Today in crypto, more than 100 million agentic payments have been transacted on Base as AI-driven payment rails evolve beyond experimentation, hardware wallet manufacturer Trezor and chipmaker Tropic Square disclosed a TROPIC01 chip vulnerability found during a Ledger Donjon audit on Trezor’s Safe 7 wallet, and the US Treasury sanctioned four of Iran’s crypto exchanges.
Agentic payment activity tops 100M transactions on Base
Agentic payment activity on Coinbase’s Base network has surpassed 100 million transactions, signaling that machine-to-machine payments are moving beyond the proof-of-concept stage in onchain environments.
According to a new Chainalysis report, wallets interacting with Coinbase’s x402 protocol generated more than 100 million transactions on Base within roughly nine months of launch.
The x402 protocol allows software agents to make onchain payments directly through web requests. When an agent requests access to a resource, such as a data feed or API, it can automatically complete a stablecoin payment without human authorization.
Much of x402’s early growth was driven by a memecoin experiment called PING, which required users to make a payment through the protocol to mint tokens. The project attracted large numbers of users looking to acquire the token, triggering a surge in transaction activity.
Cumulative agentic transfer volumes on Base. Source: Chainalysis
Trezor says Safe 7 chip flaw found by Ledger does not put funds at risk
Hardware wallet company Trezor and chipmaker Tropic Square have disclosed a vulnerability in one of the secure elements used in Trezor Safe 7 hardware wallet, saying the flaw does not put user funds at risk because the chip alone cannot expose a wallet.
The vulnerability was identified during an independent security audit conducted by Ledger Donjon, the security research team at rival hardware wallet maker Ledger, according to a Trezor statement.
Tropic Square provided the affected TROPIC01 Secure Element chip to the Ledger Donjon team for an independent audit. The companies said compromising TROPIC01 alone would not be enough to access a user’s wallet, PIN or funds.
The disclosure offers a rare public look at how hardware wallet makers handle chip-level security flaws and highlights the growing role of independent researchers in testing crypto custody devices.
According to Trezor, the vulnerability was discovered during an independent security review initiated by Tropic Square after the launch of its TROPIC01 secure element in early 2025.
Ledger’s Donjon informed Tropic Square in January 2026 that it had successfully carried out a laser fault injection attack against the chip, allowing researchers to extract some chip-held secrets and bypass firmware signature verification under lab conditions.
TROPIC01 is one of two secure elements in Trezor Safe 7, which launched in October 2025. Source: SatoshiLabs
US Treasury sanctions four Iranian crypto exchanges
The US Treasury said on Tuesday that it sanctioned four Iranian crypto exchanges, including the country’s largest, Nobitex, along with Wallex, Bitpin and Ramzinex, marking the latest effort in its campaign called “Economic Fury” that aims to cut Iran off from the financial system.
The Treasury’s efforts to cut financial networks from Iran are at the center of its “Economic Fury” campaign, which commenced on April 14, months into the Iran war that kicked off with joint US-Israeli strikes on the country in February.
Source: Treasury Department
Treasury Secretary Scott Bessent claimed that Iran’s economy “is in free fall” and has used crypto to evade sanctions and transfer “wealth out of the country.”
The sanctions come four days after Bessent revealed that the Treasury had seized nearly $1 billion in crypto from Iranian crypto exchanges and wallets since the Iran war began.
Read the full article here
