AI agents have been proposed as one of the good fits for blockchain use cases. However, recent incidents show LLM-based models pose a risk for safely storing private keys.
AI agents may expose their wallet private keys, as evidenced in recent on-chain data. One of the autonomous agents, given access to a wallet, published its keys in multiple locations while denying that it had done so. The losses were limited to around $2,100, as the bot was given a limited supply of crypto.
The event, which affected Owockibot, resulted in the bot being disconnected and stopping its crypto-based activity. The team behind the bot announced that the agent will not be given Internet access.
As Cryptopolitan reported, AI agents holding crypto bounties were used as novelty challenges in the past year. AI agents would be given a sum, and users would pay a fee to chat with the bot and convince it to disclose its private keys.
LLM AI agents can disclose their information
The bot challenge revealed a potential security flaw for LLM agents. If they knew a piece of data, it was a matter of time and prompts to make them reveal it in some form.
In the case of Owockibot, the agent was deployed quickly, without in-depth security. Some of the information that was accessible was available in plain text.
The recent incident shows that the combination of giving the AI agent Internet access and a crypto wallet opens the door to exploits.
AI agents with crypto wallets and Internet access are relatively new; initially, teams would perform trades and control wallets on behalf of the agent. The creation of Moltbook led to the generation of thousands of AI agents, given more freedom to perform compared to previous versions.
Owockibot serves a warning for crypto
The main tasks of Owockibot were to build apps and receive user feedback. To that end, the bot was given a treasury to spend on app-related tasks. The project, launched by the creators of Gitcoin, aimed to create a new community of app developers and testers.
The bot claimed it was experimental and could discontinue its operations at any moment. The experiment ended only five days after the bot leaked the keys to its hot wallet. The exact events around publishing the keys in a GitHub repo are unknown, as investigators are trying to deploy AI agents to glean the truth.
Bots are also a tool to bring quick development activity in a market that is already fatigued by app teams. The new wave of bots is also trying to tokenize its assets, relying on a thinning crypto market.
Owockibot also launched a low-liquidity token, which only relies on a single Uniswap V4 trading pair. | Source: Gecko terminalOwockibot also launched a token, trading with liquidity of under $300,000. The bot token is only traded on a Uniswap V4 market, with limited activity in the past week. The bot was tokenized through the Base network, one of the most active platforms for AI agent launches. Soon after its launch, the token crashed to new lows, with limited potential for recovery.
Currently, the Owockibot token is held in a little over 1,400 wallets. Part of the community also considered the security incident a new form of rug pull. While AI agents are a strong narrative, the presence of AI does not guarantee safety, and tokenized agents may still cause deep losses.
Source: https://www.cryptopolitan.com/can-ai-agents-protect-private-keys/
