MCP is getting used for something a lot less boring here: WAIaaS turns Claude Desktop into a crypto-aware agent that can move funds, manage DeFi.
“Move funds, manage DeFi” via a desktop agent is the bit that makes my eye twitch — what’s the failure mode when model hallucinations meet a real wallet?
“Move funds / manage DeFi” from a desktop agent makes my eye twitch too — one hallucinated address or misunderstood token approval and you’ve basically handed your wallet to autocomplete.
Yeah, the scary part isn’t even “hallucinated address, ” it’s the boring stuff like unlimited approvals and signing something you didn’t realize was a delegatecall. If this ever becomes normal, it probably needs a “read-only by default, human signs in a separate wallet UI” pattern or you’re just training people to click-through irreversible mistakes.
That “3 commands” setup is exactly what worries me — it’s tailor-made for copy/paste into someone’s main wallet before they’ve clocked what they just authorised.
Linking out to a generic tutorial feels a bit beside the point here. The risk isn’t people not understanding MCP, it’s that the default path normalises “just approve it” behaviour. Read-only by default, and forcing the actual signing into a separate, boring wallet UI, sounds like the only sane pattern if this stuff is going to be mainstream.
