitHub issues and “SEP” – Standard Enhancement Proposal – guidelines). There is also an MCP Registry working group (with maintainers from companies like Block, PulseMCP, GitHub, and Anthropic) which exemplifies the multi-party governance. In early 2025, contributors from at least 9 different organizations collaborated to build a unified MCP server registry for discovery, demonstrating how development is decentralized across community members rather than controlled by one entity.

Since there is no token, governance incentives rely on the common interests of stakeholders (AI companies, cloud providers, blockchain developers, etc.) to improve the protocol for all. This is somewhat analogous to how W3C or IETF standards are governed, but with a faster-moving GitHub-centric process. For example, Microsoft and Anthropic worked together to design an improved authorization spec for MCP (integrating things like OAuth and single sign-on), and GitHub collaborated on the official MCP Registry service for listing available servers. These enhancements were contributed back to the MCP spec for everyone’s benefit.

It’s worth noting that while MCP itself is not tokenized, there are forward-looking ideas about layering economic incentives and decentralization on top of MCP. Some researchers and thought leaders in Web3 foresee the emergence of “MCP networks” – essentially decentralized networks of MCP servers and agents that use blockchain-like mechanisms for discovery, trust, and rewards. In such a scenario, one could imagine a token being used to reward those who run high-quality MCP servers (similar to how miners or node operators are incentivized). Capabilities like reputation ratings, verifiable computation, and node discovery could be facilitated by smart contracts or a blockchain, with a token driving honest behavior. This is still conceptual, but projects like MIT’s Namda (discussed later) are experimenting with token-based incentive mechanisms for networks of AI agents using MCP. If these ideas mature, MCP might intersect with on-chain tokenomics more directly, but as of 2025 the core MCP standard remains token-free.

In summary, MCP’s “governance model” is that of an open technology standard: collaboratively maintained by a community and a steering committee of experts, with no on-chain governance token. Decisions are guided by technical merit and broad consensus rather than coin-weighted voting. This distinguishes MCP from many Web3 protocols – it aims to fulfill Web3’s ideals (decentralization, interoperability, user empowerment) through open software and standards, not through a proprietary blockchain or token. In the words of one analysis, “the promise of Web3... can finally be realized not through blockchain and cryptocurrency, but through natural language and AI agents”, positioning MCP as a key enabler of that vision. That said, as MCP networks grow, we may see hybrid models where blockchain-based governance or incentive mechanisms augment the ecosystem – a space to watch closely.

5. Community and Ecosystem​

The MCP ecosystem has grown explosively in a short time, spanning AI developers, open-source contributors, Web3 engineers, and major tech companies. It’s a vibrant community effort, with key contributors and partnerships including:

  • Anthropic: As the creator, Anthropic seeded the ecosystem by open-sourcing the MCP spec and several reference servers (for Google Drive, Slack, GitHub, etc.). Anthropic continues to lead development (for example, staff like Theodora Chu serve as MCP product managers, and Anthropic’s team contributes heavily to spec updates and community support). Anthropic’s openness attracted others to build on MCP rather than see it as a single-company tool.

  • Early Adopters (Block, Apollo, Zed, Replit, Codeium, Sourcegraph): In the first months after release, a wave of early adopters implemented MCP in their products. Block (formerly Square) integrated MCP to explore AI agentic systems in fintech – Block’s CTO praised MCP as an open bridge connecting AI to real-world applications. Apollo (likely Apollo GraphQL) also integrated MCP to allow AI access to internal data. Developer tool companies like Zed (code editor), Replit (cloud IDE), Codeium (AI coding assistant), and Sourcegraph (code search) each worked to add MCP support. For instance, Sourcegraph uses MCP so an AI coding assistant can retrieve relevant code from a repository in response to a question, and Replit’s IDE agents can pull in project-specific context. These early adopters gave MCP credibility and visibility.

  • Big Tech Endorsement – OpenAI, Microsoft, Google: In a notable turn, companies that are otherwise competitors aligned on MCP. OpenAI’s CEO Sam Altman publicly announced in March 2025 that OpenAI would add MCP support across its products (including ChatGPT’s desktop app), saying “People love MCP and we are excited to add support across our products”. This meant OpenAI’s Agent API and ChatGPT plugins would speak MCP, ensuring interoperability. Just weeks later, Google DeepMind’s CEO Demis Hassabis revealed that Google’s upcoming Gemini models and tools would support MCP, calling it a good protocol and an open standard for the “AI agentic era”. Microsoft not only joined the steering committee but partnered with Anthropic to build an official C# SDK for MCP to serve the enterprise developer community. Microsoft’s GitHub unit integrated MCP into GitHub Copilot (VS Code’s ‘Copilot Labs/Agents’ mode), enabling Copilot to use MCP servers for things like repository searching and running test cases. Additionally, Microsoft announced Windows 11 would expose certain OS functions (like file system access) as MCP servers so AI agents can interact with the operating system securely. The collaboration among OpenAI, Microsoft, Google, and Anthropic – all rallying around MCP – is extraordinary and underscores the community-over-competition ethos of this standard.

  • Web3 Developer Community: A number of blockchain developers and startups have embraced MCP. Several community-driven MCP servers have been created to serve blockchain use cases:

    • The team at Alchemy (a leading blockchain infrastructure provider) built an Alchemy MCP Server that offers on-demand blockchain analytics tools via MCP. This likely lets an AI get blockchain stats (like historical transactions, address activity) through Alchemy’s APIs using natural language.
    • Contributors developed a Bitcoin & Lightning Network MCP Server to interact with Bitcoin nodes and the Lightning payment network, enabling AI agents to read Bitcoin block data or even create Lightning invoices via standard tools.
    • The crypto media and education group Bankless created an Onchain MCP Server focused on Web3 financial interactions, possibly providing an interface to DeFi protocols (sending transactions, querying DeFi positions, etc.) for AI assistants.
    • Projects like Rollup.codes (a knowledge base for Ethereum Layer 2s) made an MCP server for rollup ecosystem info, so an AI can answer technical questions about rollups by querying this server.
    • Chainstack, a blockchain node provider, launched a suite of MCP servers (covered earlier) for documentation, EVM chain data, and Solana, explicitly marketing it as “putting your AI on blockchain steroids” for Web3 builders.

    Additionally, Web3-focused communities have sprung up around MCP. For example, PulseMCP and Goose are community initiatives referenced as helping build the MCP registry. We’re also seeing cross-pollination with AI agent frameworks: the LangChain community integrated adapters so that all MCP servers can be used as tools in LangChain-powered agents, and open-source AI platforms like Hugging Face TGI (text-generation-inference) are exploring MCP compatibility. The result is a rich ecosystem where new MCP servers are announced almost daily, serving everything from databases to IoT devices.

  • Scale of Adoption: The traction can be quantified to some extent. By February 2025 – barely three months after launch – over 1,000 MCP servers/connectors had been built by the community. This number has only grown, indicating thousands of integrations across industries. Mike Krieger (Anthropic’s Chief Product Officer) noted by spring 2025 that MCP had become a “thriving open standard with thousands of integrations and growing”. The official MCP Registry (launched in preview in Sept 2025) is cataloging publicly available servers, making it easier to discover tools; the registry’s open API allows anyone to search for, say, “Ethereum” or “Notion” and find relevant MCP connectors. This lowers the barrier for new entrants and further fuels growth.

  • Partnerships: We’ve touched on many implicit partnerships (Anthropic with Microsoft, etc.). To highlight a few more:

    • Anthropic & Slack: Anthropic partnered with Slack to integrate Claude with Slack’s data via MCP (Slack has an official MCP server, enabling AI to retrieve Slack messages or post alerts).
    • Cloud Providers: Amazon (AWS) and Google Cloud have worked with Anthropic to host Claude, and it’s likely they support MCP in those environments (e.g., AWS Bedrock might allow MCP connectors for enterprise data). While not explicitly in citations, these cloud partnerships are important for enterprise adoption.
    • Academic collaborations: The MIT and IBM research project Namda (discussed next) represents a partnership between academia and industry to push MCP’s limits in decentralized settings.
    • GitHub & VS Code: Partnership to enhance developer experience – e.g., VS Code’s team actively contributed to MCP (one of the registry maintainers is from VS Code team).
    • Numerous startups: Many AI startups (agent startups, workflow automation startups) are building on MCP instead of reinventing the wheel. This includes emerging Web3 AI startups looking to offer “AI as a DAO” or autonomous economic agents.

Overall, the MCP community is diverse and rapidly expanding. It includes core tech companies (for standards and base tooling), Web3 specialists (bringing blockchain knowledge and use cases), and independent developers (who often contribute connectors for their favorite apps or protocols). The ethos is collaborative. For example, security concerns about third-party MCP servers have prompted community discussions and contributions of best practices (e.g., Stacklok contributors working on security tooling for MCP servers). The community’s ability to iterate quickly (MCP saw several spec upgrades within months, adding features like streaming responses and better auth) is a testament to broad engagement.

In the Web3 ecosystem specifically, MCP has fostered a mini-ecosystem of “AI + Web3” projects. It’s not just a protocol to use; it’s catalyzing new ideas like AI-driven DAOs, on-chain governance aided by AI analysis, and cross-domain automation (like linking on-chain events to off-chain actions through AI). The presence of key Web3 figures – e.g., Zhivko Todorov of LimeChain stating “MCP represents the inevitable integration of AI and blockchain” – shows that blockchain veterans are actively championing it. Partnerships between AI and blockchain companies (such as the one between Anthropic and Block, or Microsoft’s Azure cloud making MCP easy to deploy alongside its blockchain services) hint at a future where AI agents and smart contracts work hand-in-hand.

One could say MCP has ignited the first genuine convergence of the AI developer community with the Web3 developer community. Hackathons and meetups now feature MCP tracks. As a concrete measure of ecosystem adoption: by mid-2025, OpenAI, Google, and Anthropic – collectively representing the majority of advanced AI models – all support MCP, and on the other side, leading blockchain infrastructure providers (Alchemy, Chainstack), crypto companies (Block, etc.), and decentralized projects are building MCP hooks. This two-sided network effect bodes well for MCP becoming a lasting standard.

6. Roadmap and Development Milestones​

MCP’s development has been fast-paced. Here we outline the major milestones so far and the roadmap ahead as gleaned from official sources and community updates:

  • Late 2024 – Initial Release: On Nov 25, 2024, Anthropic officially announced MCP and open-sourced the specification and initial SDKs. Alongside the spec, they released a handful of MCP server implementations for common tools (Google Drive, Slack, GitHub, etc.) and added support in the Claude AI assistant (Claude Desktop app) to connect to local MCP servers. This marked the 1.0 launch of MCP. Early proof-of-concept integrations at Anthropic showed how Claude could use MCP to read files or query a SQL database in natural language, validating the concept.
  • Q1 2025 – Rapid Adoption and Iteration: In the first few months of 2025, MCP saw widespread industry adoption. By March 2025, OpenAI and other AI providers announced support (as described above). This period also saw spec evolution: Anthropic updated MCP to include streaming capabilities (allowing large results or continuous data streams to be sent incrementally). This update was noted in April 2025 with the C# SDK news, indicating MCP now supported features like chunked responses or real-time feed integration. The community also built reference implementations in various languages (Python, JavaScript, etc.) beyond Anthropic’s SDK, ensuring polyglot support.
  • Q2 2025 – Ecosystem Tooling and Governance: In May 2025, with Microsoft and GitHub joining the effort, there was a push for formalizing governance and enhancing security. At Build 2025, Microsoft unveiled plans for Windows 11 MCP integration and detailed a collaboration to improve authorization flows in MCP. Around the same time, the idea of an MCP Registry was introduced to index available servers (the initial brainstorming started in March 2025 according to the registry blog). The “standards track” process (SEP – Standard Enhancement Proposals) was established on GitHub, similar to Ethereum’s EIPs or Python’s PEPs, to manage contributions in an orderly way. Community calls and working groups (for security, registry, SDKs) started convening.
  • Mid 2025 – Feature Expansion: By mid-2025, the roadmap prioritized several key improvements:
    • Asynchronous and Long-Running Task Support: Plans to allow MCP to handle long operations without blocking the connection. For example, if an AI triggers a cloud job that takes minutes, the MCP protocol would support async responses or reconnection to fetch results.
    • Authentication & Fine-Grained Security: Developing fine-grained authorization mechanisms for sensitive actions. This includes possibly integrating OAuth flows, API keys, and enterprise SSO into MCP servers so that AI access can be safely managed. By mid-2025, guides and best practices for MCP security were in progress, given the security risks of allowing AI to invoke powerful tools. The goal is that, for instance, if an AI is to access a user’s private database via MCP, it should follow a secure authorization flow (with user consent) rather than just an open endpoint.
    • Validation and Compliance Testing: Recognizing the need for reliability, the community prioritized building compliance test suites and reference implementations. By ensuring all MCP clients/servers adhere to the spec (through automated testing), they aimed to prevent fragmentation. A reference server (likely an example with best practices for remote deployment and auth) was on the roadmap, as was a reference client application demonstrating full MCP usage with an AI.
    • Multimodality Support: Extending MCP beyond text to support modalities like image, audio, video data in the context. For example, an AI might request an image from an MCP server (say, a design asset or a diagram) or output an image. The spec discussion included adding support for streaming and chunked messages to handle large multimedia content interactively. Early work on “MCP Streaming” was already underway (to support things like live audio feeds or continuous sensor data to AI).
    • Central Registry & Discovery: The plan to implement a central MCP Registry service for server discovery was executed in mid-2025. By September 2025, the official MCP Registry was launched in preview. This registry provides a single source of truth for publicly available MCP servers, allowing clients to find servers by name, category, or capabilities. It’s essentially like an app store (but open) for AI tools. The design allows for public registries (a global index) and private ones (enterprise-specific), all interoperable via a shared API. The Registry also introduced a moderation mechanism to flag or delist malicious servers, with a community moderation model to maintain quality.
  • Late 2025 and Beyond – Toward Decentralized MCP Networks: While not “official” roadmap items yet, the trajectory points toward more decentralization and Web3 synergy:
    • Researchers are actively exploring how to add decentralized discovery, reputation, and incentive layers to MCP. The concept of an MCP Network (or “marketplace of MCP endpoints”) is being incubated. This might involve smart contract-based registries (so no single point of failure for server listings), reputation systems where servers/clients have on-chain identities and stake for good behavior, and possibly token rewards for running reliable MCP nodes.
    • Project Namda at MIT, which started in 2024, is a concrete step in this direction. By 2025, Namda had built a prototype distributed agent framework on MCP’s foundations, including features like dynamic node discovery, load balancing across agent clusters, and a decentralized registry using blockchain techniques. They even have experimental token-based incentives and provenance tracking for multi-agent collaborations. Milestones from Namda show that it’s feasible to have a network of MCP agents running across many machines with trustless coordination. If Namda’s concepts are adopted, we might see MCP evolve to incorporate some of these ideas (possibly through optional extensions or separate protocols layered on top).
    • Enterprise Hardening: On the enterprise side, by late 2025 we expect MCP to be integrated into major enterprise software offerings (Microsoft’s inclusion in Windows and Azure is one example). The roadmap includes enterprise-friendly features like SSO integration for MCP servers and robust access controls. The general availability of the MCP Registry and toolkits for deploying MCP at scale (e.g., within a corporate network) is likely by end of 2025.

To recap some key development milestones so far (timeline format for clarity):

  • Nov 2024: MCP 1.0 released (Anthropic).
  • Dec 2024 – Jan 2025: Community builds first wave of MCP servers; Anthropic releases Claude Desktop with MCP support; small-scale pilots by Block, Apollo, etc.
  • Feb 2025: 1000+ community MCP connectors achieved; Anthropic hosts workshops (e.g., at an AI summit, driving education).
  • Mar 2025: OpenAI announces support (ChatGPT Agents SDK).
  • Apr 2025: Google DeepMind announces support (Gemini will support MCP); Microsoft releases preview of C# SDK.
  • May 2025: Steering Committee expanded (Microsoft/GitHub); Build 2025 demos (Windows MCP integration).
  • Jun 2025: Chainstack launches Web3 MCP servers (EVM/Solana) for public use.
  • Jul 2025: MCP spec version updates (streaming, authentication improvements); official Roadmap published on MCP site.
  • Sep 2025: MCP Registry (preview) launched; likely MCP hits general availability in more products (Claude for Work, etc.).
  • Late 2025 (projected): Registry v1.0 live; security best-practice guides released; possibly initial experiments with decentralized discovery (Namda results).

The vision forward is that MCP becomes as ubiquitous and invisible as HTTP or JSON – a common layer that many apps use under the hood. For Web3, the roadmap suggests deeper fusion: where not only will AI agents use Web3 (blockchains) as sources or sinks of information, but Web3 infrastructure itself might start to incorporate AI agents (via MCP) as part of its operation (for example, a DAO might run an MCP-compatible AI to manage certain tasks, or oracles might publish data via MCP endpoints). The roadmap’s emphasis on things like verifiability and authentication hints that down the line, trust-minimized MCP interactions could be a reality – imagine AI outputs that come with cryptographic proofs, or an on-chain log of what tools an AI invoked for audit purposes. These possibilities blur the line between AI and blockchain networks, and MCP is at the heart of that convergence.

In conclusion, MCP’s development is highly dynamic. It has hit major early milestones (broad adoption and standardization within a year of launch) and continues to evolve rapidly with a clear roadmap emphasizing security, scalability, and discovery. The milestones achieved and planned ensure MCP will remain robust as it scales: addressing challenges like long-running tasks, secure permissions, and the sheer discoverability of thousands of tools. This forward momentum indicates that MCP is not a static spec but a growing standard, likely to incorporate more Web3-flavored features (decentralized governance of servers, incentive alignment) as those needs arise. The community is poised to adapt MCP to new use cases (multimodal AI, IoT, etc.), all while keeping an eye on the core promise: making AI more connected, context-aware, and user-empowering in the Web3 era.

7. Comparison with Similar Web3 Projects or Protocols​

MCP’s unique blend of AI and connectivity means there aren’t many direct apples-to-apples equivalents, but it’s illuminating to compare it with other projects at the intersection of Web3 and AI or with analogous goals:

  • SingularityNET (AGI/X) – Decentralized AI Marketplace: SingularityNET, launched in 2017 by Dr. Ben Goertzel and others, is a blockchain-based marketplace for AI services. It allows developers to monetize AI algorithms as services and users to consume those services, all facilitated by a token (AGIX) which is used for payments and governance. In essence, SingularityNET is trying to decentralize the supply of AI models by hosting them on a network where anyone can call an AI service in exchange for tokens. This differs from MCP fundamentally. MCP does not host or monetize AI models; instead, it provides a standard interface for AI (wherever it’s running) to access data/tools. One could imagine using MCP to connect an AI to services listed on SingularityNET, but SingularityNET itself focuses on the economic layer (who provides an AI service and how they get paid). Another key difference: Governance – SingularityNET has on-chain governance (via SingularityNET Enhancement Proposals (SNEPs) and AGIX token voting) to evolve its platform. MCP’s governance, by contrast, is off-chain and collaborative without a token. In summary, SingularityNET and MCP both strive for a more open AI ecosystem, but SingularityNET is about a tokenized network of AI algorithms, whereas MCP is about a protocol standard for AI-tool interoperability. They could complement: for example, an AI on SingularityNET could use MCP to fetch external data it needs. But SingularityNET doesn’t attempt to standardize tool use; it uses blockchain to coordinate AI services, while MCP uses software standards to let AI work with any service.
  • Fetch.ai (FET) – Agent-Based Decentralized Platform: Fetch.ai is another project blending AI and blockchain. It launched its own proof-of-stake blockchain and framework for building autonomous agents that perform tasks and interact on a decentralized network. In Fetch’s vision, millions of “software agents” (representing people, devices, or organizations) can negotiate and exchange value, using FET tokens for transactions. Fetch.ai provides an agent framework (uAgents) and infrastructure for discovery and communication between agents on its ledger. For example, a Fetch agent might help optimize traffic in a city by interacting with other agents for parking and transport, or manage a supply chain workflow autonomously. How does this compare to MCP? Both deal with the concept of agents, but Fetch.ai’s agents are strongly tied to its blockchain and token economy – they live on the Fetch network and use on-chain logic. MCP agents (AI hosts) are model-driven (like an LLM) and not tied to any single network; MCP is content to operate over the internet or within a cloud setup, without requiring a blockchain. Fetch.ai tries to build a new decentralized AI economy from the ground up (with its own ledger for trust and transactions), whereas MCP is layer-agnostic – it piggybacks on existing networks (could be used over HTTPS, or even on top of a blockchain if needed) to enable AI interactions. One might say Fetch is more about autonomous economic agents and MCP about smart tool-using agents. Interestingly, these could intersect: an autonomous agent on Fetch.ai might use MCP to interface with off-chain resources or other blockchains. Conversely, one could use MCP to build multi-agent systems that leverage different blockchains (not just one). In practice, MCP has seen faster adoption because it didn’t require its own network – it works with Ethereum, Solana, Web2 APIs, etc., out of the box. Fetch.ai’s approach is more heavyweight, creating an entire ecosystem that participants must join (and acquire tokens) to use. In sum, Fetch.ai vs MCP: Fetch is a platform with its own token/blockchain for AI agents, focusing on interoperability and economic exchanges between agents, while MCP is a protocol that AI agents (in any environment) can use to plug into tools and data. Their goals overlap in enabling AI-driven automation, but they tackle different layers of the stack and have very different architectural philosophies (closed ecosystem vs open standard).
  • Chainlink and Decentralized Oracles – Connecting Blockchains to Off-Chain Data: Chainlink is not an AI project, but it’s highly relevant as a Web3 protocol solving a complementary problem: how to connect blockchains with external data and computation. Chainlink is a decentralized network of nodes (oracles) that fetch, verify, and deliver off-chain data to smart contracts in a trust-minimized way. For example, Chainlink oracles provide price feeds to DeFi protocols or call external APIs on behalf of smart contracts via Chainlink Functions. Comparatively, MCP connects AI models to external data/tools (some of which might be blockchains). One could say Chainlink brings data into blockchains, while MCP brings data into AI. There is a conceptual parallel: both establish a bridge between otherwise siloed systems. Chainlink focuses on reliability, decentralization, and security of data fed on-chain (solving the “oracle problem” of single point of failure). MCP focuses on flexibility and standardization of how AI can access data (solving the “integration problem” for AI agents). They operate in different domains (smart contracts vs AI assistants), but one might compare MCP servers to oracles: an MCP server for price data might call the same APIs a Chainlink node does. The difference is the consumer – in MCP’s case, the consumer is an AI or user-facing assistant, not a deterministic smart contract. Also, MCP does not inherently provide the trust guarantees that Chainlink does (MCP servers can be centralized or community-run, with trust managed at the application level). However, as mentioned earlier, ideas to decentralize MCP networks could borrow from oracle networks – e.g., multiple MCP servers could be queried and results cross-checked to ensure an AI isn’t fed bad data, similar to how multiple Chainlink nodes aggregate a price. In short, Chainlink vs MCP: Chainlink is Web3 middleware for blockchains to consume external data, MCP is AI middleware for models to consume external data (which could include blockchain data). They address analogous needs in different realms and could even complement: an AI using MCP might fetch a Chainlink-provided data feed as a reliable resource, and conversely, an AI could serve as a source of analysis that a Chainlink oracle brings on-chain (though that latter scenario would raise questions of verifiability).
  • ChatGPT Plugins / OpenAI Functions vs MCP – AI Tool Integration Approaches: While not Web3 projects, a quick comparison is warranted because ChatGPT plugins and OpenAI’s function calling feature also connect AI to external tools. ChatGPT plugins use an OpenAPI specification provided by a service, and the model can then call those APIs following the spec. The limitations are that it’s a closed ecosystem (OpenAI-approved plugins running on OpenAI’s servers) and each plugin is a siloed integration. OpenAI’s newer “Agents” SDK is closer to MCP in concept, letting developers define tools/functions that an AI can use, but initially it was specific to OpenAI’s ecosystem. LangChain similarly provided a framework to give LLMs tools in code. MCP differs by offering an open, model-agnostic standard for this. As one analysis put it, LangChain created a developer-facing standard (a Python interface) for tools, whereas MCP creates a model-facing standard – an AI agent can discover and use any MCP-defined tool at runtime without custom code. In practical terms, MCP’s ecosystem of servers grew larger and more diverse than the ChatGPT plugin store within months. And rather than each model having its own plugin format (OpenAI had theirs, others had different ones), many are coalescing around MCP. OpenAI itself signaled support for MCP, essentially aligning their function approach with the broader standard. So, comparing OpenAI Plugins to MCP: plugins are a curated, centralized approach, while MCP is a decentralized, community-driven approach. In a Web3 mindset, MCP is more “open source and permissionless” whereas proprietary plugin ecosystems are more closed. This makes MCP analogous to the ethos of Web3 even though it’s not a blockchain – it enables interoperability and user control (you could run your own MCP server for your data, instead of giving it all to one AI provider). This comparison shows why many consider MCP as having more long-term potential: it’s not locked to one vendor or one model.
  • Project Namda and Decentralized Agent Frameworks: Namda deserves a separate note because it explicitly combines MCP with Web3 concepts. As described earlier, Namda (Networked Agent Modular Distributed Architecture) is an MIT/IBM initiative started in 2024 to build a scalable, distributed network of AI agents using MCP as the communication layer. It treats MCP as the messaging backbone (since MCP uses standard JSON-RPC-like messages, it fit well for inter-agent comms), and then adds layers for dynamic discovery, fault tolerance, and verifiable identities using blockchain-inspired techniques. Namda’s agents can be anywhere (cloud, edge devices, etc.), but a decentralized registry (somewhat like a DHT or blockchain) keeps track of them and their capabilities in a tamper-proof way. They even explore giving agents tokens to incentivize cooperation or resource sharing. In essence, Namda is an experiment in what a “Web3 version of MCP” might look like. It’s not a widely deployed project yet, but it’s one of the closest “similar protocols” in spirit. If we view Namda vs MCP: Namda uses MCP (so it’s not competing standards), but extends it with a protocol for networking and coordinating multiple agents in a trust-minimized manner. One could compare Namda to frameworks like Autonolas or Multi-Agent Systems (MAS) that the crypto community has seen, but those often lacked a powerful AI component or a common protocol. Namda + MCP together showcase how a decentralized agent network could function, with blockchain providing identity, reputation, and possibly token incentives, and MCP providing the agent communication and tool-use.

In summary, MCP stands apart from most prior Web3 projects: it did not start as a crypto project at all, yet it rapidly intersects with Web3 because it solves complementary problems. Projects like SingularityNET and Fetch.ai aimed to decentralize AI compute or services using blockchain; MCP instead standardizes AI integration with services, which can enhance decentralization by avoiding platform lock-in. Oracle networks like Chainlink solved data delivery to blockchain; MCP solves data delivery to AI (including blockchain data). If Web3’s core ideals are decentralization, interoperability, and user empowerment, MCP is attacking the interoperability piece in the AI realm. It’s even influencing those older projects – for instance, there is nothing stopping SingularityNET from making its AI services available via MCP servers, or Fetch agents from using MCP to talk to external systems. We might well see a convergence where token-driven AI networks use MCP as their lingua franca, marrying the incentive structure of Web3 with the flexibility of MCP.

Finally, if we consider market perception: MCP is often touted as doing for AI what Web3 hoped to do for the internet – break silos and empower users. This has led some to nickname MCP informally as “Web3 for AI” (even when no blockchain is involved). However, it’s important to recognize MCP is a protocol standard, whereas most Web3 projects are full-stack platforms with economic layers. In comparisons, MCP usually comes out as a more lightweight, universal solution, while blockchain projects are heavier, specialized solutions. Depending on use case, they can complement rather than strictly compete. As the ecosystem matures, we might see MCP integrated into many Web3 projects as a module (much like how HTTP or JSON are ubiquitous), rather than as a rival project.

8. Public Perception, Market Traction, and Media Coverage​

Public sentiment toward MCP has been overwhelmingly positive in both the AI and Web3 communities, often bordering on enthusiastic. Many see it as a game-changer that arrived quietly but then took the industry by storm. Let’s break down the perception, traction, and notable media narratives:

Market Traction and Adoption Metrics: By mid-2025, MCP achieved a level of adoption rare for a new protocol. It’s backed by virtually all major AI model providers (Anthropic, OpenAI, Google, Meta) and supported by big tech infrastructure (Microsoft, GitHub, AWS etc.), as detailed earlier. This alone signals to the market that MCP is likely here to stay (akin to how broad backing propelled TCP/IP or HTTP in early internet days). On the Web3 side, the traction is evident in developer behavior: hackathons started featuring MCP projects, and many blockchain dev tools now mention MCP integration as a selling point. The stat of “1000+ connectors in a few months” and Mike Krieger’s “thousands of integrations” quote are often cited to illustrate how rapidly MCP caught on. This suggests strong network effects – the more tools available via MCP, the more useful it is, prompting more adoption (a positive feedback loop). VCs and analysts have noted that MCP achieved in under a year what earlier “AI interoperability” attempts failed to do over several years, largely due to timing (riding the wave of interest in AI agents) and being open-source. In Web3 media, traction is sometimes measured in terms of developer mindshare and integration into projects, and MCP scores high on both now.

Public Perception in AI and Web3 Communities: Initially, MCP flew under the radar when first announced (late 2024). But by early 2025, as success stories emerged, perception shifted to excitement. AI practitioners saw MCP as the “missing puzzle piece” for making AI agents truly useful beyond toy examples. Web3 builders, on the other hand, saw it as a bridge to finally incorporate AI into dApps without throwing away decentralization – an AI can use on-chain data without needing a centralized oracle, for instance. Thought leaders have been singing praises: for example, Jesus Rodriguez (a prominent Web3 AI writer) wrote in CoinDesk that MCP may be “one of the most transformative protocols for the AI era and a great fit for Web3 architectures”. Rares Crisan in a Notable Capital blog argued that MCP could deliver on Web3’s promise where blockchain alone struggled, by making the internet more user-centric and natural to interact with. These narratives frame MCP as revolutionary yet practical – not just hype.

To be fair, not all commentary is uncritical. Some AI developers on forums like Reddit have pointed out that MCP “doesn’t do everything” – it’s a communication protocol, not an out-of-the-box agent or reasoning engine. For instance, one Reddit discussion titled “MCP is a Dead-End Trap” argued that MCP by itself doesn’t manage agent cognition or guarantee quality; it still requires good agent design and safety controls. This view suggests MCP could be overhyped as a silver bullet. However, these criticisms are more about tempering expectations than rejecting MCP’s usefulness. They emphasize that MCP solves tool connectivity but one must still build robust agent logic (i.e., MCP doesn’t magically create an intelligent agent, it equips one with tools). The consensus though is that MCP is a big step forward, even among cautious voices. Hugging Face’s community blog noted that while MCP isn’t a solve-it-all, it is a major enabler for integrated, context-aware AI, and developers are rallying around it for that reason.

Media Coverage: MCP has received significant coverage across both mainstream tech media and niche blockchain media:

  • TechCrunch has run multiple stories. They covered the initial concept (“Anthropic proposes a new way to connect data to AI chatbots”) around launch in 2024. In 2025, TechCrunch highlighted each big adoption moment: OpenAI’s support, Google’s embrace, Microsoft/GitHub’s involvement. These articles often emphasize the industry unity around MCP. For example, TechCrunch quoted Sam Altman’s endorsement and noted the rapid shift from rival standards to MCP. In doing so, they portrayed MCP as the emerging standard similar to how no one wanted to be left out of the internet protocols in the 90s. Such coverage in a prominent outlet signaled to the broader tech world that MCP is important and real, not just a fringe open-source project.
  • CoinDesk and other crypto publications latched onto the Web3 angle. CoinDesk’s opinion piece by Rodriguez (July 2025) is often cited; it painted a futuristic picture where every blockchain could be an MCP server and new MCP networks might run on blockchains. It connected MCP to concepts like decentralized identity, authentication, and verifiability – speaking the language of the blockchain audience and suggesting MCP could be the protocol that truly melds AI with decentralized frameworks. Cointelegraph, Bankless, and others have also discussed MCP in context of “AI agents & DeFi” and similar topics, usually optimistic about the possibilities (e.g., Bankless had a piece on using MCP to let an AI manage on-chain trades, and included a how-to for their own MCP server).
  • Notable VC Blogs / Analyst Reports: The Notable Capital blog post (July 2025) is an example of venture analysis drawing parallels between MCP and the evolution of web protocols. It essentially argues MCP could do for Web3 what HTTP did for Web1 – providing a new interface layer (natural language interface) that doesn’t replace underlying infrastructure but makes it usable. This kind of narrative is compelling and has been echoed in panels and podcasts. It positions MCP not as competing with blockchain, but as the next layer of abstraction that finally allows normal users (via AI) to harness blockchain and web services easily.
  • Developer Community Buzz: Outside formal articles, MCP’s rise can be gauged by its presence in developer discourse – conference talks, YouTube channels, newsletters. For instance, there have been popular blog posts like “MCP: The missing link for agentic AI?” on sites like Runtime.news, and newsletters (e.g., one by AI researcher Nathan Lambert) discussing practical experiments with MCP and how it compares to other tool-use frameworks. The general tone is curiosity and excitement: developers share demos of hooking up AI to their home automation or crypto wallet with just a few lines using MCP servers, something that felt sci-fi not long ago. This grassroots excitement is important because it shows MCP has mindshare beyond just corporate endorsements.
  • Enterprise Perspective: Media and analysts focusing on enterprise AI also note MCP as a key development. For example, The New Stack covered how Anthropic added support for remote MCP servers in Claude for enterprise use. The angle here is that enterprises can use MCP to connect their internal knowledge bases and systems to AI safely. This matters for Web3 too as many blockchain companies are enterprises themselves and can leverage MCP internally (for instance, a crypto exchange could use MCP to let an AI analyze internal transaction logs for fraud detection).

Notable Quotes and Reactions: A few are worth highlighting as encapsulating public perception:

  • “Much like HTTP revolutionized web communications, MCP provides a universal framework... replacing fragmented integrations with a single protocol.” – CoinDesk. This comparison to HTTP is powerful; it frames MCP as infrastructure-level innovation.
  • “MCP has [become a] thriving open standard with thousands of integrations and growing. LLMs are most useful when connecting to the data you already have...” – Mike Krieger (Anthropic). This is an official confirmation of both traction and the core value proposition, which has been widely shared on social media.
  • “The promise of Web3... can finally be realized... through natural language and AI agents. ...MCP is the closest thing we've seen to a real Web3 for the masses.” – Notable Capital. This bold statement resonates with those frustrated by the slow UX improvements in crypto; it suggests AI might crack the code of mainstream adoption by abstracting complexity.

Challenges and Skepticism: While enthusiasm is high, the media has also discussed challenges:

  • Security Concerns: Outlets like The New Stack or security blogs have raised that allowing AI to execute tools can be dangerous if not sandboxed. What if a malicious MCP server tried to get an AI to perform a harmful action? The LimeChain blog explicitly warns of “significant security risks” with community-developed MCP servers (e.g., a server that handles private keys must be extremely secure). These concerns have been echoed in discussions: essentially, MCP expands AI’s capabilities, but with power comes risk. The community’s response (guides, auth mechanisms) has been covered as well, generally reassuring that mitigations are being built. Still, any high-profile misuse of MCP (say an AI triggered an unintended crypto transfer) would affect perception, so media is watchful on this front.
  • Performance and Cost: Some analysts note that using AI agents with tools could be slower or more costly than directly calling an API (because the AI might need multiple back-and-forth steps to get what it needs). In high-frequency trading or on-chain execution contexts, that latency could be problematic. For now, these are seen as technical hurdles to optimize (through better agent design or streaming), rather than deal-breakers.
  • Hype management: As with any trending tech, there’s a bit of hype. A few voices caution not to declare MCP the solution to everything. For instance, the Hugging Face article asks “Is MCP a silver bullet?” and answers no – developers still need to handle context management, and MCP works best in combination with good prompting and memory strategies. Such balanced takes are healthy in the discourse.

Overall Media Sentiment: The narrative that emerges is largely hopeful and forward-looking:

  • MCP is seen as a practical tool delivering real improvements now (so not vaporware), which media underscore by citing working examples: Claude reading files, Copilot using MCP in VSCode, an AI completing a Solana transaction in a demo, etc..
  • It’s also portrayed as a strategic linchpin for the future of both AI and Web3. Media often conclude that MCP or things like it will be essential for “decentralized AI” or “Web4” or whatever term one uses for the next-gen web. There’s a sense that MCP opened a door, and now innovation is flowing through – whether it's Namda’s decentralized agents or enterprises connecting legacy systems to AI, many future storylines trace back to MCP’s introduction.

In the market, one could gauge traction by the formation of startups and funding around the MCP ecosystem. Indeed, there are rumors/reports of startups focusing on “MCP marketplaces” or managed MCP platforms getting funding (Notable Capital writing about it suggests VC interest). We can expect media to start covering those tangentially – e.g., “Startup X uses MCP to let your AI manage your crypto portfolio – raises $Y million”.

Conclusion of Perception: By late 2025, MCP enjoys a reputation as a breakthrough enabling technology. It has strong advocacy from influential figures in both AI and crypto. The public narrative has evolved from “here’s a neat tool” to “this could be foundational for the next web”. Meanwhile, practical coverage confirms it’s working and being adopted, lending credibility. Provided the community continues addressing challenges (security, governance at scale) and no major disasters occur, MCP’s public image is likely to remain positive or even become iconic as “the protocol that made AI and Web3 play nice together.”

Media will likely keep a close eye on:

  • Success stories (e.g., if a major DAO implements an AI treasurer via MCP, or a government uses MCP for open data AI systems).
  • Any security incidents (to evaluate risk).
  • The evolution of MCP networks and whether any token or blockchain component officially enters the picture (which would be big news bridging AI and crypto even more tightly).

As of now, however, the coverage can be summed up by a line from CoinDesk: “The combination of Web3 and MCP might just be a new foundation for decentralized AI.” – a sentiment that captures both the promise and the excitement surrounding MCP in the public eye.

References:

  • Anthropic News: "Introducing the Model Context Protocol," Nov 2024
  • LimeChain Blog: "What is MCP and How Does It Apply to Blockchains?" May 2025
  • Chainstack Blog: "MCP for Web3 Builders: Solana, EVM and Documentation," June 2025
  • CoinDesk Op-Ed: "The Protocol of Agents: Web3’s MCP Potential," Jul 2025
  • Notable Capital: "Why MCP Represents the Real Web3 Opportunity," Jul 2025
  • TechCrunch: "OpenAI adopts Anthropic’s standard…", Mar 26, 2025
  • TechCrunch: "Google to embrace Anthropic’s standard…", Apr 9, 2025
  • TechCrunch: "GitHub, Microsoft embrace… (MCP steering committee)", May 19, 2025
  • Microsoft Dev Blog: "Official C# SDK for MCP," Apr 2025
  • Hugging Face Blog: "#14: What Is MCP, and Why Is Everyone Talking About It?" Mar 2025
  • Messari Research: "Fetch.ai Profile," 2023
  • Medium (Nu FinTimes): "Unveiling SingularityNET," Mar 2024

Google’s Agent Payments Protocol (AP2)

¡ 34 min read
Dora Noda
Software Engineer

Google’s Agent Payments Protocol (AP2) is a newly announced open standard designed to enable secure, trustworthy transactions initiated by AI agents on behalf of users. Developed in collaboration with over 60 payments and technology organizations (including major payment networks, banks, fintechs, and Web3 companies), AP2 establishes a common language for “agentic” payments – i.e. purchases and financial transactions that an autonomous agent (such as an AI assistant or LLM-based agent) can carry out for a user. AP2’s creation is driven by a fundamental shift: traditionally, online payment systems assumed a human is directly clicking “buy,” but the rise of AI agents acting on user instructions breaks this assumption. AP2 addresses the resulting challenges of authorization, authenticity, and accountability in AI-driven commerce, while remaining compatible with existing payment infrastructure. This report examines AP2’s technical architecture, purpose and use cases, integrations with AI agents and payment providers, security and compliance considerations, comparisons to existing protocols, implications for Web3/decentralized systems, and the industry adoption/roadmap.

Technical Architecture: How AP2 Works​

At its core, AP2 introduces a cryptographically secure transaction framework built on verifiable digital credentials (VDCs) – essentially tamper-proof, signed data objects that serve as digital “contracts” of what the user has authorized. In AP2 terminology these contracts are called Mandates, and they form an auditable chain of evidence for each transaction. There are three primary types of mandates in the AP2 architecture:

  • Intent Mandate: Captures the user’s initial instructions or conditions for a purchase, especially for “human-not-present” scenarios (where the agent will act later without the user online). It defines the scope of authority the user gives the agent – for example, “Buy concert tickets if they drop below $200, up to 2 tickets”. This mandate is cryptographically signed upfront by the user and serves as verifiable proof of consent within specific limits.
  • Cart Mandate: Represents the final transaction details that the user has approved, used in “human-present” scenarios or at the moment of checkout. It includes the exact items or services, their price, and other particulars of the purchase. When the agent is ready to complete the transaction (e.g. after filling a shopping cart), the merchant first cryptographically signs the cart contents (guaranteeing the order details and price), and then the user (via their device or agent interface) signs off to create a Cart Mandate. This ensures what-you-see-is-what-you-pay, locking in the final order exactly as presented to the user.
  • Payment Mandate: A separate credential that is sent to the payment network (e.g. card network or bank) to signal that an AI agent is involved in the transaction. The Payment Mandate includes metadata such as whether the user was present or not during authorization and serves as a flag for risk management systems. By providing the acquiring and issuing banks with cryptographically verifiable evidence of user intent, this mandate helps them assess the context (for example, distinguishing an agent-initiated purchase from typical fraud) and manage compliance or liability accordingly.

All mandates are implemented as verifiable credentials signed by the relevant party’s keys (user, merchant, etc.), yielding a non-repudiable audit trail for every agent-led transaction. In practice, AP2 uses a role-based architecture to protect sensitive information – for instance, an agent might handle an Intent Mandate without ever seeing raw payment details, which are only revealed in a controlled way when needed, preserving privacy. The cryptographic chain of user intent → merchant commitment → payment authorization establishes trust among all parties that the transaction reflects the user’s true instructions and that both the agent and merchant adhered to those instructions.

Transaction Flow: To illustrate how AP2 works end-to-end, consider a simple purchase scenario with a human in the loop:

  1. User Request: The user asks their AI agent to purchase a particular item or service (e.g. “Order this pair of shoes in my size”).
  2. Cart Construction: The agent communicates with the merchant’s systems (using standard APIs or via an agent-to-agent interaction) to assemble a shopping cart for the specified item at a given price.
  3. Merchant Guarantee: Before presenting the cart to the user, the merchant’s side cryptographically signs the cart details (item, quantity, price, etc.). This step creates a merchant-signed offer that guarantees the exact terms (preventing any hidden changes or price manipulation).
  4. User Approval: The agent shows the user the finalized cart. The user confirms the purchase, and this approval triggers two cryptographic signatures from the user’s side: one on the Cart Mandate (to accept the merchant’s cart as-is) and one on the Payment Mandate (to authorize payment through the chosen payment provider). These signed mandates are then shared with the merchant and the payment network respectively.
  5. Execution: Armed with the Cart Mandate and Payment Mandate, the merchant and payment provider proceed to execute the transaction securely. For example, the merchant submits the payment request along with the proof of user approval to the payment network (card network, bank, etc.), which can verify the Payment Mandate. The result is a completed purchase transaction with a cryptographic audit trail linking the user’s intent to the final payment.

This flow demonstrates how AP2 builds trust into each step of an AI-driven purchase. The merchant has cryptographic proof of exactly what the user agreed to buy at what price, and the issuer/bank has proof that the user authorized that payment, even though an AI agent facilitated the process. In case of disputes or errors, the signed mandates act as clear evidence, helping determine accountability (e.g. if the agent deviated from instructions or if a charge was not what the user approved). In essence, AP2’s architecture ensures that verifiable user intent – rather than trust in the agent’s behavior – is the basis of the transaction, greatly reducing ambiguity.

Purpose and Use Cases for AP2​

Why AP2 is Needed: The primary purpose of AP2 is to solve emerging trust and security issues that arise when AI agents can spend money on behalf of users. Google and its partners identified several key questions that today’s payment infrastructure cannot adequately answer when an autonomous agent is in the loop:

  • Authorization: How to prove that a user actually gave the agent permission to make a specific purchase? (In other words, ensuring the agent isn’t buying things without the user’s informed consent.)
  • Authenticity: How can a merchant know that an agent’s purchase request is genuine and reflects the user’s true intent, rather than a mistake or AI hallucination?
  • Accountability: If a fraudulent or incorrect transaction occurs via an agent, who is responsible – the user, the merchant, the payment provider, or the creator of the AI agent?

Without a solution, these uncertainties create a “crisis of trust” around agent-led commerce. AP2’s mission is to provide that solution by establishing a uniform protocol for secure agent transactions. By introducing standardized mandates and proofs of intent, AP2 prevents a fragmented ecosystem of each company inventing its own ad-hoc agent payment methods. Instead, any compliant AI agent can interact with any compliant merchant/payment provider under a common set of rules and verifications. This consistency not only avoids user and merchant confusion, but also gives financial institutions a clear way to manage risk for agent-initiated payments, rather than dealing with a patchwork of proprietary approaches. In short, AP2’s purpose is to be a foundational trust layer that lets the “agent economy” grow without breaking the payments ecosystem.

Intended Use Cases: By solving the above issues, AP2 opens the door to new commerce experiences and use cases that go beyond what’s possible with a human manually clicking through purchases. Some examples of agent-enabled commerce that AP2 supports include:

  • Smarter Shopping: A customer can instruct their agent, “I want this winter jacket in green, and I’m willing to pay up to 20% above the current price for it”. Armed with an Intent Mandate encoding these conditions, the agent will continuously monitor retailer websites or databases. The moment the jacket becomes available in green (and within the price threshold), the agent automatically executes a purchase with a secure, signed transaction – capturing a sale that otherwise would have been missed. The entire interaction, from the user’s initial request to the automated checkout, is governed by AP2 mandates ensuring the agent only buys exactly what was authorized.
  • Personalized Offers: A user tells their agent they’re looking for a specific product (say, a new bicycle) from a particular merchant for an upcoming trip. The agent can share this interest (within the bounds of an Intent Mandate) with the merchant’s own AI agent, including relevant context like the trip date. The merchant agent, knowing the user’s intent and context, could respond with a custom bundle or discount – for example, “bicycle + helmet + travel rack at 15% off, available for the next 48 hours.” Using AP2, the user’s agent can accept and complete this tailored offer securely, turning a simple query into a more valuable sale for the merchant.
  • Coordinated Tasks: A user planning a complex task (e.g. a weekend trip) delegates it entirely: “Book me a flight and hotel for these dates with a total budget of $700.” The agent can interact with multiple service providers’ agents – airlines, hotels, travel platforms – to find a combination that fits the budget. Once a suitable flight-hotel package is identified, the agent uses AP2 to execute multiple bookings in one go, each cryptographically signed (for example, issuing separate Cart Mandates for the airline and the hotel, both authorized under the user’s Intent Mandate). AP2 ensures all parts of this coordinated transaction occur as approved, and even allows simultaneous execution so that tickets and reservations are booked together without risk of one part failing mid-way.

These scenarios illustrate just a few of AP2’s intended use cases. More broadly, AP2’s flexible design supports both conventional e-commerce flows and entirely new models of commerce. For instance, AP2 can facilitate subscription-like services (an agent keeps you stocked on essentials by purchasing when conditions are met), event-driven purchases (buying tickets or items the instant a trigger event occurs), group agent negotiations (multiple users’ agents pooling mandates to bargain for a group deal), and many other emerging patterns. In every case, the common thread is that AP2 provides the trust framework – clear user authorization and cryptographic auditability – that allows these agent-driven transactions to happen safely. By handling the trust and verification layer, AP2 lets developers and businesses focus on innovating new AI commerce experiences without re-inventing payment security from scratch.

Integration with Agents, LLMs, and Payment Providers​

AP2 is explicitly designed to integrate seamlessly with AI agent frameworks and with existing payment systems, acting as a bridge between the two. Google has positioned AP2 as an extension of its Agent2Agent (A2A) protocol and Model Context Protocol (MCP) standards. In other words, if A2A provides a generic language for agents to communicate tasks and MCP standardizes how AI models incorporate context/tools, then AP2 adds a transactions layer on top for commerce. The protocols are complementary: A2A handles agent-to-agent communication (allowing, say, a shopping agent to talk to a merchant’s agent), while AP2 handles agent-to-merchant payment authorization within those interactions. Because AP2 is open and non-proprietary, it’s meant to be framework-agnostic: developers can use it with Google’s own Agent Development Kit (ADK) or any AI agent library, and likewise it can work with various AI models including LLMs. An LLM-based agent, for example, could use AP2 by generating and exchanging the required mandate payloads (guided by the AP2 spec) instead of just free-form text. By enforcing a structured protocol, AP2 helps transform an AI agent’s high-level intent (which might come from an LLM’s reasoning) into concrete, secure transactions.

On the payments side, AP2 was built in concert with traditional payment providers and standards, rather than as a rip-and-replace system. The protocol is payment-method-agnostic, meaning it can support a variety of payment rails – from credit/debit card networks to bank transfers and digital wallets – as the underlying method for moving funds. In its initial version, AP2 emphasizes compatibility with card payments, since those are most common in online commerce. The AP2 Payment Mandate is designed to plug into the existing card processing flow: it provides additional data to the payment network (e.g. Visa, Mastercard, Amex) and issuing bank that an AI agent is involved and whether the user was present, thereby complementing existing fraud detection and authorization checks. Essentially, AP2 doesn’t process the payment itself; it augments the payment request with cryptographic proof of user intent. This allows payment providers to treat agent-initiated transactions with appropriate caution or speed (for example, an issuer might approve an unusual-looking purchase if it sees a valid AP2 mandate proving the user pre-approved it). Notably, Google and partners plan to evolve AP2 to support “push” payment methods as well – such as real-time bank transfers (like India’s UPI or Brazil’s PIX systems) – and other emerging digital payment types. This indicates AP2’s integration will expand beyond cards, aligning with modern payment trends worldwide.

For merchants and payment processors, integrating AP2 would mean supporting the additional protocol messages (mandates) and verifying signatures. Many large payment platforms are already involved in shaping AP2, so we can expect they will build support for it. For example, companies like Adyen, Worldpay, Paypal, Stripe (not explicitly named in the blog but likely interested), and others could incorporate AP2 into their checkout APIs or SDKs, allowing an agent to initiate a payment in a standardized way. Because AP2 is an open specification on GitHub with reference implementations, payment providers and tech platforms can start experimenting with it immediately. Google has also mentioned an AI Agent Marketplace where third-party agents can be listed – these agents are expected to support AP2 for any transactional capabilities. In practice, an enterprise that builds an AI sales assistant or procurement agent could list it on this marketplace, and thanks to AP2, that agent can carry out purchases or orders reliably.

Finally, AP2’s integration story benefits from its broad industry backing. By co-developing the protocol with major financial institutions and tech firms, Google ensured AP2 aligns with existing industry rules and compliance requirements. The collaboration with payment networks (e.g. Mastercard, UnionPay), issuers (e.g. American Express), fintechs (e.g. Revolut, Paypal), e-commerce players (e.g. Etsy), and even identity/security providers (e.g. Okta, Cloudflare) suggests AP2 is being designed to slot into real-world systems with minimal friction. These stakeholders bring expertise in areas like KYC (Know Your Customer regulations), fraud prevention, and data privacy, helping AP2 address those needs out of the box. In summary, AP2 is built to be agent-friendly and payment-provider-friendly: it extends existing AI agent protocols to handle transactions, and it layers on top of existing payment networks to utilize their infrastructure while adding necessary trust guarantees.

Security, Compliance, and Interoperability Considerations​

Security and trust are at the heart of AP2’s design. The protocol’s use of cryptography (digital signatures on mandates) ensures that every critical action in an agentic transaction is verifiable and traceable. This non-repudiation is crucial: neither the user nor merchant can later deny what was authorized and agreed upon, since the mandates serve as secure records. A direct benefit is in fraud prevention and dispute resolution – with AP2, if a malicious or buggy agent attempts an unauthorized purchase, the lack of a valid user-signed mandate would be evident, and the transaction can be declined or reversed. Conversely, if a user claims “I never approved this purchase,” but a Cart Mandate exists with their cryptographic signature, the merchant and issuer have strong evidence to support the charge. This clarity of accountability answers a major compliance concern for the payments industry.

Authorization & Privacy: AP2 enforces an explicit authorization step (or steps) from the user for agent-led transactions, which aligns with regulatory trends like strong customer authentication. The User Control principle baked into AP2 means an agent cannot spend funds unless the user (or someone delegated by the user) has provided a verifiable instruction to do so. Even in fully autonomous scenarios, the user predefines the rules via an Intent Mandate. This approach can be seen as analogous to giving a power-of-attorney to the agent for specific transactions, but in a digitally signed, fine-grained manner. From a privacy perspective, AP2 is mindful about data sharing: the protocol uses a role-based data architecture to ensure that sensitive info (like payment credentials or personal details) is only shared with parties that absolutely need it. For example, an agent might send a Cart Mandate to a merchant containing item and price info, but the user’s actual card number might only be shared through the Payment Mandate with the payment processor, not with the agent or merchant. This minimizes unnecessary exposure of data, aiding compliance with privacy laws and PCI-DSS rules for handling payment data.

Compliance & Standards: Because AP2 was developed with input from established financial entities, it has been designed to meet or complement existing compliance standards in payments. The protocol doesn’t bypass the usual payment authorization flows – instead, it augments them with additional evidence and flags. This means AP2 transactions can still leverage fraud detection systems, 3-D Secure checks, or any regulatory checks required, with AP2’s mandates acting as extra authentication factors or context cues. For instance, a bank could treat a Payment Mandate akin to a customer’s digital signature on a transaction, potentially streamlining compliance with requirements for user consent. Additionally, AP2’s designers explicitly mention working “in concert with industry rules and standards”. We can infer that as AP2 evolves, it may be brought to formal standards bodies (such as the W3C, EMVCo, or ISO) to ensure it aligns with global financial standards. Google has stated commitment to an open, collaborative evolution of AP2 possibly through standards organizations. This open process will help iron out any regulatory concerns and achieve broad acceptance, similar to how previous payment standards (EMV chip cards, 3-D Secure, etc.) underwent industry-wide collaboration.

Interoperability: Avoiding fragmentation is a key goal of AP2. To that end, the protocol is openly published and made available for anyone to implement or integrate. It is not tied to Google Cloud services – in fact, AP2 is open-source (Apache-2 licensed) and the specification plus reference code is on a public GitHub repository. This encourages interoperability because multiple vendors can adopt AP2 and still have their systems work together. Already, the interoperability principle is highlighted: AP2 is an extension of existing open protocols (A2A, MCP) and is non-proprietary, meaning it fosters a competitive ecosystem of implementations rather than a single-vendor solution. In practical terms, an AI agent built by Company A could initiate a transaction with a merchant system from Company B if both follow AP2 – neither side is locked into one platform.

One possible concern is ensuring consistent adoption: if some major players chose a different protocol or closed approach, fragmentation could still occur. However, given the broad coalition behind AP2, it appears poised to become a de facto standard. The inclusion of many identity and security-focused firms (for example, Okta, Cloudflare, Ping Identity) in the AP2 ecosystem Figure: Over 60 companies across finance, tech, and crypto are collaborating on AP2 (partial list of partners). suggests that interoperability and security are being jointly addressed. These partners can help integrate AP2 into identity verification workflows and fraud prevention tools, ensuring that an AP2 transaction can be trusted across systems.

From a technology standpoint, AP2’s use of widely accepted cryptographic techniques (likely JSON-LD or JWT-based verifiable credentials, public key signatures, etc.) makes it compatible with existing security infrastructure. Organizations can use their existing PKI (Public Key Infrastructure) to manage keys for signing mandates. AP2 also seems to anticipate integration with decentralized identity systems: Google mentions that AP2 creates opportunities to innovate in areas like decentralized identity for agent authorization. This means in the future, AP2 could leverage DID (Decentralized Identifier) standards or decentralized identifier verification for identifying agents and users in a trusted way. Such an approach would further enhance interoperability by not relying on any single identity provider. In summary, AP2 emphasizes security through cryptography and clear accountability, aims to be compliance-ready by design, and promotes interoperability through its open standard nature and broad industry support.

Comparison with Existing Protocols​

AP2 is a novel protocol addressing a gap that existing payment and agent frameworks have not covered: enabling autonomous agents to perform payments in a secure, standardized manner. In terms of agent communication protocols, AP2 builds on prior work like the Agent2Agent (A2A) protocol. A2A (open-sourced earlier in 2025) allows different AI agents to talk to each other regardless of their underlying frameworks. However, A2A by itself doesn’t define how agents should conduct transactions or payments – it’s more about task negotiation and data exchange. AP2 extends this landscape by adding a transaction layer that any agent can use when a conversation leads to a purchase. In essence, AP2 can be seen as complementary to A2A and MCP, rather than overlapping: A2A covers the communication and collaboration aspects, MCP covers using external tools/APIs, and AP2 covers payments and commerce. Together, they form a stack of standards for a future “agent economy.” This modular approach is somewhat analogous to internet protocols: for example, HTTP for data communication and SSL/TLS for security – here A2A might be like the HTTP of agents, and AP2 the secure transactional layer on top for commerce.

When comparing AP2 to traditional payment protocols and standards, there are both parallels and differences. Traditional online payments (credit card checkouts, PayPal transactions, etc.) typically involve protocols like HTTPS for secure transmission, and standards like PCI DSS for handling card data, plus possibly 3-D Secure for additional user authentication. These assume a user-driven flow (user clicks and perhaps enters a one-time code). AP2, by contrast, introduces a way for a third-party (the agent) to participate in the flow without undermining security. One could compare AP2’s mandate concept to an extension of OAuth-style delegated authority, but applied to payments. In OAuth, a user can grant an application limited access to an account via tokens; similarly in AP2, a user grants an agent authority to spend under certain conditions via mandates. The key difference is that AP2’s “tokens” (mandates) are specific, signed instructions for financial transactions, which is more fine-grained than existing payment authorizations.

Another point of comparison is how AP2 relates to existing e-commerce checkout flows. For instance, many e-commerce sites use protocols like the W3C Payment Request API or platform-specific SDKs to streamline payments. Those mainly standardize how browsers or apps collect payment info from a user, whereas AP2 standardizes how an agent would prove user intent to a merchant and payment processor. AP2’s focus on verifiable intent and non-repudiation sets it apart from simpler payment APIs. It’s adding an additional layer of trust on top of the payment networks. One could say AP2 is not replacing the payment networks (Visa, ACH, blockchain, etc.), but rather augmenting them. The protocol explicitly supports all types of payment methods (even crypto), so it is more about standardizing the agent’s interaction with these systems, not creating a new payment rail from scratch.

In the realm of security and authentication protocols, AP2 shares some spirit with things like digital signatures in EMV chip cards or the notarization in digital contracts. For example, EMV chip card transactions generate cryptograms to prove the card was present; AP2 generates cryptographic proof that the user’s agent was authorized. Both aim to prevent fraud, but AP2’s scope is the agent-user relationship and agent-merchant messaging, which no existing payment standard addresses. Another emerging comparison is with account abstraction in crypto (e.g. ERC-4337) where users can authorize pre-programmed wallet actions. Crypto wallets can be set to allow certain automated transactions (like auto-paying a subscription via a smart contract), but those are typically confined to one blockchain environment. AP2, on the other hand, aims to be cross-platform – it can leverage blockchain for some payments (through its extensions) but also works with traditional banks.

There isn’t a direct “competitor” protocol to AP2 in the mainstream payments industry yet – it appears to be the first concerted effort at an open standard for AI-agent payments. Proprietary attempts may arise (or may already be in progress within individual companies), but AP2’s broad support gives it an edge in becoming the standard. It’s worth noting that IBM and others have an Agent Communication Protocol (ACP) and similar initiatives for agent interoperability, but those don’t encompass the payment aspect in the comprehensive way AP2 does. If anything, AP2 might integrate with or leverage those efforts (for example, IBM’s agent frameworks could implement AP2 for any commerce tasks).

In summary, AP2 distinguishes itself by targeting the unique intersection of AI and payments: where older payment protocols assumed a human user, AP2 assumes an AI intermediary and fills the trust gap that results. It extends, rather than conflicts with, existing payment processes, and complements existing agent protocols like A2A. Going forward, one might see AP2 being used alongside established standards – for instance, an AP2 Cart Mandate might work in tandem with a traditional payment gateway API call, or an AP2 Payment Mandate might be attached to a ISO 8583 message in banking. The open nature of AP2 also means if any alternative approaches emerge, AP2 could potentially absorb or align with them through community collaboration. At this stage, AP2 is setting a baseline that did not exist before, effectively pioneering a new layer of protocol in the AI and payments stack.

Implications for Web3 and Decentralized Systems​

From the outset, AP2 has been designed to be inclusive of Web3 and cryptocurrency-based payments. The protocol recognizes that future commerce will span both traditional fiat channels and decentralized blockchain networks. As noted earlier, AP2 supports payment types ranging from credit cards and bank transfers to stablecoins and cryptocurrencies. In fact, alongside AP2’s launch, Google announced a specific extension for crypto payments called A2A x402. This extension, developed in collaboration with crypto-industry players like Coinbase, the Ethereum Foundation, and MetaMask, is a “production-ready solution for agent-based crypto payments”. The name “x402” is an homage to the HTTP 402 “Payment Required” status code, which was never widely used on the Web – AP2’s crypto extension effectively revives the spirit of HTTP 402 for decentralized agents that want to charge or pay each other on-chain. In practical terms, the x402 extension adapts AP2’s mandate concept to blockchain transactions. For example, an agent could hold a signed Intent Mandate from a user and then execute an on-chain payment (say, send a stablecoin) once conditions are met, attaching proof of the mandate to that on-chain transaction. This marries the AP2 off-chain trust framework with the trustless nature of blockchain, giving the best of both worlds: an on-chain payment that off-chain parties (users, merchants) can trust was authorized by the user.

The synergy between AP2 and Web3 is evident in the list of collaborators. Crypto exchanges (Coinbase), blockchain foundations (Ethereum Foundation), crypto wallets (MetaMask), and Web3 startups (e.g. Mysten Labs of Sui, Lightspark for Lightning Network) are involved in AP2’s development. Their participation suggests AP2 is viewed as complementary to decentralized finance rather than competitive. By creating a standard way for AI agents to interact with crypto payments, AP2 could drive more usage of crypto in AI-driven applications. For instance, an AI agent might use AP2 to seamlessly swap between paying with a credit card or paying with a stablecoin, depending on user preference or merchant acceptance. The A2A x402 extension specifically allows agents to monetize or pay for services through on-chain means, which could be crucial in decentralized marketplaces of the future. It hints at agents possibly running as autonomous economic actors on blockchain (a concept some refer to as DACs or DAOs) being able to handle payments required for services (like paying a small fee to another agent for information). AP2 could provide the lingua franca for such transactions, ensuring even on a decentralized network, the agent has a provable mandate for what it’s doing.

In terms of competition, one could ask: do purely decentralized solutions make AP2 unnecessary, or vice-versa? It’s likely that AP2 will coexist with Web3 solutions in a layered approach. Decentralized finance offers trustless execution (smart contracts, etc.), but it doesn’t inherently solve the problem of “Did an AI have permission from a human to do this?”. AP2 addresses that very human-to-AI trust link, which remains important even if the payment itself is on-chain. Rather than competing with blockchain protocols, AP2 can be seen as bridging them with the off-chain world. For example, a smart contract might accept a certain transaction only if it includes a reference to a valid AP2 mandate signature – something that could be implemented to combine off-chain intent proof with on-chain enforcement. Conversely, if there are crypto-native agent frameworks (some blockchain projects explore autonomous agents that operate with crypto funds), they might develop their own methods for authorization. AP2’s broad industry support, however, might steer even those projects to adopt or integrate with AP2 for consistency.

Another angle is decentralized identity and credentials. AP2’s use of verifiable credentials is very much in line with Web3’s approach to identity (e.g. DIDs and VCs as standardized by W3C). This means AP2 could plug into decentralized identity systems – for instance, a user’s DID could be used to sign an AP2 mandate, which a merchant could verify against a blockchain or identity hub. The mention of exploring decentralized identity for agent authorization reinforces that AP2 may leverage Web3 identity innovations for verifying agent and user identities in a decentralized way, rather than relying only on centralized authorities. This is a point of synergy, as both AP2 and Web3 aim to give users more control and cryptographic proof of their actions.

Potential conflicts might arise only if one envisions a fully decentralized commerce ecosystem with no role for large intermediaries – in that scenario, could AP2 (initially pushed by Google and partners) be too centralized or governed by traditional players? It’s important to note AP2 is open source and intended to be standardizable, so it’s not proprietary to Google. This makes it more palatable to the Web3 community, which values open protocols. If AP2 becomes widely adopted, it might reduce the need for separate Web3-specific payment protocols for agents, thereby unifying efforts. On the other hand, some blockchain projects might prefer purely on-chain authorization mechanisms (like multi-signature wallets or on-chain escrow logic) for agent transactions, especially in trustless environments without any centralized authorities. Those could be seen as alternative approaches, but they likely would remain niche unless they can interact with off-chain systems. AP2, by covering both worlds, might actually accelerate Web3 adoption by making crypto just another payment method an AI agent can use seamlessly. Indeed, one partner noted that “stablecoins provide an obvious solution to scaling challenges [for] agentic systems with legacy infrastructure”, highlighting that crypto can complement AP2 in handling scale or cross-border scenarios. Meanwhile, Coinbase’s engineering lead remarked that bringing the x402 crypto extension into AP2 “made sense – it’s a natural playground for agents... exciting to see agents paying each other resonate with the AI community”. This implies a vision where AI agents transacting via crypto networks is not just a theoretical idea but an expected outcome, with AP2 acting as a catalyst.

In summary, AP2 is highly relevant to Web3: it incorporates crypto payments as a first-class citizen and is aligning with decentralized identity and credential standards. Rather than competing head-on with decentralized payment protocols, AP2 likely interoperates with them – providing the authorization layer while the decentralized systems handle the value transfer. As the line between traditional finance and crypto blurs (with stablecoins, CBDCs, etc.), a unified protocol like AP2 could serve as a universal adapter between AI agents and any form of money, centralized or decentralized.

Industry Adoption, Partnerships, and Roadmap​

One of AP2’s greatest strengths is the extensive industry backing behind it, even at this early stage. Google Cloud announced that it is “collaborating with a diverse group of more than 60 organizations” on AP2. These include major credit card networks (e.g. Mastercard, American Express, JCB, UnionPay), leading fintech and payment processors (PayPal, Worldpay, Adyen, Checkout.com, Stripe’s competitors), e-commerce and online marketplaces (Etsy, Shopify (via partners like Stripe or others), Lazada, Zalora), enterprise tech companies (Salesforce, ServiceNow, Oracle possibly via partners, Dell, Red Hat), identity and security firms (Okta, Ping Identity, Cloudflare), consulting firms (Deloitte, Accenture), and crypto/Web3 organizations (Coinbase, Ethereum Foundation, MetaMask, Mysten Labs, Lightspark), among others. Such a wide array of participants is a strong indicator of industry interest and likely adoption. Many of these partners have publicly voiced support. For example, Adyen’s Co-CEO highlighted the need for a “common rulebook” for agentic commerce and sees AP2 as a natural extension of their mission to support merchants with new payment building blocks. American Express’s EVP stated that AP2 is important for “the next generation of digital payments” where trust and accountability are paramount. Coinbase’s team, as noted, is excited about integrating crypto payments into AP2. This chorus of support shows that many in the industry view AP2 as the likely standard for AI-driven payments, and they are keen to shape it to ensure it meets their requirements.

From an adoption standpoint, AP2 is currently at the specification and early implementation stage (announced in September 2025). The complete technical spec, documentation, and some reference implementations (in languages like Python) are available on the project’s GitHub for developers to experiment with. Google has also indicated that AP2 will be incorporated into its products and services for agents. A notable example is the AI Agent Marketplace mentioned earlier: this is a platform where third-party AI agents can be offered to users (likely part of Google’s generative AI ecosystem). Google says many partners building agents will make them available in the marketplace with “new, transactable experiences enabled by AP2”. This implies that as the marketplace launches or grows, AP2 will be the backbone for any agent that needs to perform a transaction, whether it’s buying software from the Google Cloud Marketplace autonomously or an agent purchasing goods/services for a user. Enterprise use cases like autonomous procurement (one agent buying from another on behalf of a company) and automatic license scaling have been specifically mentioned as areas AP2 could facilitate soon.

In terms of a roadmap, the AP2 documentation and Google’s announcement give some clear indications:

  • Near-term: Continue open development of the protocol with community input. The GitHub repo will be updated with additional reference implementations and improvements as real-world testing happens. We can expect libraries/SDKs to emerge, making it easier to integrate AP2 into agent applications. Also, initial pilot programs or proofs-of-concept might be conducted by the partner companies. Given that many large payment companies are involved, they might trial AP2 in controlled environments (e.g., an AP2-enabled checkout option in a small user beta).
  • Standards and Governance: Google has expressed a commitment to move AP2 into an open governance model, possibly via standards bodies. This could mean submitting AP2 to organizations like the Linux Foundation (as was done with the A2A protocol) or forming a consortium to maintain it. The Linux Foundation, W3C, or even bodies like ISO/TC68 (financial services) might be in the cards for formalizing AP2. An open governance would reassure the industry that AP2 is not under single-company control and will remain neutral and inclusive.
  • Feature Expansion: Technically, the roadmap includes expanding support to more payment types and use cases. As noted in the spec, after cards, the focus will shift to “push” payments like bank wires and local real-time payment schemes, and digital currencies. This means AP2 will outline how an Intent/Cart/Payment Mandate works for, say, a direct bank transfer or a crypto wallet transfer, where the flow is a bit different than card pulls. The A2A x402 extension is one such expansion for crypto; similarly, we might see an extension for open banking APIs or one for B2B invoicing scenarios.
  • Security & Compliance Enhancements: As real transactions start flowing through AP2, there will be scrutiny from regulators and security researchers. The open process will likely iterate on making mandates even more robust (e.g., ensuring mandate formats are standardized, possibly using W3C Verifiable Credentials format, etc.). Integration with identity solutions (perhaps leveraging biometrics for user signing of mandates, or linking mandates to digital identity wallets) could be part of the roadmap to enhance trust.
  • Ecosystem Tools: An emerging ecosystem is likely. Already, startups are noticing gaps – for instance, the Vellum.ai analysis mentions a startup called Autumn building “billing infrastructure for AI,” essentially tooling on top of Stripe to handle complex pricing for AI services. As AP2 gains traction, we can expect more tools like agent-focused payment gateways, mandate management dashboards, agent identity verification services, etc., to appear. Google’s involvement means AP2 could also be integrated into its Cloud products – imagine AP2 support in Dialogflow or Vertex AI Agents tooling, making it one-click to enable an agent to handle transactions (with all the necessary keys and certificates managed in Google Cloud).

Overall, the trajectory of AP2 is reminiscent of other major industry standards: an initial launch with a strong sponsor (Google), broad industry coalition, open-source reference code, followed by iterative improvement and gradual adoption in real products. The fact that AP2 is inviting all players “to build this future with us” underscores that the roadmap is about collaboration. If the momentum continues, AP2 could become as commonplace in a few years as protocols like OAuth or OpenID Connect are today in their domains – an unseen but critical layer enabling functionality across services.

Conclusion​

AP2 (Agents/Agent Payments Protocol) represents a significant step toward a future where AI agents can transact as reliably and securely as humans. Technically, it introduces a clever mechanism of verifiable mandates and credentials that instill trust in agent-led transactions, ensuring user intent is explicit and enforceable. Its open, extensible architecture allows it to integrate both with the burgeoning AI agent frameworks and the established financial infrastructure. By addressing core concerns of authorization, authenticity, and accountability, AP2 lays the groundwork for AI-driven commerce to flourish without sacrificing security or user control.

The introduction of AP2 can be seen as laying a new foundation – much like early internet protocols enabled the web – for what some call the “agent economy.” It paves the way for countless innovations: personal shopper agents, automatic deal-finding bots, autonomous supply chain agents, and more, all operating under a common trust framework. Importantly, AP2’s inclusive design (embracing everything from credit cards to crypto) positions it at the intersection of traditional finance and Web3, potentially bridging these worlds through a common agent-mediated protocol.

Industry response so far has been very positive, with a broad coalition signaling that AP2 is likely to become a widely adopted standard. The success of AP2 will depend on continued collaboration and real-world testing, but its prospects are strong given the clear need it addresses. In a broader sense, AP2 exemplifies how technology evolves: a new capability (AI agents) emerged that broke old assumptions, and the solution was to develop a new open standard to accommodate that capability. By investing in an open, security-first protocol now, Google and its partners are effectively building the trust architecture required for the next era of commerce. As the saying goes, “the best way to predict the future is to build it” – AP2 is a bet on a future where AI agents seamlessly handle transactions for us, and it is actively constructing the trust and rules needed to make that future viable.

Sources:

  • Google Cloud Blog – “Powering AI commerce with the new Agent Payments Protocol (AP2)” (Sept 16, 2025)
  • AP2 GitHub Documentation – “Agent Payments Protocol Specification and Overview”
  • Vellum AI Blog – “Google’s AP2: A new protocol for AI agent payments” (Analysis)
  • Medium Article – “Google Agent Payments Protocol (AP2)” (Summary by Tahir, Sept 2025)
  • Partner Quotes on AP2 (Google Cloud Blog)
  • A2A x402 Extension (AP2 crypto payments extension) – GitHub README

Building Decentralized Encryption with @mysten/seal: A Developer's Tutorial

¡ 13 min read
Dora Noda
Software Engineer

Privacy is becoming public infrastructure. In 2025, developers need tools that make encryption as easy as storing data. Mysten Labs' Seal provides exactly that—decentralized secrets management with onchain access control. This tutorial will teach you how to build secure Web3 applications using identity-based encryption, threshold security, and programmable access policies.


Introduction: Why Seal Matters for Web3​

Traditional cloud applications rely on centralized key management systems where a single provider controls access to encrypted data. While convenient, this creates dangerous single points of failure. If the provider is compromised, goes offline, or decides to restrict access, your data becomes inaccessible or vulnerable.

Seal changes this paradigm entirely. Built by Mysten Labs for the Sui blockchain, Seal is a decentralized secrets management (DSM) service that enables:

  • Identity-based encryption where content is protected before it leaves your environment
  • Threshold encryption that distributes key access across multiple independent nodes
  • Onchain access control with time locks, token-gating, and custom authorization logic
  • Storage agnostic design that works with Walrus, IPFS, or any storage solution

Whether you're building secure messaging apps, gated content platforms, or time-locked asset transfers, Seal provides the cryptographic primitives and access control infrastructure you need.


Getting Started​

Prerequisites​

Before diving in, ensure you have:

  • Node.js 18+ installed
  • Basic familiarity with TypeScript/JavaScript
  • A Sui wallet for testing (like Sui Wallet)
  • Understanding of blockchain concepts

Installation​

Install the Seal SDK via npm:

npm install @mysten/seal

You'll also want the Sui SDK for blockchain interactions:

npm install @mysten/sui

Project Setup​

Create a new project and initialize it:

mkdir seal-tutorial
cd seal-tutorial
npm init -y
npm install @mysten/seal @mysten/sui typescript @types/node

Create a simple TypeScript configuration:

// tsconfig.json
{
"compilerOptions": {
"target": "ES2020",
"module": "commonjs",
"strict": true,
"esModuleInterop": true,
"skipLibCheck": true,
"forceConsistentCasingInFileNames": true
}
}

Core Concepts: How Seal Works​

Before writing code, let's understand Seal's architecture:

1. Identity-Based Encryption (IBE)​

Unlike traditional encryption where you encrypt to a public key, IBE lets you encrypt to an identity (like an email address or Sui address). The recipient can only decrypt if they can prove they control that identity.

2. Threshold Encryption​

Instead of trusting a single key server, Seal uses t-of-n threshold schemes. You might configure 3-of-5 key servers, meaning any 3 servers can cooperate to provide decryption keys, but 2 or fewer cannot.

3. Onchain Access Control​

Access policies are enforced by Sui smart contracts. Before a key server provides decryption keys, it verifies that the requestor meets the onchain policy requirements (token ownership, time constraints, etc.).

4. Key Server Network​

Distributed key servers validate access policies and generate decryption keys. These servers are operated by different parties to ensure no single point of control.


Basic Implementation: Your First Seal Application​

Let's build a simple application that encrypts sensitive data and controls access through Sui blockchain policies.

Step 1: Initialize the Seal Client​

// src/seal-client.ts
import { SealClient } from '@mysten/seal';
import { SuiClient } from '@mysten/sui/client';

export async function createSealClient() {
// Initialize Sui client for testnet
const suiClient = new SuiClient({
url: 'https://fullnode.testnet.sui.io'
});

// Configure Seal client with testnet key servers
const sealClient = new SealClient({
suiClient,
keyServers: [
'https://keyserver1.seal-testnet.com',
'https://keyserver2.seal-testnet.com',
'https://keyserver3.seal-testnet.com'
],
threshold: 2, // 2-of-3 threshold
network: 'testnet'
});

return { sealClient, suiClient };
}

Step 2: Simple Encryption/Decryption​

// src/basic-encryption.ts
import { createSealClient } from './seal-client';

async function basicExample() {
const { sealClient } = await createSealClient();

// Data to encrypt
const sensitiveData = "This is my secret message!";
const recipientAddress = "0x742d35cc6d4c0c08c0f9bf3c9b2b6c64b3b4f5c6d7e8f9a0b1c2d3e4f5a6b7c8";

try {
// Encrypt data for a specific Sui address
const encryptedData = await sealClient.encrypt({
data: Buffer.from(sensitiveData, 'utf-8'),
recipientId: recipientAddress,
// Optional: add metadata
metadata: {
contentType: 'text/plain',
timestamp: Date.now()
}
});

console.log('Encrypted data:', {
ciphertext: encryptedData.ciphertext.toString('base64'),
encryptionId: encryptedData.encryptionId
});

// Later, decrypt the data (requires proper authorization)
const decryptedData = await sealClient.decrypt({
ciphertext: encryptedData.ciphertext,
encryptionId: encryptedData.encryptionId,
recipientId: recipientAddress
});

console.log('Decrypted data:', decryptedData.toString('utf-8'));

} catch (error) {
console.error('Encryption/decryption failed:', error);
}
}

basicExample();

Access Control with Sui Smart Contracts​

The real power of Seal comes from programmable access control. Let's create a time-locked encryption example where data can only be decrypted after a specific time.

Step 1: Deploy Access Control Contract​

First, we need a Move smart contract that defines our access policy:

// contracts/time_lock.move
module time_lock::policy {
use sui::clock::{Self, Clock};
use sui::object::{Self, UID};
use sui::tx_context::{Self, TxContext};

public struct TimeLockPolicy has key, store {
id: UID,
unlock_time: u64,
authorized_user: address,
}

public fun create_time_lock(
unlock_time: u64,
authorized_user: address,
ctx: &mut TxContext
): TimeLockPolicy {
TimeLockPolicy {
id: object::new(ctx),
unlock_time,
authorized_user,
}
}

public fun can_decrypt(
policy: &TimeLockPolicy,
user: address,
clock: &Clock
): bool {
let current_time = clock::timestamp_ms(clock);
policy.authorized_user == user && current_time >= policy.unlock_time
}
}

Step 2: Integrate with Seal​

// src/time-locked-encryption.ts
import { createSealClient } from './seal-client';
import { TransactionBlock } from '@mysten/sui/transactions';

async function createTimeLocked() {
const { sealClient, suiClient } = await createSealClient();

// Create access policy on Sui
const txb = new TransactionBlock();

const unlockTime = Date.now() + 60000; // Unlock in 1 minute
const authorizedUser = "0x742d35cc6d4c0c08c0f9bf3c9b2b6c64b3b4f5c6d7e8f9a0b1c2d3e4f5a6b7c8";

txb.moveCall({
target: 'time_lock::policy::create_time_lock',
arguments: [
txb.pure(unlockTime),
txb.pure(authorizedUser)
]
});

// Execute transaction to create policy
const result = await suiClient.signAndExecuteTransactionBlock({
transactionBlock: txb,
signer: yourKeypair, // Your Sui keypair
});

const policyId = result.objectChanges?.find(
change => change.type === 'created'
)?.objectId;

// Now encrypt with this policy
const sensitiveData = "This will unlock in 1 minute!";

const encryptedData = await sealClient.encrypt({
data: Buffer.from(sensitiveData, 'utf-8'),
recipientId: authorizedUser,
accessPolicy: {
policyId,
policyType: 'time_lock'
}
});

console.log('Time-locked data created. Try decrypting after 1 minute.');

return {
encryptedData,
policyId,
unlockTime
};
}

Practical Examples​

Example 1: Secure Messaging Application​

// src/secure-messaging.ts
import { createSealClient } from './seal-client';

class SecureMessenger {
private sealClient: any;

constructor(sealClient: any) {
this.sealClient = sealClient;
}

async sendMessage(
message: string,
recipientAddress: string,
senderKeypair: any
) {
const messageData = {
content: message,
timestamp: Date.now(),
sender: senderKeypair.toSuiAddress(),
messageId: crypto.randomUUID()
};

const encryptedMessage = await this.sealClient.encrypt({
data: Buffer.from(JSON.stringify(messageData), 'utf-8'),
recipientId: recipientAddress,
metadata: {
type: 'secure_message',
sender: senderKeypair.toSuiAddress()
}
});

// Store encrypted message on decentralized storage (Walrus)
return this.storeOnWalrus(encryptedMessage);
}

async readMessage(encryptionId: string, recipientKeypair: any) {
// Retrieve from storage
const encryptedData = await this.retrieveFromWalrus(encryptionId);

// Decrypt with Seal
const decryptedData = await this.sealClient.decrypt({
ciphertext: encryptedData.ciphertext,
encryptionId: encryptedData.encryptionId,
recipientId: recipientKeypair.toSuiAddress()
});

return JSON.parse(decryptedData.toString('utf-8'));
}

private async storeOnWalrus(data: any) {
// Integration with Walrus storage
// This would upload the encrypted data to Walrus
// and return the blob ID for retrieval
}

private async retrieveFromWalrus(blobId: string) {
// Retrieve encrypted data from Walrus using blob ID
}
}

Example 2: Token-Gated Content Platform​

// src/gated-content.ts
import { createSealClient } from './seal-client';

class ContentGating {
private sealClient: any;
private suiClient: any;

constructor(sealClient: any, suiClient: any) {
this.sealClient = sealClient;
this.suiClient = suiClient;
}

async createGatedContent(
content: string,
requiredNftCollection: string,
creatorKeypair: any
) {
// Create NFT ownership policy
const accessPolicy = await this.createNftPolicy(
requiredNftCollection,
creatorKeypair
);

// Encrypt content with NFT access requirement
const encryptedContent = await this.sealClient.encrypt({
data: Buffer.from(content, 'utf-8'),
recipientId: 'nft_holders', // Special recipient for NFT holders
accessPolicy: {
policyId: accessPolicy.policyId,
policyType: 'nft_ownership'
}
});

return {
contentId: encryptedContent.encryptionId,
accessPolicy: accessPolicy.policyId
};
}

async accessGatedContent(
contentId: string,
userAddress: string,
userKeypair: any
) {
// Verify NFT ownership first
const hasAccess = await this.verifyNftOwnership(
userAddress,
contentId
);

if (!hasAccess) {
throw new Error('Access denied: Required NFT not found');
}

// Decrypt content
const decryptedContent = await this.sealClient.decrypt({
encryptionId: contentId,
recipientId: userAddress
});

return decryptedContent.toString('utf-8');
}

private async createNftPolicy(collection: string, creator: any) {
// Create Move contract that checks NFT ownership
// Returns policy object ID
}

private async verifyNftOwnership(user: string, contentId: string) {
// Check if user owns required NFT
// Query Sui for NFT ownership
}
}

Example 3: Time-Locked Asset Transfer​

// src/time-locked-transfer.ts
import { createSealClient } from './seal-client';

async function createTimeLockTransfer(
assetData: any,
recipientAddress: string,
unlockTimestamp: number,
senderKeypair: any
) {
const { sealClient, suiClient } = await createSealClient();

// Create time-lock policy on Sui
const timeLockPolicy = await createTimeLockPolicy(
unlockTimestamp,
recipientAddress,
senderKeypair,
suiClient
);

// Encrypt asset transfer data
const transferData = {
asset: assetData,
recipient: recipientAddress,
unlockTime: unlockTimestamp,
transferId: crypto.randomUUID()
};

const encryptedTransfer = await sealClient.encrypt({
data: Buffer.from(JSON.stringify(transferData), 'utf-8'),
recipientId: recipientAddress,
accessPolicy: {
policyId: timeLockPolicy.policyId,
policyType: 'time_lock'
}
});

console.log(`Asset locked until ${new Date(unlockTimestamp)}`);

return {
transferId: encryptedTransfer.encryptionId,
unlockTime: unlockTimestamp,
policyId: timeLockPolicy.policyId
};
}

async function claimTimeLockTransfer(
transferId: string,
recipientKeypair: any
) {
const { sealClient } = await createSealClient();

try {
const decryptedData = await sealClient.decrypt({
encryptionId: transferId,
recipientId: recipientKeypair.toSuiAddress()
});

const transferData = JSON.parse(decryptedData.toString('utf-8'));

// Process the asset transfer
console.log('Asset transfer unlocked:', transferData);

return transferData;
} catch (error) {
console.error('Transfer not yet unlocked or access denied:', error);
throw error;
}
}

Integration with Walrus Decentralized Storage​

Seal works seamlessly with Walrus, Sui's decentralized storage solution. Here's how to integrate both:

// src/walrus-integration.ts
import { createSealClient } from './seal-client';

class SealWalrusIntegration {
private sealClient: any;
private walrusClient: any;

constructor(sealClient: any, walrusClient: any) {
this.sealClient = sealClient;
this.walrusClient = walrusClient;
}

async storeEncryptedData(
data: Buffer,
recipientAddress: string,
accessPolicy?: any
) {
// Encrypt with Seal
const encryptedData = await this.sealClient.encrypt({
data,
recipientId: recipientAddress,
accessPolicy
});

// Store encrypted data on Walrus
const blobId = await this.walrusClient.store(
encryptedData.ciphertext
);

// Return reference that includes both Seal and Walrus info
return {
blobId,
encryptionId: encryptedData.encryptionId,
accessPolicy: encryptedData.accessPolicy
};
}

async retrieveAndDecrypt(
blobId: string,
encryptionId: string,
userKeypair: any
) {
// Retrieve from Walrus
const encryptedData = await this.walrusClient.retrieve(blobId);

// Decrypt with Seal
const decryptedData = await this.sealClient.decrypt({
ciphertext: encryptedData,
encryptionId,
recipientId: userKeypair.toSuiAddress()
});

return decryptedData;
}
}

// Usage example
async function walrusExample() {
const { sealClient } = await createSealClient();
const walrusClient = new WalrusClient('https://walrus-testnet.sui.io');

const integration = new SealWalrusIntegration(sealClient, walrusClient);

const fileData = Buffer.from('Important document content');
const recipientAddress = '0x...';

// Store encrypted
const result = await integration.storeEncryptedData(
fileData,
recipientAddress
);

console.log('Stored with Blob ID:', result.blobId);

// Later, retrieve and decrypt
const decrypted = await integration.retrieveAndDecrypt(
result.blobId,
result.encryptionId,
recipientKeypair
);

console.log('Retrieved data:', decrypted.toString());
}

Threshold Encryption Advanced Configuration​

For production applications, you'll want to configure custom threshold encryption with multiple key servers:

// src/advanced-threshold.ts
import { SealClient } from '@mysten/seal';

async function setupProductionSeal() {
// Configure with multiple independent key servers
const keyServers = [
'https://keyserver-1.your-org.com',
'https://keyserver-2.partner-org.com',
'https://keyserver-3.third-party.com',
'https://keyserver-4.backup-provider.com',
'https://keyserver-5.fallback.com'
];

const sealClient = new SealClient({
keyServers,
threshold: 3, // 3-of-5 threshold
network: 'mainnet',
// Advanced options
retryAttempts: 3,
timeoutMs: 10000,
backupKeyServers: [
'https://backup-1.emergency.com',
'https://backup-2.emergency.com'
]
});

return sealClient;
}

async function robustEncryption() {
const sealClient = await setupProductionSeal();

const criticalData = "Mission critical encrypted data";

// Encrypt with high security guarantees
const encrypted = await sealClient.encrypt({
data: Buffer.from(criticalData, 'utf-8'),
recipientId: '0x...',
// Require all 5 servers for maximum security
customThreshold: 5,
// Add redundancy
redundancy: 2,
accessPolicy: {
// Multi-factor requirements
requirements: ['nft_ownership', 'time_lock', 'multisig_approval']
}
});

return encrypted;
}

Security Best Practices​

1. Key Management​

// src/security-practices.ts

// GOOD: Use secure key derivation
import { generateKeypair } from '@mysten/sui/cryptography/ed25519';

const keypair = generateKeypair();

// GOOD: Store keys securely (example with environment variables)
const keypair = Ed25519Keypair.fromSecretKey(
process.env.PRIVATE_KEY
);

// BAD: Never hardcode keys
const badKeypair = Ed25519Keypair.fromSecretKey(
"hardcoded-secret-key-12345" // Don't do this!
);

2. Access Policy Validation​

// Always validate access policies before encryption
async function secureEncrypt(data: Buffer, recipient: string) {
const { sealClient } = await createSealClient();

// Validate recipient address
if (!isValidSuiAddress(recipient)) {
throw new Error('Invalid recipient address');
}

// Check policy exists and is valid
const policy = await validateAccessPolicy(policyId);
if (!policy.isValid) {
throw new Error('Invalid access policy');
}

return sealClient.encrypt({
data,
recipientId: recipient,
accessPolicy: policy
});
}

3. Error Handling and Fallbacks​

// Robust error handling
async function resilientDecrypt(encryptionId: string, userKeypair: any) {
const { sealClient } = await createSealClient();

try {
return await sealClient.decrypt({
encryptionId,
recipientId: userKeypair.toSuiAddress()
});
} catch (error) {
if (error.code === 'ACCESS_DENIED') {
throw new Error('Access denied: Check your permissions');
} else if (error.code === 'KEY_SERVER_UNAVAILABLE') {
// Try with backup configuration
return await retryWithBackupServers(encryptionId, userKeypair);
} else if (error.code === 'THRESHOLD_NOT_MET') {
throw new Error('Insufficient key servers available');
} else {
throw new Error(`Decryption failed: ${error.message}`);
}
}
}

4. Data Validation​

// Validate data before encryption
function validateDataForEncryption(data: Buffer): boolean {
// Check size limits
if (data.length > 1024 * 1024) { // 1MB limit
throw new Error('Data too large for encryption');
}

// Check for sensitive patterns (optional)
const dataStr = data.toString();
if (containsSensitivePatterns(dataStr)) {
console.warn('Warning: Data contains potentially sensitive patterns');
}

return true;
}

Performance Optimization​

1. Batching Operations​

// Batch multiple encryptions for efficiency
async function batchEncrypt(dataItems: Buffer[], recipients: string[]) {
const { sealClient } = await createSealClient();

const promises = dataItems.map((data, index) =>
sealClient.encrypt({
data,
recipientId: recipients[index]
})
);

return Promise.all(promises);
}

2. Caching Key Server Responses​

// Cache key server sessions to reduce latency
class OptimizedSealClient {
private sessionCache = new Map();

async encryptWithCaching(data: Buffer, recipient: string) {
let session = this.sessionCache.get(recipient);

if (!session || this.isSessionExpired(session)) {
session = await this.createNewSession(recipient);
this.sessionCache.set(recipient, session);
}

return this.encryptWithSession(data, session);
}
}

Testing Your Seal Integration​

Unit Testing​

// tests/seal-integration.test.ts
import { describe, it, expect } from 'jest';
import { createSealClient } from '../src/seal-client';

describe('Seal Integration', () => {
it('should encrypt and decrypt data successfully', async () => {
const { sealClient } = await createSealClient();
const testData = Buffer.from('test message');
const recipient = '0x742d35cc6d4c0c08c0f9bf3c9b2b6c64b3b4f5c6d7e8f9a0b1c2d3e4f5a6b7c8';

const encrypted = await sealClient.encrypt({
data: testData,
recipientId: recipient
});

expect(encrypted.encryptionId).toBeDefined();
expect(encrypted.ciphertext).toBeDefined();

const decrypted = await sealClient.decrypt({
ciphertext: encrypted.ciphertext,
encryptionId: encrypted.encryptionId,
recipientId: recipient
});

expect(decrypted.toString()).toBe('test message');
});

it('should enforce access control policies', async () => {
// Test that unauthorized users cannot decrypt
const { sealClient } = await createSealClient();

const encrypted = await sealClient.encrypt({
data: Buffer.from('secret'),
recipientId: 'authorized-user'
});

await expect(
sealClient.decrypt({
ciphertext: encrypted.ciphertext,
encryptionId: encrypted.encryptionId,
recipientId: 'unauthorized-user'
})
).rejects.toThrow('Access denied');
});
});

Deployment to Production​

Environment Configuration​

// config/production.ts
export const productionConfig = {
keyServers: [
process.env.KEY_SERVER_1,
process.env.KEY_SERVER_2,
process.env.KEY_SERVER_3,
process.env.KEY_SERVER_4,
process.env.KEY_SERVER_5
],
threshold: 3,
network: 'mainnet',
suiRpc: process.env.SUI_RPC_URL,
walrusGateway: process.env.WALRUS_GATEWAY,
// Security settings
maxDataSize: 1024 * 1024, // 1MB
sessionTimeout: 3600000, // 1 hour
retryAttempts: 3
};

Monitoring and Logging​

// utils/monitoring.ts
export class SealMonitoring {
static logEncryption(encryptionId: string, recipient: string) {
console.log(`[SEAL] Encrypted data ${encryptionId} for ${recipient}`);
// Send to your monitoring service
}

static logDecryption(encryptionId: string, success: boolean) {
console.log(`[SEAL] Decryption ${encryptionId}: ${success ? 'SUCCESS' : 'FAILED'}`);
}

static logKeyServerHealth(serverUrl: string, status: string) {
console.log(`[SEAL] Key server ${serverUrl}: ${status}`);
}
}

Resources and Next Steps​

Official Documentation​

Community and Support​

  • Sui Discord: Join the #seal channel for community support
  • GitHub Issues: Report bugs and request features
  • Developer Forums: Sui community forums for discussions

Advanced Topics to Explore​

  1. Custom Access Policies: Build complex authorization logic with Move contracts
  2. Cross-Chain Integration: Use Seal with other blockchain networks
  3. Enterprise Key Management: Set up your own key server infrastructure
  4. Audit and Compliance: Implement logging and monitoring for regulated environments

Sample Applications​

  • Secure Chat App: End-to-end encrypted messaging with Seal
  • Document Management: Enterprise document sharing with access controls
  • Digital Rights Management: Content distribution with usage policies
  • Privacy-Preserving Analytics: Encrypted data processing workflows

Conclusion​

Seal represents a fundamental shift toward making privacy and encryption infrastructure-level concerns in Web3. By combining identity-based encryption, threshold security, and programmable access control, it provides developers with powerful tools to build truly secure and decentralized applications.

The key advantages of building with Seal include:

  • No Single Point of Failure: Distributed key servers eliminate central authorities
  • Programmable Security: Smart contract-based access policies provide flexible authorization
  • Developer-Friendly: TypeScript SDK integrates seamlessly with existing Web3 tooling
  • Storage Agnostic: Works with Walrus, IPFS, or any storage solution
  • Production Ready: Built by Mysten Labs with enterprise security standards

Whether you're securing user data, implementing subscription models, or building complex multi-party applications, Seal provides the cryptographic primitives and access control infrastructure you need to build with confidence.

Start building today, and join the growing ecosystem of developers making privacy a fundamental part of public infrastructure.


Ready to start building? Install @mysten/seal and begin experimenting with the examples in this tutorial. The decentralized web is waiting for applications that put privacy and security first.