Subscribe to Bankless or sign in
gm Bankless Nation,
The web's technical underpinnings are facing some scary existential threats. In today's essay, David breaks down what this means for the future of human-secured software.
Thanks for being a Premium subscriber,
luma 🫡
Sponsor: MegaETH — Crypto has new apps, finally.
Two recent events have struck fear in the heart of software builders: Google's Quantum research paper and Anthropic’s Mythos model.
These two breakthroughs operate along separate paths – one quantum and one AI – but both have massive implications for software security and are being treated with incredible levels of caution by the respective organizations.
- Anthropic’s Mythos model is being kept behind closed doors, initially only accessible to large-scale software companies who are using Mythos to patch vulnerable applications before broader society gets access to comparably powerful models.
- Google’s paper showcased a breakthrough in the use of Shor's algorithm which quantum computers will rely on to break ECDSA cryptography. Similar to Anthropic's careful treatment of the Mythos rollout, Google is not releasing the actual software breakthrough and simply provided a ZK proof that showcases the legitimacy of their findings.
Two powerful pieces of software are being kept behind closed doors due to security concerns. Clearly, we are passing some significant milestone when it comes to software security.
Famous security hacker George Hotz tweeted out the contrarian take that the hype around Anthropic’s Mythos is overstated, and that finding 0-day bugs in software is easier than it seems but that doing the work to go searching for them isn’t incentivized. No rewards, no incentives = no outcome.
My pushback here is that with sufficiently commoditized abilities, it will become more and more trivial to find exploits. And once it becomes cheap enough, pranksters will just do it for fun, though more malicious actors will likely have taken aim at the easy targets before them. Provide the tools to make it easy, and it will happen anyway.
So here we are in 2026 – we have parallel software breakthroughs coming online which have the potential to materially undermine the entire internet. The global nature of the threat is hard to understand. Software as an industry, as a concept, will never be the same. Human-made software is full of holes, and up until now the only people able to exploit those vulnerabilities were other humans.
Software, broadly, is full of holes, and over the next few years the cost of exploiting them will approach zero.
The entire internet will need to be rebuilt.
This is also the scenario that Haseeb presented on the Weekly Rollup episode I recorded with him this week – Ethereum’s multi-client architecture is likely going to:
- Somewhat buffer
Ethereum from these vulnerabilities - Be made redundant by a single new client that is built by AI, is totally rock-solid in terms of security, and is formally verified
He predicts (using 
Justin Drake as a source) that Ethereum’s multi-client architecture is going to be replaced by a single, super client that is incredibly hardened because it has been built by the tools, and in the context of, the modern age.
This is a pretty neat opportunity, and fits well with the fact that the rest of Ethereum is also going to be completely rebuilt with Lean Ethereum.
Ethereum is just one example here – and it’s the example that we’re familiar with.
All software is going to go through this transition. All of it. The entire internet. Everything.
If something on the web is valuable… if people use it… it’s going to be rewritten using AI to have all the holes removed.
This is not dissimilar from the broad transition all cars are making toward autonomy, something that will certainly result in far fewer accidents. The outcomes of this massive transition will be good for everyone on the road. Similarly, a rebuilt internet will be safer for everyone, everywhere.
But this transition period of the web moving from being built-by-humans to built-by-AI is going to be a doozy.
There is going to be a period of rebuilding everything, which may (or may not!) come alongside a period where a lot of shit breaks. If the attackers are remotely close behind the defenders in this saga, we’ll likely see some fireworks along the way.
So, tip of the hat to Anthropic, because their actions are giving an advantage to the defenders. This is what responsible deployment of AI looks like – the good guys need to get it first.
It’s also worth highlighting that GPU export controls are working. US companies are getting these tools before Chinese ones come and leverage the exploits they would need to grab secrets and learn invaluable information. The dividends from the 2022 CHIPS Act are paying off (Nice job, Biden).
The good guys are winning – for now.
There is certainly going to be some turmoil as the web makes it over this hurdle – not all software will make it through this moment for a variety of reasons, including the fact that some software simply isn’t maintained anymore.
And in the blockchain context, some smart contracts are locked in place because of burned private keys or other issues – God forbid there’s a vulnerability in the WETH contract. I’m assuming there’s not, but such a thought experiment should illustrate the challenges we could have up ahead.
There's never a dull day on the internet. More fun ahead!
We're past "in it for the tech" or "in it for the money." 
MegaETH is bringing you products worth using, powered by USDM.
📈 The Asset
- Staked ETH is now at +38.84M (~32% of the total supply)
- Bitmine bought its latest tranche of 71k ETH
- ETH txs cost $0.002 currently
🏛️ The Protocol
- The EF sold 5k ETH to continue funding R&D and beyond
- Ethereal News runs down latest ERCs
- Toni Wahrstätter unveiled txdelay, a site for tracking average Ethereum inclusion times, and proposed Block in Blobs (BiB), a method for encoding tx data into blobs
- Biconomy, in collab with the EF’s Improve UX track, introduced ERC-8211 “Smart Batching”
- Paradigm introduced its next-gen Reth 2.0 execution client
📱 The Apps
- Ethena is considering four new collateral types for USDe’s backing
- The ECF is working on a zero-fee onchain lending platform
- Glider added support for Arbitrum
- Lido activated Fast Swaps via CoW Swap
- MetaMask enabled tokenized stock trading and rolled out Advanced Permissions
- Polygon debuted onchain FX markets via Curve, DFB, and Frax
- Polymarket is migrating from USDC.e to Polymarket USD
🐸 The Culture
- fishbiscuit shipped an Ethereum Events Globe website
💽 The Tech
- Base notched 10k transactions in a single block
- Polygon kicked off its Giugliano Upgrade and added support for ERC-7715
- Base Account added support for some Monad, Unichain, and ZKsync assets
- Linea migrated to Small Fields, making its proving system considerably more streamlined
Markets are rallying on a fragile Iran ceasefire, but the real risks may be getting closer.
David and Haseeb break down Anthropic’s secretive new AI model and why it could expose vulnerabilities across crypto, from smart contracts to core blockchain infrastructure, plus the growing divide around “Q-Day” and how urgent the quantum threat really is.
Tune into this week’s Rollup! 👇
