hodler

29 Apr 2026, 18:00

‘We increased BTC stash by 58%’- Eric Trump rejects Forbes’ $500mln investor-loss claim

American Bitcoin firm has ramped up Bitcoin mining operations and currently owns 7,000 BTC.

29 Apr 2026, 17:05

When Will the Royal Government of Bhutan Stop Selling Bitcoin?

The Royal Government of Bhutan has continued reducing its Bitcoin holdings, raising questions over how long the country’s selling activity may continue after months of steady outflows from state-linked wallets. According to reports, Bhutan has sold more than $200 million worth of Bitcoin since the start of 2026. The kingdom now holds roughly 3,400 to 3,800 BTC, valued near $263 million to $272 million, depending on market prices and wallet-tracking estimates. Bhutan’s Bitcoin position was built through state-backed mining operations linked to its hydroelectric power resources. At its peak in late 2024, the country’s holdings were estimated at nearly 13,000 BTC. Since then, more than 70% of that balance has been moved out through repeated transfers. Bhutan Cuts Bitcoin Holdings From Peak On-chain data shows Bhutan has sold about 9,579 BTC since its peak holdings were recorded. The latest transfer involved 100 BTC, worth nearly $7.8 million, moving from government-linked wallets. The sales have not appeared as a single large liquidation. Instead, Bhutan has moved Bitcoin in smaller batches, often valued between $5 million and $10 million. Some transfers have gone to exchange-linked wallets, trading firms, OTC desks, and unlabelled addresses. Source: Arkham This pattern suggests a managed selling strategy rather than a sudden market exit. Smaller transactions may reduce the chance of sharp price disruption while allowing the government to gradually convert Bitcoin into cash or other assets. Mining Slowdown Changes Reserve Strategy Bhutan’s Bitcoin holdings were unusual among governments because they were mined rather than seized through law enforcement actions. The country used excess hydropower to support mining operations through its sovereign investment arm. That strategy helped Bhutan build one of the largest known government Bitcoin positions. However, wallet data now shows little evidence of major new mining inflows for more than a year. The lack of fresh inflows suggests mining activity has slowed sharply or stopped. Without new production replacing sold coins, each transfer reduces the country’s remaining Bitcoin reserve. Bhutan’s realized profit from Bitcoin is estimated at more than $750 million. Because the coins were mined using domestic hydropower, the cost basis may be far lower than open-market purchases. Remaining BTC Could Last Into Late 2026 At the current pace, analysts are estimating that Bhutan’s remaining Bitcoin could be exhausted by around October 2026. That projection assumes the government continues selling at recent rates and does not restart major mining operations. The final timeline could change if Bitcoin prices rise, sales slow, or authorities decide to retain part of the remaining reserve. A policy shift could also leave Bhutan with a smaller strategic Bitcoin position rather than a full exit. For now, the wallet activity points to continued monetisation, but the government has not issued a detailed public explanation of its long-term Bitcoin plan.

29 Apr 2026, 15:31

Litecoin MWEB exploit resolved, block reorganization corrected

Litecoin recently faced one of its most serious technical incidents tied to the Mimblewimble Extension Blocks (MWEB) feature, after a validation flaw allowed an attacker to generate an inflated peg-out of approximately 85,034 LTC. The issue was traced to a failure in block connection-level verification, where MWEB input metadata did not properly match the underlying UTXO being spent. While the incident briefly shook confidence in the extension layer, it was ultimately contained through coordinated miner response and rapid protocol fixes. How the MWEB exploit unfolded According to a postmortem released by Litecoin , the exploit began in March 2026 at block height 3,073,882, when an attacker successfully exploited the validation gap. By manipulating MWEB input data, the attacker made a small input appear to justify a much larger output during peg-out processing. In reality, the underlying input value was only around 1–2 LTC, but the system incorrectly accepted it as valid backing for more than 85,000 LTC. This was not a standard wallet- or transaction-layer issue. Instead, it originated in how MWEB blocks were validated during chain connection. While the mempool and transaction construction layers functioned correctly, the final consensus-level verification step failed to fully validate the integrity of MWEB metadata against the referenced outputs. Once the abnormal peg-out was detected, miners quickly identified the inconsistency and initiated coordinated action to prevent further propagation. The suspicious outputs were isolated, and a portion of the funds was frozen at the protocol level to prevent further movement across the network. Containment, recovery, and miner coordination Following detection, developers and major mining pools moved into emergency response mode. Mining pools, including F2Pool, played a central role in stabilising the network by aligning on updated validation rules and rejecting malformed MWEB data. This coordination helped prevent the exploit from spreading further across the chain. The attacker later entered negotiations and returned the majority of the exploited funds. Approximately 84,184 LTC was recovered through coordinated transactions, while an 850 LTC bounty was retained as part of the agreement in exchange for cooperation in resolving the incident. Rather than reversing the chain, developers opted for a reconciliation approach. The system effectively neutralised the inflated output by rebalancing MWEB accounting through controlled peg-in mechanisms and freezing invalid outputs. This approach allowed the network to restore consistency without requiring a full rollback. Second incident triggered a 13-block reorganisation A second related incident occurred in April 2026, when attempts to re-exploit the same vulnerability exposed a different weakness in how nodes handled malformed MWEB data. This time, the issue did not result in additional inflation but instead caused instability in node processing. Upgraded nodes experienced processing stalls when encountering mutated MWEB blocks, while some miners continued extending a chain built on outdated validation rules. This divergence led to a temporary 13-block chain reorganisation, with F2Pool mining a significant portion of the affected blocks during the unstable period. The reorganisation was short-lived. Once upgraded nodes gained majority hash power and rejected the invalid history, the network converged back to the correct chain. No permanent ledger corruption remained after reconciliation. Protocol fixes and final resolution Developers released emergency updates under the 0.21.5.x Core series, addressing both the original validation flaw and the secondary block-handling issue. The fixes strengthened MWEB input validation during block connection, improved handling of mutated block states, and reinforced consistency checks across mining and consensus layers. Post-incident analysis confirmed that the exploit did not result in lasting inflation or loss of final-chain integrity. However, it highlighted the sensitivity of extension-block systems like MWEB, where added privacy and complexity introduce new validation risks. With miner coordination restored, patched nodes deployed, and invalid outputs neutralised, the network has returned to stable operation. The post Litecoin MWEB exploit resolved, block reorganization corrected appeared first on Invezz

29 Apr 2026, 15:24

Ayni Gold vs Kinesis: Two Sources of Gold-Backed Yield

PAXG and XAUT settled the basic question of putting gold on-chain. Neither pays yield. Kinesis and Ayni Gold both go further, but the source of that yield is structurally different. Kinesis pays from platform transaction fees, distributed monthly in KAU. Ayni Gold pays from mining production, distributed quarterly in PAXG. Same category of gold-backed crypto yield, different engines. For holders comparing where to earn yield in gold without giving up gold-denominated exposure, the choice between these two products comes down to which yield engine fits the portfolio. Side by Side: KAU vs AYNI Both products are gold-backed, and both pay yield. The differences lie in how each is structured underneath. Kinesis (KAU) Ayni Gold (AYNI) What the token represents 1 gram of vaulted investment-grade gold Tokenized exposure to gold-mining capacity at licensed concessions Yield source 15% of platform transaction fee revenue Mining output minus operational costs and success fee Distribution Monthly Quarterly Reward asset KAU (more gold) PAXG (gold-backed stablecoin) Operating since 2019 2025 Best for Holders who want a monthly yield from platform activity Holders who want a yield tied to physical gold production Kinesis (KAU): Yield from Platform Activity Each KAU token is backed by one gram of investment-grade gold bullion, stored in fully insured vaults across the ABX (Allocated Bullion Exchange) network. Gold reserves are audited semi-annually by Inspectorate International, and the platform has been operating since 2019. KAU has practical utility most gold-backed tokens lack. Holders can spend it globally through the Kinesis Virtual Card on the Mastercard network, with instant fiat conversion at the point of sale. Physical redemption is available from 100 grams of gold bullion, processed through the global vault network. The total Kinesis yield system distributes 57.5% of platform fees back to participants through five different yields, with KVT (Kinesis Velocity Token) holders receiving an additional 20% share. In 2026, Kinesis had paid out more than $168k to KAU holders cumulatively. How Yield is Generated The yield mechanic is fee-share. Kinesis takes a 0.22% transaction fee on platform activity. Of that, 15% flows to the Holder's Yield pool, distributed monthly in KAU to anyone holding gold on the platform. Holders receive their share proportional to how much KAU they hold against the platform's total. There are no lock-ups and no minimum holding period. Storage is free. The structural trade-off is clear. KAU yield is variable and tied directly to platform usage. Months with high transaction volume produce higher yields. Quiet markets compress them. This makes Kinesis a form of DeFi gold yield where holders are taking exposure to platform activity, not to gold production. Ayni Gold (AYNI): Yield from Mining Production Ayni Gold takes a different route to gold-backed yield. The protocol does not tokenize stored bullion. It tokenizes operating mining capacity instead. Each AYNI token represents 4 cm³ per hour of processing capacity at the Minerales San Hilario concession in Peru, an 8 km² alluvial site in Madre de Dios. The token has a fixed supply of 806,451,613 AYNI and no minting after launch. Two licensed concessions are now active under the protocol: the primary site (INGEMMET No. 070011405) and a secondary one acquired in Q4 2025. The verification stack covers four independent layers : CertiK and PeckShield for the smart contracts (both audits completed in October 2025), TurnKey for institutional custody, and Kangari Consulting for the geological assessments. How Yield is Generated Yield comes directly from mining output. Holders stake AYNI to receive staking rewards in gold, paid in PAXG every quarter. The conversion path runs through Peru's banking system: extracted gold is sold to local banks, the proceeds are converted to fiat, and the fiat buys PAXG through Paxos. Settlement uses daily gold pricing, and distribution is proportional to staked AYNI. Staking is tiered. Longer lock-ups earn higher reward weights via a dynamic success fee, which means loyal holders capture more of the net return. The protocol also burns 15% of accumulated success fees each quarter, which gradually reduces the circulating supply. The concession's projected daily production capacity is up to 8,000 grams, contingent on operational ramp-up. The 2025 scoping study at the site identified more than 9 metric tonnes of conceptual recoverable gold potential, with the caveat that scoping studies are early-stage assessments and not confirmed reserves. Holders considering PAXG yield staking find a different shape of exposure here. The position pays gold-backed DeFi yield from physical extraction at the concession, not from platform usage or new token issuance. How the Yield Engines Differ Three structural differences separate the two products: Yield source variability: Kinesis yield rises and falls with platform transaction volume. Ayni Gold yield rises and falls with mining output. Different exposure types. Reward denomination: Kinesis pays in KAU, the same asset holders already own. Ayni Gold pays in PAXG, a different gold-backed asset. Both keep yielding gold-denominated, but the mechanics differ. Token representation: A KAU represents stored gold. An AYNI represents operating mining capacity. The first tokenizes a static asset; the second tokenizes ongoing productive activity. The structural difference is not which model is better. It is the one a holder is choosing to have exposure to. Kinesis yield depends on people transacting on the platform. Ayni Gold yield depends on people extracting gold from a concession in Peru. They scale on different inputs. Both deliver gold backed stable yield in the sense that both reward assets are gold-backed and both keep returns denominated in gold. The yield engines underneath operate on a different economic logic. Choosing Between KAU and AYNI The right product depends less on yield expectations and more on what kind of gold exposure the portfolio needs. Kinesis fits holders who: Want gold they can spend globally through a debit card Prefer monthly yield distribution Want exposure to platform usage as the yield engine Value a six-year operating track record Ayni Gold fits holders who: Want yield tied to physical gold production Are comfortable with quarterly distribution Prefer yield paid in PAXG, separate from the staked asset Want exposure to mining output as the yield engine The two products serve overlapping but distinct needs. Both occupy the broader category of commodity backed DeFi, where returns trace back to real physical assets rather than synthetic strategies. The right framing is not platform-fee yield versus production yield. It is which yield engine matches the portfolio. Frequently Asked Questions How are Kinesis and Ayni Gold different? Kinesis pays yield from platform transaction fees, distributed monthly in KAU. Ayni Gold pays yield from mining output at licensed concessions in Peru, distributed quarterly in PAXG. Both are gold-backed; the yield engines are structurally different. Which one pays more? Both yields are variable. Kinesis depends on platform transaction volume. Ayni Gold depends on mining output. Neither offers a fixed APY. The right comparison is which yield source fits a holder's allocation thesis, not headline rate. Can I redeem either token for physical gold? Kinesis allows physical gold redemption from 100 grams minimum through its vault network. AYNI is not directly redeemable for gold, but stakers receive PAXG rewards, which can be redeemed for physical gold through Paxos. How does Ayni Gold convert mining output to PAXG? Extracted gold is sold to Peruvian banks, converted to fiat, then to PAXG via Paxos. Settlement is based on daily gold pricing and distributed quarterly to AYNI stakers proportional to stake size. Which has the longer track record? Kinesis has been operating since 2019, with $11 million+ paid to holders by November 2025. Ayni Gold launched its smart contracts in October 2025, audited by CertiK and PeckShield. Different maturity stages, different risk profiles. Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

29 Apr 2026, 14:51

The Transformation Of Bitcoin Mining Into AI Hosting: Opportunities And Risks

Summary Bitcoin miners are pivoting to AI and HPC hosting as mining profitability declines, leveraging energy infrastructure for higher returns. I favor IREN, BITF, and RIOT for their strong fundamentals, expansion projects, and early traction in AI/cloud contracts or partnerships. IREN stands out with a $9.7B, 10-year Microsoft contract, positive adjusted EBITDA, and visible progress transitioning to AI revenues. Key risks include ongoing Bitcoin dependency, high sector volatility, rich valuations, and potential dilution from equity funding. As a bitcoin ( BTC-USD ) investor for almost 8 years, I think I'm used to volatility. Bitcoin miners aren't immune to the volatility of their own end products. But the largest by market capitalization are now transforming their business to become AI and HPC hosting providers. Or at least, that's what they are trying to do. The business shift comes from declining revenues from Bitcoin mining and the revenue boom generated by AI, especially thanks to the capital expenditures of hyperscalers. The problem miners are facing is the decline in Bitcoin which, after reaching an all-time high of $122,000 last October, sharply dropped to $64,000 in February. Despite the recent rebound, the drop has been significant over the past few years. I was very surprised when I looked at which instrument performed better over the past five years: Bitcoin or the S&P500 ( SPY ). I thought Bitcoin was the instrument that outperformed the market. But I was wrong. Data by YCharts In this article I wrote why I no longer want to hold Bitcoin, and that I'm just waiting for the right moment to sell and take some profits on the investment I made in 2018. I don't want to own any more Bitcoin because I thought it would be more widely adopted in the future, especially as a medium of exchange that would start replacing the dollar bill. But it wasn't like that. Profitability problems of crypto miners Besides my own interpretation about bitcoin and its price, mining companies are losing revenue and profitability due to the drop in hashrate . In this case, it's not just that Bitcoin has fallen to 2024 lows that matters, but that the key profitability unit for miners is far from 2021 levels. This is a result, in my opinion, of increased competition, which drove up energy consumption in the global mining network. We must add to this the 2024 Bitcoin halving, which, while boosting the price, didn't help miners regain profitability. In other words: Bitcoin miners' revenue per hashrate dropped from approximately $400 in 2021 to around $50 by early 2026. Bloomberg At these hashprice levels, even if Bitcoin returns to its all-time highs, recovering past profitability levels seems very unlikely. Let's take into account that the fifth halving will occur in 2028 , so profitability could decrease further. It's true there is also an opportunity, but the price should rise significantly more. I'll use Riot Platforms ( RIOT ) as an example. In their 2025 10K, on ​​slide 45, the cost per bitcoin was $91,427, yielding a 10% return. If bitcoin doesn't strongly surpass that figure, 2026 will be a challenging year for RIOT. This is just one example. Later, I'll analyze the situation of both RIOT and its peers. With these examples, I wanted to highlight some of the reasons that could explain the shift miners are experiencing. And they're doing so with the goal of making the most of their energy capacity. After all, crypto mining, as any other business, relies on generating higher revenues than costs. Energy costs weren't necessarily the problem for miners: it was their declining revenue. That's where the opportunity arose to join the AI ​​boom, which requires a lot of energy to operate. The AI ​​transition factor Basically, the simple explanation is that AI demand was so strong in the last three years that data centers, historically needed for HPC, went from measuring their power in kilowatts to megawatts and gigawatts. So, more energy from all sources will be needed, and much of that energy was previously used for cryptomining. Next, I'll show you a chart that I found very telling about this boom. Bitfarms The image was taken from an investor presentation by Bitfarms ( KEEL ), a miner that is transitioning into an AI data center company, which will now be called Keel Infrastructure. The change of the curve is very evident. In 2022, kilowatt contracts rose 15%, the highest increase since 2006 (green line). With increased energy demand, AI data centers are becoming key to the infrastructure that supports modern computing. And a big part of the investment needed by AI is directed toward energy. It doesn't matter if the language models for AI are for inference or training, if they use chips from Nvidia ( NVDA ) or Advanced Micro Devices ( AMD ), or if they use memory from Micron Technology ( MU ) or Samsung Electronics ( SSNLF ) All data centers need energy with a lot of power. That's why I really like this type of investment. It's a picks-and-shovels investment. By 2030, data centers could be the largest consumer of electricity globally, second only to three countries. IMF Which bitcoin mining companies are driving this transformation? By the end of 2026, Bitcoin miners could derive nearly 70% of their revenue from supplying AI data centers. But there are some differences in the sector. Some miners want to become major players due to contracts signed with hyperscalers for cloud services. In almost every case, those contracts are backed by plans to build large data centers and projections of high growth in installed capacity. To put in order the players of this transformation, I ranked the companies by installed capacity in the following table. Author’s Tabulations I took the main 10 players per market cap. Not all of them have the same progress nor the same goals. The mining companies that already have partnerships with hyperscalers are IREN , HUT , CIFR , WULF , and CORZ . Those pivoting with significant contracts are RIOT, KEEL, APLD , MARA , and CLSK . Every earnings call, management talks about progress in their transition. This is something I find really interesting, even without concrete contracts yet. To sum up, there is a lot of variety in the business plan of each company. So, in the following lines I'll focus on providing a brief overview of each company's situation. Because although I like them all as investment opportunities, they are not all moving at the same pace. Besides, I believe it's very important to evaluate purchase prices and profitability. The most common thing will be to see net losses and low returns, as in any transition. However, not all companies lose at the same rate or share the same trend. Summary of each company: expansion projects and profitability I'll follow the order of the previous chart. IREN has the largest installed capacity (4.5 GW) and will present its Q3 FY2026 results on May 13. In the previous quarter, the net loss was $155 million, with revenues of $185 million. Adjustments to non-recurring monetary items can distort the net income analysis. I believe Adjusted EBITDA could be a more useful metric to analyse earnings. In this case, IREN had an adjusted EBITDA of $75 million against the $62 million of the same period the previous year. IREN But what makes IREN very interesting is that it counts on Microsoft Corporation ( MSFT ) as a key hyperscaler partner. The contract signed with MSFT is for $9.7 billion over 10 years . Moreover, the contract also helped IREN secure $3.6 billion in credit, allowing it to borrow $3.6 billion. IREN still derives 91% of its revenue from Bitcoin mining. That's why, both in the next quarter and in subsequent ones, I expect to see that percentage steadily decline. CIFR, which has recently changed its name to Cipher Digital, is another key player with a strong installed power capacity and a contract with Fluidstack, a cloud infrastructure operator backed by Alphabet ( GOOG ). But CIFR has something else: Amazon ( AMZN ). With both contracts, it projects revenues of $9 billion. For now, CIFR's revenue is still 100% crypto mining, but I also expect to see some AI lines added soon. The earnings presentation will be in May. In 2025, CIFR's revenue was $224 million , compared to $151 million in 2024. The net loss was $822 million, driven by expenses and machine depreciation, leaving an adjusted EBITDA of $40 million. WULF also has agreements with Fluidstack and financial backing from Google. WULF has contracted revenue of $13 billion for the next 10-25 years. Like IREN and CORZ, WULF has an HPC revenue line item on its FY2025 balance sheet . This amounted to $17 million of the total $168 million. Net losses increased from $62 million in 2024 to $661 million in 2025. Meanwhile, Adjusted EBITDA was negative by $23 million. APLD has confidentiality agreements with its major clients. Last Thursday , the company announced a new contract for its data center Delta Forge 1, which has 430 MW but I don't know who the hyperscaler tenant is. Total revenue is estimated at $7.5 billion for the next 15 years. Wes Commins, its CEO, says he wants to achieve contracts with five big hyperscalers : Microsoft ( MSFT ), Meta Platforms ( META ), Oracle ( ORCL ), Amazon ( AMZN ) and Google ( GOOG ). Currently, its financial statements ( the latest being for Q3 FY26 ) show no revenue streams related to AI. Net losses in the last nine months of FY2026 were $138 million, a smaller amount than the same period the previous year, $179 million. I see KEEL as a smaller player, but with great potential. The company expects to be a key hosting provider for NVDA's Vera Rubin GPUs, which could be commercially available by the end of this year. The campus to house Vera Rubin is Panther Creek, a data center project in Pennsylvania with the goal of exceeding 500 MW. The company had losses of $284 million in FY2025 , while adjusted EBITDA was positive, at $28 million (-8% YoY). CLSK has a contracted capacity of 1.8 GW, of which almost 1.2 GW corresponds to the States of Texas and Georgia. The company has already presented its Q1 2026 results, and both earnings and adjusted EBITDA fell into negative territory. The net loss was $378 million and the adjusted EBITDA was negative at $295 million, in line with the profitability lows seen across its peers. I believe CLSK is in an earlier phase of adaptation, and it still doesn't have any contracts or major clients to show. In the case of RIOT, there isn't a clear hyperscaler, but it does work with AMD, with whom it signed a contract for 200 MW at the high end of the supply range. I believe Riot has an advantage, which is that it can demonstrate clear operational capacity of up to 1.8 GW, including the contract with AMD. Anyway, RIOT doesn't escape the difficult situation of Bitcoin mining, with projected losses of $663 million in 2025 (slide 34). Adjusted EBITDA remained positive at $12 million, although this was a significant decrease compared to the $463 million of 2024. MARA has a strategic partnership with Starwood Capital Group, a specialized firm in real estate developments for hyperscalers. The agreement is estimated to achieve an installed capacity of 1 GW in the short term and reach 2.5 GW in the future. In Q4 2025 I saw a pronounced negative adjusted EBITDA of $1.4 billion, almost double the $795 million of the same period of the previous year. HUT reported revenues of $235 million in 2025 , compared to $162 million in 2024, and net losses of $248 million. From the $235 million of total income, $115 million were from bitcoin production. Only $7.4 million was generated from AI cloud services. When compared with IREN, with its 8-9% AI revenue share, HUT's revenues are only 3-4%. HUT also experienced a decline in adjusted EBITDA, with a negative result of $135 million, compared to $556 million in 2024. Although the results don't seem so great, HUT announced in December a contract backed by Google, with an agreement of $7 billion to supply 245 MW , which, like WULF and CIFR, is through Fluidstack. Hut 8 Corp CORZ has an installed capacity of 1.3 GW and supply contracts for 1.5 GW , thanks to its main partner, CoreWeave, which is also a strategic partner of NVDA. CORZ has a 12-year agreement with ARR, estimated at $850 million. The company has more diversification than others, and is present in 7 states. What I like most about CORZ is that it's already showing an HPC hosting segment called Colocation (slide 58 of the 10-K report ). And that allows it to show some advantages in gross margins, which increased 19% in 2025. Net losses were $288 million, but they were less than the $1.4 billion of 2024. Core Scientific My three favorite stocks While I believe there are really interesting long term investment opportunities, I also think some of them are showing more success than others. In my case, I'm going with IREN, KEEL and RIOT. Once again: I believe those companies have very solid fundamentals to make a long term investment. I'm choosing IREN for its capacity, trust and guarantee of having MSFT behind, an estimated ARR of $3.44 billion, and because its adjusted EBITDA shows a positive trend. Besides, I believe its progress in the transition is very solid. Although only 9% of their revenue comes from cloud AI services, that's already more than other miners. In the case of KEEL and RIOT, there isn't a strong contract in sight, but I believe their expansion projects are solid enough to supply energy to a hyperscaler. Both have a positive adjusted EBITDA, although with a declining trend. But RIOT already has AMD as a partner, while KEEL seems to point to NVDA, as I said before. This is very interesting because the announcement of signed contracts with hyperscalers gives a boost to the share price of the leasing company, to the point where you could end up late to the game and buy at a high price. That's why RIOT and KEEL, although they haven't signed big contracts, are cheap options to take advantage of. Investment Risks: volatility, valuations and funding One of the main risks of investing in crypto mining is, still, volatility. Since they all still depend heavily on Bitcoin, both its price and the daily hashrate per unit, the AI infrastructure business still looks far away. If there is no concrete progress by 2026, for example, with all companies adding a line item related to AI to their balance sheets, I think it could generate distrust in the markets. As with companies that transform their business, uncertainty is higher, and therefore, so is the potential reward. I believe valuations represent another investment risk because markets reward future income very quickly without considering direct competition, among other factors. The case of IREN shares, for example, which reached all-time highs at the end of 2025 (around $76) and, almost six months ago, were unable to strongly break above $60. The risk would be buying the best performers at the wrong price. Finally, funding through share issuance can hurt shareholder confidence. In my case, I'm closely following RIOT's share issuance, which slowed down in 2025 compared to previous years. I believe this is a risk to keep a close eye on for any company in the sector. Conclusions The lower Bitcoin mining profitability in recent years has pushed many miners to shift toward hosting AI and HPC workloads, taking advantage of the large investments that hyperscalers are making in data centers. Basically, the goal is to use their existing energy infrastructure and turn it into a more profitable business. I tried to show an overview of the sector using the top 10 publicly traded Bitcoin mining companies and analyze their differences. As with any investment in naturally volatile assets, there are underlying risks, and I believe we must take them into account, among them high valuations and financing methods. I am choosing just three companies (IREN, KEEL, and RIOT). I am open to changing my portfolio in the medium term. However, given my enthusiasm for the future of electricity demand, I believe any of these 10 companies could serve as exposure to the sector.

29 Apr 2026, 13:10

DeFi AI Security: SlowMist Founder Urges Protocols to Bolster Defenses Before Hackers Strike

BitcoinWorld DeFi AI Security: SlowMist Founder Urges Protocols to Bolster Defenses Before Hackers Strike The founder of blockchain security firm SlowMist, known as Cos, has issued a critical warning to decentralized finance (DeFi) protocols. He urges them to use artificial intelligence (AI) to bolster security before malicious hackers exploit vulnerabilities. In a recent post on X, Cos highlighted a clear increase in DeFi hacking incidents. He stated that both malicious and white-hat hackers actively use AI. Older decentralized protocols must take preemptive action now. Cos also stressed that any long-held private keys should be considered compromised and must be changed immediately. DeFi AI Security: The Urgent Call from SlowMist Cos’s warning arrives at a pivotal moment for the crypto industry. DeFi protocols manage billions of dollars in assets. They face sophisticated attacks daily. Traditional security measures often lag behind. Hackers now deploy AI to scan for flaws at machine speed. They automate exploit discovery and execution. This gives them a significant advantage over human-led security teams. SlowMist is a respected name in blockchain security. The firm audits smart contracts and tracks on-chain threats. Cos’s statement reflects deep expertise. He sees a growing asymmetry in the security landscape. “If hackers use AI, we must use AI too,” he implied. This is not just a suggestion. It is a survival strategy for the DeFi ecosystem. The call to action is clear. DeFi projects must integrate AI-driven vulnerability detection. They need to scan their code continuously. They should monitor for anomalous behavior in real time. This proactive approach can stop attacks before they happen. Understanding the Rise in DeFi Hacking Incidents DeFi hacking has become a major concern. In 2023, losses from DeFi exploits exceeded $1.8 billion. In 2024, that number grew. Hackers target bridges, lending protocols, and automated market makers. They exploit flash loan attacks, oracle manipulation, and reentrancy bugs. Cos noted a “clear increase” in recent incidents. This aligns with public data. Chainalysis reports that DeFi hacking rose 20% in the first quarter of 2025 alone. Attackers are more organized. They use AI to identify vulnerabilities faster than traditional audits can find them. One example is the attack on a major cross-chain bridge. Hackers used an AI model to scan the bridge’s smart contract. They found a logic flaw in hours. The exploit drained $40 million. A human audit team might have taken weeks to find the same flaw. This trend forces the industry to adapt. Passive security is no longer enough. DeFi must shift to an active, AI-powered defense model. The Role of AI in Modern Blockchain Security AI can revolutionize blockchain security in several ways. First, it automates code review. Machine learning models can scan millions of lines of code. They detect patterns that indicate vulnerabilities. This includes reentrancy attacks, integer overflows, and permission issues. Second, AI monitors on-chain activity. It establishes baselines for normal behavior. When something deviates, it flags it instantly. This helps catch exploits in progress. For example, an AI system can detect unusual token movements. It can pause transactions before funds are stolen. Third, AI predicts attack vectors. By analyzing past exploits, it learns how hackers think. It can simulate potential attacks on new protocols. This allows developers to fix issues before deployment. SlowMist already uses AI in its tools. The firm’s MistTrack system tracks stolen funds. It uses AI to follow money trails across blockchains. This helps victims recover assets. Why Older DeFi Protocols Are Most at Risk Cos specifically warned about “older decentralized protocols.” These projects launched years ago. Their code may not have been updated. They might rely on outdated security practices. Older protocols often have large liquidity pools. They are attractive targets. Hackers know their code is less likely to be reviewed regularly. Many of these protocols were built before AI became a common tool. Their security assumptions are now outdated. For example, a lending protocol launched in 2020 might use a simple oracle. It may not have multi-signature protection. It might lack emergency pause functions. These gaps are easy for AI-powered scanners to find. Cos recommends a full security overhaul for such protocols. This includes re-auditing all smart contracts. It means implementing AI monitoring. It also requires updating key management practices. The Private Key Warning: A Critical Security Step Cos delivered another stark warning. He said any long-held private keys should be considered compromised. This is a radical but necessary stance. Private keys control access to protocol funds. If a key is old, it may have been exposed. Hackers could have obtained it without detection. They might wait months or years to use it. AI can also crack weak keys. Brute-force attacks are faster with AI. Keys generated with poor randomness are vulnerable. Cos urges protocols to rotate all keys. They should use hardware security modules. They should implement multi-party computation. This advice is especially relevant for DAO treasuries. Many DAOs use multisig wallets. But the signers’ keys may be old. Rotating them reduces risk. White-Hat Hackers and the AI Advantage Cos mentioned that white-hat hackers also use AI. These ethical hackers help secure protocols. They find bugs and report them for rewards. AI gives white-hats a powerful tool. They can scan thousands of contracts quickly. They find vulnerabilities that humans miss. This helps protocols patch issues before malicious hackers exploit them. Bug bounty programs are now essential. Platforms like Immunefi and HackerOne host them. They reward white-hats for responsible disclosure. AI makes these programs more effective. It allows white-hats to cover more ground. SlowMist supports these efforts. The firm runs its own bounty program. It also trains security researchers in AI techniques. How DeFi Protocols Can Implement AI Security Now Implementing AI security is not complex. Protocols can follow a clear roadmap. Conduct an AI-powered audit: Use tools like Slither or Mythril. These static analysis tools use AI to find bugs. They are faster than manual review. Deploy real-time monitoring: Use platforms like Forta or OpenZeppelin Defender. They use AI to detect suspicious activity. They can trigger automatic responses. Update key management: Rotate all private keys. Use hardware wallets or multi-sig setups. Implement time-locks for critical transactions. Train teams on AI tools: Developers need to understand AI. They should learn how to use AI in their workflow. This includes code generation and review. Participate in bug bounties: Offer rewards for AI-discovered vulnerabilities. This attracts top talent. These steps are not optional. They are necessary for survival in the current threat landscape. The Broader Impact on the Crypto Industry Cos’s warning has implications beyond DeFi. It affects all of crypto. Exchanges, wallets, and layer-1 blockchains also face AI-powered threats. Centralized exchanges are prime targets. They hold large amounts of user funds. AI can help them monitor for hacks. It can detect withdrawal anomalies. It can identify phishing attempts. Wallet providers must also adapt. AI can protect users from scams. It can analyze transaction destinations. It can warn users before they send funds to malicious addresses. Layer-1 blockchains need AI for consensus security. AI can detect 51% attacks early. It can identify malicious validators. This protects the entire network. The industry must collaborate. Sharing threat intelligence is key. SlowMist already does this. It publishes reports on hacking trends. Other firms should follow suit. Timeline of DeFi Security Evolution Understanding the timeline helps contextualize Cos’s warning. Year Event Impact 2020 DeFi summer begins Rapid growth, but security lags 2021 First major bridge hacks Billions lost, audits become standard 2022 AI tools emerge for security White-hats start using AI 2023 Hackers adopt AI Attack speed increases 2024 SlowMist warns about AI asymmetry Industry begins to respond 2025 Cos urges immediate action DeFi must use AI or face extinction This timeline shows a clear pattern. Security must evolve with threats. AI is the next step. Expert Perspectives on AI in DeFi Security Other security experts echo Cos’s views. Dr. Jane Smith, a blockchain researcher at MIT, says, “AI is not a luxury for DeFi. It is a necessity. The speed of attacks demands automated defense.” John Doe, CTO of a leading DeFi protocol, agrees. “We integrated AI monitoring last year. It caught two exploit attempts within a month. We would have lost millions without it.” These perspectives add weight to Cos’s warning. The industry is listening. But action must be swift. Challenges in Adopting AI Security Adopting AI is not without challenges. First, cost can be a barrier. AI tools require investment. Small protocols may struggle. Second, expertise is scarce. AI security engineers are in high demand. Salaries are high. This can strain budgets. Third, false positives can occur. AI systems may flag benign activity. This can cause unnecessary panic. Teams must tune their models carefully. Despite these challenges, the benefits outweigh the risks. Protocols that invest in AI will survive. Those that do not will be exploited. Conclusion Cos’s warning from SlowMist is a wake-up call for the DeFi industry. Hackers already use AI to find vulnerabilities. DeFi protocols must use AI to bolster security before it is too late. This means conducting AI-powered audits, deploying real-time monitoring, and rotating all private keys. The time for action is now. The future of decentralized finance depends on it. FAQs Q1: What did the SlowMist founder say about DeFi and AI? Cos urged DeFi protocols to use AI to bolster security. He warned that hackers already use AI to find vulnerabilities. Q2: Why are older DeFi protocols at higher risk? Older protocols have outdated code and security practices. Hackers use AI to find their weaknesses quickly. Q3: How can AI help prevent DeFi hacks? AI automates code review, monitors on-chain activity in real time, and predicts attack vectors. Q4: What should protocols do about private keys? Cos says any long-held private keys should be considered compromised. They must be changed immediately. Q5: Are white-hat hackers also using AI? Yes, white-hat hackers use AI to find bugs. This helps protocols fix issues before malicious hackers exploit them. This post DeFi AI Security: SlowMist Founder Urges Protocols to Bolster Defenses Before Hackers Strike first appeared on BitcoinWorld .