Blockchain & Digital Assets Weekly Briefing - Week 12

Week ending 20th March 2026

This week, the lines between traditional finance, crypto infrastructure, and artificial intelligence continued to blur at speed. Mastercard made its most aggressive stablecoin move yet. US regulators took a step toward ending years of legal ambiguity over crypto assets. Stripe and Coinbase are quietly building the financial plumbing for a world where AI agents transact autonomously. And on the security front, a Bitcoin fork did what Bitcoin Core has not — putting quantum resistance to the test in a live environment. The future of digital assets is being built in real time, across all fronts at once.

1. Mastercard’s $1.8bn BVNK deal signals a decisive leap into stablecoin-powered payments.

2. SEC and CFTC move to define which crypto assets qualify as securities.

3. Stripe and Tempo are building the payment rails for AI agents — and the whole industry is following.

4. Coinbase and Cloudflare are teaming up to build stablecoin rails specifically for AI agents.

5. A Bitcoin fork just activated the quantum-resistance upgrade Bitcoin Core has yet to build.

   
   

1. Mastercard’s $1.8bn BVNK deal signals a decisive leap into stablecoin-powered payments

Global payments giant Mastercard, which operates one of the world’s largest card networks and serves billions of users across more than 200 countries, has agreed to acquire stablecoin infrastructure startup BVNK for up to $1.8 billion, marking a significant escalation in its digital asset strategy.

A strategic push into blockchain rails

The deal—expected to close by the end of 2026 and including up to $300 million in contingent payments—gives Mastercard direct access to infrastructure that connects traditional fiat currencies with stablecoins.

Stablecoins, which are typically pegged to fiat currencies like the US dollar, are increasingly viewed as a faster and cheaper alternative to traditional payment rails, particularly for cross-border transactions and business payments.

By acquiring BVNK rather than building internally, Mastercard aims to accelerate its ability to support blockchain-based transfers, enabling users to send, receive and convert funds across both fiat and digital currency systems.

What BVNK brings to the table

Founded in 2021, BVNK has built infrastructure that enables businesses to move money between fiat and stablecoins across more than 130 countries and multiple blockchain networks.

BVNK has also secured regulatory licenses in several jurisdictions and raised roughly $100 million from investors, including Visa Inc.—a notable backer given its position as one of the world’s largest payment networks. This support underscores growing interest from established financial players in stablecoin infrastructure and signals confidence in BVNK’s role as a bridge between traditional finance and blockchain-based systems.

Competitive pressure from fintech and crypto

The acquisition reflects intensifying competition between traditional payment networks and newer blockchain-based systems. Rivals such as Visa have already launched stablecoin settlement initiatives, while fintech firms and crypto-native players continue to build alternative payment rails.

Industry analysts point to stablecoins’ near-instant settlement and lower transaction costs as potential disruptors to card-based fee models, especially in cross-border and peer-to-peer payments.

At the same time, mergers and acquisitions in the sector have accelerated. BVNK itself had previously been in acquisition talks with Coinbase in a deal reportedly valued around $2 billion before negotiations collapsed.

A broader shift toward digital assets

Mastercard’s move aligns with its wider push into digital assets, including its Crypto Partner Program and ongoing investments in blockchain capabilities.

The company is effectively positioning itself for a future in which stablecoins and tokenized money become a standard component of global finance. Executives have indicated that most financial institutions are expected to offer digital currency services over time, reflecting growing institutional adoption.

Why it matters

This acquisition underscores a structural shift in payments: rather than resisting blockchain disruption, incumbents are integrating it. By embedding stablecoin infrastructure into its network, Mastercard is seeking to maintain relevance—and control—over how money moves in a digital-first financial system.

For the digital assets ecosystem, the deal signals increasing convergence between traditional finance and crypto infrastructure, with stablecoins emerging as a key bridge between the two worlds.

2. SEC and CFTC move to define which crypto assets qualify as securities

On March 17, 2026, the United States Securities and Exchange Commission (SEC) — the federal agency responsible for regulating American capital markets and protecting investors, overseeing a regulatory remit touching trillions of dollars in assets — issued its most significant crypto policy document to date. For the first time, the SEC formally interpreted how federal securities laws apply to crypto assets, and it did so jointly with the Commodity Futures Trading Commission (CFTC), the agency responsible for overseeing derivatives and commodity markets. The two agencies, which have for years operated in a state of jurisdictional tension over digital assets, published a unified document that attempts to resolve the most contested questions in crypto regulation once and for all.

This is not a proposed rule open for debate. The document is filed as a Final Rule and Interpretation under Release Numbers 33-11412 and 34-105020, and it takes effect upon publication in the Federal Register. It carries the weight of official agency policy.

How we got here: a decade of enforcement, not clarity

To understand why this matters, you need to understand the history. The Commission engaged with crypto assets for more than a decade but never developed a tailored regulatory framework to accommodate crypto asset innovation and entrepreneurship. Instead, it applied the "Howey test" — a legal standard from a 1946 Supreme Court case, SEC v. W.J. Howey Co. — to determine whether crypto assets and transactions involving them fell under securities law. Under this test, an investment contract is defined as any arrangement where a person invests money in a common enterprise and reasonably expects profits from the efforts of others.

The problem was that applying an eighty-year-old test to blockchain technology produced inconsistent results. The varying degrees of control that persons or groups have over crypto systems, the diversity of types of crypto assets with varying characteristics, uses, and functionality, and the evolving nature of crypto assets prompted divergent views among market participants, financial regulators, and the courts — particularly with respect to secondary market transactions.

Rather than write new rules to resolve these questions, the previous administration's SEC relied on enforcement actions. Some Commissioners and commentators described this as "regulation by enforcement," arguing the Commission pursued actions against crypto asset issuers for alleged violations of securities laws rather than developing a framework accommodating crypto innovation. Hundreds of companies faced SEC investigations, lawsuits, or settlements over token sales — often without clear guidance on what would have made those sales legal.

The shift began in early 2025. On January 21, 2025, Acting Chairman Mark T. Uyeda established the Crypto Task Force to help provide greater clarity on the application of federal securities laws to the crypto asset markets. Its focus included drawing clear regulatory lines, distinguishing securities from non-securities, crafting tailored disclosure frameworks, and providing realistic paths to registration for crypto asset offerings. The task force held roundtables, solicited public submissions, and gathered feedback. To date, the Crypto Task Force has received over 300 written submissions from issuers, investors, law firms, audit professionals, academics, investment companies, market intermediaries, network foundations, and foreign entities.

Then, in July 2025, the White House weighed in. The President's Working Group on Digital Asset Markets released a report titled "Strengthening American Leadership in Digital Financial Technology," which recommended that the SEC and CFTC use their existing authorities to provide regulatory clarity that keeps blockchain-based innovation within the United States. SEC Chairman Paul S. Atkins responded by launching "Project Crypto," a commission-wide initiative to modernise federal securities rules for digital assets. On January 29, 2026, Chairman Atkins and CFTC Chairman Michael S. Selig announced that Project Crypto would proceed as a joint effort between the two agencies to harmonise federal oversight of crypto asset markets. The March 17 interpretation is the first concrete output of that joint effort.

The five categories: a new map for digital assets

The centrepiece of the document is a formal classification system. The SEC classified crypto assets into five categories based on their characteristics, uses, and functions: digital commodities, digital collectibles, digital tools, stablecoins, and digital securities. Each category receives a distinct legal treatment, and the distinctions matter enormously for anyone issuing, trading, or building products around these assets.

• Digital commodities — not securities

A digital commodity is a crypto asset that is intrinsically linked to and derives its value from the programmatic operation of a crypto system that is "functional," as well as supply and demand dynamics, rather than from the expectation of profits from the essential managerial efforts of others. A digital commodity does not have intrinsic economic properties or rights such as generating a passive yield or conveying rights to future income, profits, or assets of a business enterprise.

Critically, the SEC did not leave this category abstract. The Commission named specific assets it concludes are digital commodities as of the date of the release, including Bitcoin (BTC), Ether (ETH), Solana (SOL), XRP, Cardano (ADA), Avalanche (AVAX), Dogecoin (DOGE), Chainlink (LINK), Litecoin (LTC), Polkadot (DOT), Hedera (HBAR), Stellar (XLM), Aptos (APT), Bitcoin Cash (BCH), Shiba Inu (SHIB), and Tezos (XTZ).

This is a list that would have been unthinkable two years ago, when the SEC was actively litigating whether assets like ETH and XRP were unregistered securities.

• Digital collectibles — not securities

Digital collectibles are crypto assets designed to be collected and/or used, and may represent or convey rights to artwork, music, videos, trading cards, in-game items, or digital representations or references to internet memes, characters, current events, or trends, among other things. This brings most NFTs — at least those functioning genuinely as collectibles rather than speculative investment vehicles — outside the securities perimeter.

• Digital tools — not securities

Digital tools are crypto assets that perform a practical function, such as a membership, ticket, credential, title instrument, or identity badge. This category covers utility tokens in the traditional sense — tokens that do something functional on a platform, granting access or enabling activity rather than offering a financial return.

• Stablecoins — a conditional carve-out

Stablecoins defined under the GENIUS Act as "payment stablecoins issued by a permitted payment stablecoin issuer" are not classified as securities. The GENIUS Act, which became law in 2025, created the regulatory category of "permitted payment stablecoin issuer," and the SEC's interpretation ties directly into that framework. Stablecoins that do not meet this definition may still face securities scrutiny depending on their structure.

• Digital securities — full regulation applies

Digital securities — also called tokenised securities — are financial instruments enumerated in the definition of "security" that are formatted as or represented by a crypto asset, where the record of ownership is maintained in whole or in part on or through one or more crypto networks. These remain subject to the full weight of federal securities laws. Tokenised stocks, tokenised bonds, and similar instruments are not getting a regulatory pass simply because they live on a blockchain.

The investment contract question: when does a non-security become one?

The most legally consequential section of the document addresses investment contracts — the legal mechanism that has historically been used to pull crypto assets into the securities framework even when the assets themselves were arguably not securities.

The interpretation clarifies that a non-security crypto asset becomes subject to an investment contract when an issuer offers it by inducing an investment of money in a common enterprise with representations or promises to undertake essential managerial efforts from which a purchaser would reasonably expect to derive profits. The guidance specifies the nature of the representations or promises necessary to form an investment contract, including the source of the representations or promises, the medium by which they are communicated, and the level of detail they must provide.

In plain terms: if you launch a token and tell buyers your team will build something that makes the token valuable, that is likely an investment contract — and therefore a securities offering. The promise is the trigger.

But the interpretation also answers the question that has haunted crypto projects since the Howey test was first applied to them: can the securities obligations ever end? The answer, for the first time officially, is yes. A non-security crypto asset ceases to be subject to an investment contract when the investment contract terminates because either the issuer has fulfilled its representations or promises, or the issuer has failed to satisfy them.

This is a significant development. Projects that have delivered on their roadmaps — that have built functional, decentralised networks and fulfilled what they promised buyers — can now make a credible argument that their tokens are no longer subject to securities regulation. The same applies, in a different way, to failed projects: once it is clear that the promises cannot be met, the investment contract has ended.

The grey zone: what a token actually is while the team is still building

This raises a practical question that the interpretation quietly glosses over: what exactly is a token during the period between launch and delivery — while the team is still building, still making promises, still trying to deliver? The SEC's answer is that the token itself remains a commodity throughout. What carries the securities obligation is not the asset, but the specific transactions in which the team sells it. Every time a founding team raises money by pointing to a roadmap and telling buyers their efforts will make the token valuable, that sale is a securities transaction, subject to registration and disclosure requirements. The token in someone else's hands, trading on a secondary market, is a different matter — those trades are not securities transactions. In other words, the same asset can be a commodity when it changes hands between two retail traders, and simultaneously be the subject of a securities offering when the founding team is the seller. This distinction, inherited directly from the 2023 court rulings that shaped this framework, is coherent in theory. In practice, it places the entire burden of compliance on identifying who is selling and what they said when they sold it — a standard that is genuinely difficult to enforce at scale, and one that sophisticated teams will inevitably find ways to structure around.

Protocol mining, staking, wrapping, and airdrops — all clarified

The interpretation also resolves several questions that have created practical uncertainty for anyone running infrastructure or distributing tokens.

• Protocol mining and protocol staking — as described in the interpretation — do not involve the offer and sale of a security. Miners and stakers earning rewards for securing proof-of-work or proof-of-stake networks are not engaged in securities transactions. This removes a significant cloud of legal risk from the infrastructure layer of the crypto ecosystem.

• The wrapping of a non-security crypto asset also does not constitute a securities transaction. Wrapped tokens — representations of one asset on a different blockchain, such as wrapped Bitcoin on Ethereum — have long occupied uncertain legal territory. The interpretation confirms that wrapping a non-security does not transform it into a security.

• On airdrops, certain crypto asset disseminations known as "airdrops" do not involve an "investment of money" under the Howey test. The practical implication: token distributions made without recipients paying for them do not automatically trigger securities law treatment, as long as the airdrop meets the criteria outlined in the interpretation.

The CFTC's role: commodities fill the gap

The CFTC's involvement in this document is not merely symbolic. The CFTC joined the interpretation to provide guidance that the CFTC and its staff will administer the Commodity Exchange Act consistent with the SEC's interpretation, and that certain non-security crypto assets could meet the definition of "commodity" under the Commodity Exchange Act.

In practical terms, this means that the assets explicitly excluded from the SEC's jurisdiction — the digital commodities — fall squarely into the CFTC's. Bitcoin, Ether, and the rest of the named assets on that list are now formally understood to be commodities, regulated by the CFTC rather than the SEC. This resolves the jurisdictional ambiguity that has defined — and often paralysed — crypto policy in Washington for years.

CFTC Chairman Michael S. Selig was direct about the significance of the moment. "For far too long, American builders, innovators, and entrepreneurs have awaited clear guidance on the status of crypto assets under the federal securities laws and Commodity Exchange Act," he said, adding that the joint action reflects a shared commitment to developing workable, harmonised regulations.

What the interpretation does not do

It is worth being precise about the limits of this document. The interpretation does not supersede or replace the Howey test, which remains binding legal precedent. Rather, it conveys the Commission's views, informed by extensive feedback received to date, regarding how certain aspects of the Howey test apply to crypto assets. Courts are not bound by it. Future administrations could revise it. And the Commission noted that, based on feedback received, it may refine, revise, or expand upon the interpretation in order to provide further clarity.

This is explicitly described as a first step. The Commission characterised this interpretation as its "first step toward developing a clearer regulatory framework for the treatment of crypto assets under the Federal securities laws," with further rulemakings and frameworks to follow as Congress advances complementary legislation.

The bottom line

For the first time in the history of digital assets, the two most powerful financial regulators in the United States have put their names on a shared document that says: here is what is a security, here is what is not, and here is how we plan to enforce those lines. Bitcoin, Ether, Solana, and fifteen other major assets are formally commodities. NFTs used as collectibles are not securities. Staking and mining rewards are not securities transactions. Investment contracts can end. Airdrops are not automatically securities offerings.

The rulebook has been written. But a rulebook is only as good as the assumptions built into it. This interpretation leans heavily on the idea that a network being "functional" and "decentralised" severs the link between an issuing company's efforts and an asset's price. For Bitcoin, that argument is strong. For assets where a single company still controls token supply, funds global marketing campaigns, pays for media coverage, and holds relationships with institutional buyers, the decentralisation argument is considerably thinner — and XRP sits squarely in that category. Ripple, the company intrinsically tied to XRP, has for years funded crypto newsletter coverage, sponsored conferences, and actively cultivated institutional adoption through its own commercial relationships. Early insiders and Ripple itself still hold a significant concentration of supply, releasing tokens into the market on a scheduled basis. In economic terms, retail buyers have long been providing the liquidity that allows those early holders to exit. That is precisely the dynamic the Howey test was designed to catch — one party promotes an asset, another funds their way out.

The interpretation answers that concern legally, by arguing that XRP's value now flows from the XRP Ledger's programmatic operation rather than Ripple's managerial efforts. Whether that conclusion reflects economic reality, or whether it reflects the outcome of years of aggressive litigation and lobbying by a well-funded company under a sympathetic administration, is a question worth sitting with. What happens next depends on whether Congress turns this framework into permanent law and whether courts accept its reasoning when challenged. For now, the map has been drawn. Whether it maps reality accurately — particularly for assets like XRP where the line between a commodity and a promoted investment scheme remains genuinely blurry — is a question this newsletter will keep asking.

3. Stripe and Tempo are building the payment rails for AI agents — and the whole industry is following

The payments industry is placing its bets on a future where AI agents spend money autonomously, and Stripe is moving early to own that infrastructure.

Tempo: building the open standard

Stripe — the Irish-American payments giant currently valued at $159bn, processing hundreds of billions of dollars annually for millions of businesses worldwide — has long dominated online payment infrastructure. Now, through its crypto joint venture Tempo, a blockchain venture co-founded with crypto investment firm Paradigm and valued at $5bn after a $500m raise last October, Stripe is betting that the next frontier of commerce won't involve humans at all.

Tempo has launched the Machine Payments Protocol (MPP), described as an "internet-native way for agents to pay." Crucially, MPP is not a Stripe or Tempo product in the proprietary sense — it is an open, extensible, payment-rail-agnostic standard, meaning any company can build on top of it and it is not locked to a single blockchain or currency. In plain terms: it is financial plumbing designed from the ground up for AI agents, not people. The tools underpinning today's financial system were built for humans — creating accounts, entering card details, choosing subscription tiers, managing billing — all deeply human workflows. MPP removes those friction points entirely, letting agents and services coordinate payments programmatically, enabling micro-transactions as low as fractions of a cent with no human involvement.

Once set up, businesses can accept payments from agents in both stablecoins and fiat currency, with support for features such as buy now, pay later. Early adopters already include browser infrastructure firm Browserbase and New York-based Prospect Butcher Co.

What's running under the hood

At launch, Stripe's machine payments infrastructure settles on-chain across three networks: Tempo itself, using MPP and USDC; Base, using the related x402 protocol and USDC; and Solana, also via x402 and USDC. These settlements flow directly into a Stripe balance, with fraud protection included. Beyond crypto, extensions already exist for card payments via Visa, and for Bitcoin micropayments over the Lightning Network via Lightspark — meaning an AI agent could, in theory, pay for an API call in BTC at near-zero cost. The architecture is deliberately modular: MPP does not mandate a specific rail, it simply provides the standard that any rail can plug into.

Tempo's growing ecosystem

Tempo has been quietly assembling a notable ecosystem since emerging from incubation last year. In November, Swedish fintech giant Klarna — a buy now, pay later pioneer with over 85 million users — became the first institution to announce a stablecoin on the Tempo blockchain. Its planned KlarnaUSD coin, set to launch this year, is expected to reduce transaction fees and enable Klarna to move large sums globally, bypassing intermediaries like SWIFT. In December, Stripe separately acquired US billing platform Metronome, with CEO Patrick Collison describing usage-based pricing as "the native business model for the AI era."

Visa joins — on its own terms

The same week Tempo launched, Visa released its own implementation under the MPP standard: Visa CLI, a command-line tool that lets AI agents execute card payments directly from a terminal environment. This is a meaningful signal — the world's largest card network, processing 329 billion transactions and $16.7 trillion in volume in fiscal year 2025, chose to build on MPP rather than create a competing standard. That is an early and significant vote of confidence in MPP's potential to become the default framework for agentic commerce.

It is worth understanding precisely how Visa CLI works, because it is architecturally quite different from the crypto-native rails that sit alongside it. A human or business links their existing Visa card or bank account to an AI agent platform, having already completed KYC through their card provider. Visa then issues a network token — a secure, temporary digital version of those card details — scoped specifically to that agent, with defined spending limits, merchant category restrictions, and expiry controls. No full card number ever reaches the AI agent. When the agent transacts, the payment flows over Visa's standard card network as a conventional merchant transaction, with fiat settling into the recipient's merchant account. It is more accurate to describe it as agent-paying-a-merchant than true peer-to-peer agent-to-agent value transfer.

The honest limitations of card rails for AI

The Visa integration extends MPP's reach considerably, but it is worth being clear about where card rails struggle in the context of agentic commerce.

First, micropayments: traditional card networks were not designed for fractions-of-a-cent transactions. The fee structures that work fine for a £50 purchase break down entirely when an AI agent needs to pay per API call, per second of compute, or per kilobyte of data — exactly the transaction types that will define machine-to-machine commerce at scale.

Second, cross-border costs: Visa CLI runs on the same international card rails as any standard Visa transaction, with no announced fee reductions for AI agent use. For agents operating globally — paying a service in Vietnam from a US-based account, for instance — those cross-border fees accumulate quickly. This is precisely why, as noted in last week's Weekly Briefing, 53.2% of AI models in the Bitcoin Policy Institute study preferred stablecoins for payments: fees are negligible, settlement is near-instant, and the experience is identical regardless of geography. Visa's card infrastructure makes strong sense for larger, one-off payments, or for agents operating in closely aligned currency zones. For high-frequency, low-value, cross-border agent-to-agent transactions, stablecoin rails have a structural cost advantage that card networks currently cannot match.

The bigger picture

McKinsey estimates that agentic commerce could reach between $3 and $5 trillion globally by 2030 — though only 1% of shoppers currently take the agentic route, and most consumers are not yet delegating spending decisions to AI at the critical moment: checkout. The infrastructure is being built well ahead of the demand.

What is becoming clear is that no single rail will win outright. MPP's open, multi-rail architecture appears to anticipate exactly this: a world where an AI agent might settle in USDC on Base for a $0.001 API call, in Bitcoin over Lightning for a micropayment to a content creator, and via a tokenised Visa card for a larger domestic B2B transaction — all within the same workflow, all under the same protocol. For Tempo, with a $5bn valuation, Paradigm's backing, Stripe's distribution, and an architecture that natively supports the monetary preferences AI models actually demonstrate, MPP is a calculated move to become the connective tissue of agentic commerce — before the market fully arrives.

In parallel, China is moving faster on adoption. Major tech groups such as Baidu, Tencent, and Alibaba are rapidly deploying AI agents built on frameworks like OpenClaw, integrating them across consumer apps, enterprise tools, and cloud platforms.

This has led to a surge in experimentation with autonomous agents capable of executing multi-step tasks across software environments, reflecting a broader push to embed AI deeper into everyday digital workflows.

While security concerns remain — with authorities warning about risks such as data exposure and misuse — the pace of deployment suggests China could reach real-world usage of agent-driven commerce faster than Western markets, effectively narrowing the gap between infrastructure and adoption.

4. Coinbase and Cloudflare are teaming up to build stablecoin rails specifically for AI agents

The race to own the payment layer of the agentic internet is intensifying by the day. Having covered Stripe's Tempo and its Machine Payments Protocol, and Visa's CLI tool, a third major move has landed — and this one is the most crypto-native of the three.

Who's involved

Coinbase — the largest cryptocurrency exchange in the United States, with $7.18 billion in revenue in 2025, 105 million registered users, over $220 billion in assets under custody, and more than $1 trillion in annual transaction volume — is reportedly competing to partner with Cloudflare on a stablecoin built specifically for AI agent payments.

Cloudflare, for its part, is no minor partner. The company handles roughly 20% of the world's web traffic, generated $2.17 billion in revenue in 2025, and counts 38% of the Fortune 500 among its paying customers. Its CEO Matthew Prince has been explicit about where the company sees its future: "Cloudflare is the best place to build and scale AI agents."

The discussions are still preliminary and no deal has been confirmed, but the strategic logic is striking.

What they've already built together

This would not be the first time the two companies have collaborated on agentic infrastructure. Coinbase and Cloudflare have previously developed the x402 protocol, a system that enables machine-to-machine stablecoin payments, allowing applications to transact without manual input and creating a framework for fully automated commerce. A dedicated stablecoin issued in partnership would take that further — embedding a purpose-built payment instrument directly into Cloudflare's infrastructure, giving any developer building on that network native access to programmable payments from day one.

Why stablecoins, not cards

The choice of stablecoins over traditional card rails is not incidental — it reflects a structural reality about how AI agents actually transact. As covered in this newsletter, a study by the Bitcoin Policy Institute testing 36 AI models across over 9,000 monetary scenarios found that stablecoins were the preferred payment method in over half of transactional scenarios, with fiat finishing last across every model tested. Stablecoins offer near-instant settlement and low transaction costs, characteristics that make them well-suited for the high-frequency, low-value micropayments that AI agents require — whether for API usage, data access, or compute time. Traditional payment rails, by contrast, carry fees and settlement delays that quickly become unworkable at machine scale.

Where it fits in the broader picture

This move sits in deliberate contrast to what Visa announced the same week. Where Visa's CLI tool routes agentic payments through existing card infrastructure, a Coinbase-Cloudflare stablecoin would bypass that layer entirely — settling natively on-chain, at the infrastructure level, before a transaction ever touches a traditional payment network. Coinbase CEO Brian Armstrong captured the underlying thesis plainly: "Very soon there are going to be more AI agents than humans making transactions. They can't open a bank account, but they can own a crypto wallet."

Meanwhile, identity verification is also being addressed alongside payment systems, with projects such as World — backed by Sam Altman — introducing tools that allow AI agents to carry cryptographic proof of human association, addressing one of the remaining open questions around autonomous agent accountability.

The bottom line

Three major moves in the space of a week — Tempo's MPP, Visa's CLI, and now a potential Coinbase-Cloudflare stablecoin — all targeting the same problem from different angles. Of the three, the Coinbase-Cloudflare approach is the most deeply crypto-native: on-chain settlement, stablecoin-denominated, and embedded at the infrastructure level rather than layered on top of legacy rails. If agentic commerce reaches the $3–$5 trillion scale McKinsey projects by 2030, the entity whose payment infrastructure sits closest to where agents actually live may have a decisive advantage. Right now, that looks like it could be Coinbase and Cloudflare.

5. A Bitcoin fork just activated the quantum-resistance upgrade Bitcoin Core has yet to build

A small Canadian quantum technology firm has done something the broader Bitcoin development community has not: turned quantum-resistant theory into live, testable code.

BTQ Technologies Corp. describes itself as a vertically integrated quantum company focused on securing mission-critical networks, with a patent portfolio spanning hardware, middleware, and post-quantum cryptography for sectors including finance, defence, and telecommunications. This week, the company announced a milestone that will be of interest to anyone watching the long-term security of Bitcoin.

What happened

BTQ has released Bitcoin Quantum testnet v0.3.0, which includes the first working implementation of Bitcoin Improvement Proposal (BIP) 360 — the quantum-resistant Pay-to-Merkle-Root (P2MR) output type that was merged into Bitcoin's official BIP repository earlier this year.

In plain terms, they have taken a security proposal that exists only on paper within the broader Bitcoin ecosystem and deployed it as functioning, testable infrastructure.

While BIP 360 remains a draft proposal within the broader Bitcoin ecosystem, BTQ has already built, tested, and activated the upgrade on the Bitcoin Quantum testnet, providing developers, miners, and researchers with a live environment to evaluate how quantum-resistant Bitcoin transactions function in practice.

Why quantum resistance matters for Bitcoin

To understand why this matters, it helps to understand the specific vulnerability being addressed. Taproot, activated on Bitcoin in 2021, is foundational to Bitcoin's scaling and programmability roadmap. It underpins advanced functionality used by innovations such as Lightning, BitVM, and Ark. However, it comes with a structural weakness: Taproot's design includes a key-path spend mechanism that can expose public keys on-chain. In a future with sufficiently powerful quantum computers, exposed public keys could become vulnerable to attack via Shor's algorithm.

Shor's algorithm is a well-documented quantum computing method capable of breaking the elliptic curve cryptography that underpins Bitcoin's current signature scheme. While no quantum computer today is powerful enough to exploit this, the security community widely agrees that preparation needs to begin before that threshold is reached — not after.

BIP 360 addresses that risk by introducing Pay-to-Merkle-Root, a new output type that commits directly to the script tree's Merkle root without relying on an internal key. This preserves Taproot's scripting capabilities while eliminating the key-path spend that creates quantum vulnerability.

What is actually live today

The testnet release is not a demo or a proof of concept. The implementation includes full P2MR consensus with SegWit version 2 outputs and bc1z address encoding, all five Dilithium post-quantum signature opcodes enabled in P2MR tapscript context, and complete wallet RPC support that enables users to create, fund, sign, and spend P2MR transactions on testnet today. Dilithium (formally known as ML-DSA) is one of the signature schemes recently standardised by the US National Institute of Standards and Technology (NIST) for post-quantum use.

Additional improvements in this release include optimised block cadence with one-minute target block spacing, a refined emission schedule with a 5 BTQ block subsidy and 2,100,000-block halving interval, and a restored SegWit discount — particularly important because post-quantum signatures are substantially larger than traditional Bitcoin signatures.

How far along is the network?

To date, more than 50 miners have joined the network, more than 100,000 blocks have been mined, and the project has now advanced into its fourth testnet iteration. An active open-source community of over 100 cryptographers, developers, and miners is participating. These are early numbers, but they indicate the network has progressed beyond the whitepaper stage.

The elephant in the room: Bitcoin Core isn't moving

It is worth being clear about what this is and what it is not. Bitcoin Quantum is a fork of Bitcoin — a separate network — not an upgrade to Bitcoin itself. The pace of change in the actual Bitcoin protocol has historically been extremely slow. SegWit took approximately 8.5 years from conception to adoption, while Taproot took approximately 7.5 years. A May 2025 analysis from Chaincode Labs noted that post-quantum initiatives within Bitcoin remained at an early and exploratory stage.

BTQ's argument, stated plainly by CEO Olivier Roussy Newton, is that the ecosystem cannot afford to simply wait. The company's view is that the industry cannot afford to wait until a crisis point to begin understanding how quantum-safe Bitcoin infrastructure might work in practice.

The regulatory clock is ticking

US federal agencies are operating under NSM-10, which sets a 2035 target for full post-quantum migration, with interim transition planning requirements already in effect. In Europe, the EU has set a target for critical infrastructure quantum-resistance by 2030. In Canada, new federal procurement requirements aligned with post-quantum cryptography take effect in April 2026.

Governments are not waiting for the threat to materialise before mandating preparation. That regulatory pressure creates a real market for quantum-safe infrastructure, which is precisely the commercial opportunity BTQ is positioning itself to address.

The business model

To understand BTQ's commercial strategy, it helps to be clear about what Bitcoin Quantum actually is. It is not an upgrade to Bitcoin — it is a separate blockchain, forked from Bitcoin's codebase, that runs its own independent network and issues its own native token, also called BTQ. Think of it the way Bitcoin Cash relates to Bitcoin: similar architecture, entirely distinct chain.

BTQ Technologies plans to operate a mining pool on this network, collecting a 3% fee on block rewards paid to participating miners in BTQ tokens. Those tokens would then be held on the company's balance sheet as a strategic reserve — a bet that the network grows and the token appreciates. The company projects accumulating approximately 100,000 BTQ tokens in the first year of mainnet operation through this model alone.

Alongside this, BTQ is building what it describes as an enterprise-facing business: selling quantum security services — compliance tooling, certified infrastructure, premium settlement rails — to institutions facing growing regulatory pressure to become post-quantum ready. This is the more conventional, recurring-revenue side of the model.

The bottom line

BTQ Technologies has done something technically meaningful: moved the quantum-resistance conversation for Bitcoin from abstract proposal to live infrastructure. Whether Bitcoin itself ever adopts BIP 360 — and on what timeline — remains an open question governed by one of the most conservative development communities in crypto.

That said, the path exists. BIP 360 has already been merged into Bitcoin's official proposal repository, which means it is formally in the queue. If the Bitcoin Quantum testnet demonstrates that the upgrade works reliably in practice — and developers, miners, and researchers can now test it in a live environment rather than theorise about it — the Bitcoin community could eventually vote to adopt it as a native protocol upgrade, replacing the need for a separate fork entirely. In Bitcoin's governance model, that requires broad consensus among developers, miners, and node operators, a process that historically takes years. But live, battle-tested code is a far more persuasive argument than a whitepaper.

What is not in question is that the pressure to act — from regulators, security researchers, and institutional stakeholders — is growing. BTQ is betting that someone needs to build the runway before the rest of the industry is ready to land. For now, that runway is open for anyone to test.

WHAT WE ARE READING (OR WATCHING)

The Cryptography Frontier

6. Russia’s push for AI expansion threatens to undermine crypto mining

7. MoonPay introduces Ledger-secured AI crypto agents to address wallet key risks

8. KuCoin unveils AI Skills Hub to power smarter crypto

9. As ‘lobster fever’ grips China, Tencent makes OpenClaw-based tool available on WeChat

   
   

   The Stablecoin Standard

10. Stablecoin Boom: Solana Reaches All-Time Supply Milestone

11. OCC stablecoin proposals set higher diversification bar than most issuers meet

    
    

    On the Launchpad

12. AlphaPoint Launches Institutional-Grade Treasury Platform to Power Stablecoin and Fiat Operations at Scale

    
    

    The Tokenized Economy

13. Nasdaq receives SEC nod for trading in tokenized securities

    
    

    Beyond the Chain

14. Large investors are doubling down on crypto, but getting a lot pickier about risk

This article is for informational purposes only and should not be considered financial advice. Please do your own research or consult a licensed financial advisor before making investment decisions.