As AI simultaneously enhances both defense and attack efficiency, crypto wallets are facing a more complex security environment. Ledger’s newly disclosed roadmap focuses on two key priorities: using AI to proactively identify risks, while keeping final authorization firmly in users’ hands rather than delegating it to automated agents.
AI attacks amplify wallet risks
The article points out that AI has made it easier to scale phishing, impersonating customer support, malware, and social engineering scams. For cryptocurrency users, these risks are particularly sensitive because on-chain transactions typically cannot be reversed once signed and broadcast.
In addition to common scams, AI may be used to automatically scan smart contract vulnerabilities, detect weaknesses in exchange APIs, or generate malicious programs that search for seed phrases, wallet files, and browser extensions. The article also notes that if users delegate short-term profit goals to AI agents, these agents might allocate funds to high-leverage trades or high-risk tokens.
Tools to be rolled out in phases in 2026
Ledger’s approach is not to have AI take over custody and signing, but rather to have AI assist in decision-making. The company states that in the future, the division of labor between humans and AI should be: AI handles intermediate processes, while humans verify and confirm at critical junctures.
According to its disclosed timeline, Ledger plans to roll out security tools for AI agents in phases throughout 2026, including Skills, Agent Identity, and Ledger CLI in Q2; Agent Intents and Policies in Q3; and Proof of Human in Q4.
The currently available Device Management Kit allows agents to invoke Ledger hardware with human approval. The article notes that MoonPay’s AI agent wallet has been integrated into Ledger’s signing process, requiring users to physically confirm each transaction on the device, while private keys remain securely stored within the hardware.
Hardware signing retains ultimate control.
In Ledger’s design, AI can suggest actions, but cannot perform the final signature. Users must review transaction details on a trusted display and confirm them using physical buttons. This approach fundamentally separates the authorization process from potentially compromised computers or smartphones.
Ledger wallets store keys using a Secure Element chip, and signing occurs entirely within the chip. External devices can only send unsigned transaction data and never directly access private keys. Even if the host device is compromised by malware, attackers cannot easily extract the keys.
AI is used to explain trades and alerts.
Ledger positions AI as a tool for risk identification and transaction interpretation, not as a substitute for user decision-making. The article states that AI can transform complex on-chain data into easier-to-understand alerts, helping users see exactly what actions they are authorizing.
For example, the system can identify phishing websites, known malicious addresses, or suspicious dApp behavior before transaction confirmation, and can perform real-time risk analysis by combining transaction patterns, target wallets, and account behavior to flag unusual logins, atypical transfers, or actions that significantly deviate from the user’s normal habits.
Ledger also mentioned its Clear Signing solution. Instead of displaying only a string of hash values, the device now clearly presents the transaction intent and key details to users, making it easier for them to identify high-risk actions, such as unlimited approvals, before signing.