Spaceman

Smart Stables - The next stablecoin primitive Wrap existing stablecoins and create new app and use specific smart stablecoins linked to key metrics and events in your app while accessing DeFi yield on the underlying stablecoin 🧵

Agentic payments are a pricing model innovation for SaaS We've started doing simulations on how agents behave as multiple parties change pricing over time. Retention is soo different for agents vs humans

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

We've been thinking about AI agent payments wrong You don't need to trust them with money. Or audit every transaction Just program the money itself Token-level rules are like physics. An agent can't violate them for the same reason a ball can't fall upward

Congrats on the release! Looking fwd to giving this a spin I remember some of the stuff you did with ithaca and wallet ux with passkeys was pretty cool too, how much of those learnings did you take into tempo's native features? What is your go to auth provider/method when starting a new project on tempo?

We just launched Tempo Mainnet & the Machine Payments Protocol. Last 5 years our team also created: - Reth: high performance node SDK for Ethereum L1 & L2s. - Foundry: testing framework used to deploy/test >$100B in DeFi. - Wagmi/Viem: Typescript for all crypto web apps. AMA.

Gotta give huge credit to @tempo on how well they've designed batch txns, gas sponsorship natively at the chain lvl and a great block explorer Surely raised the industry's dev UX bar

We’re Based Labs. We build programmable stablecoin infrastructure. Stablecoins with rules. Spend controls, compliance logic, agentic payments, treasury automation. We’re turning stablecoins into application-aware financial infra for payments, treasury, and agentic commerce.

@jinglingcookies Wallets are also only programmable up to a point. Agents creating stablecoin with rules baked into them will do things beyond programmable cards and wallets Wallets are mainly for the vendor lock-in you get as you scale

This year has so much tech to look fwd to

📢 Solidity JSON Writer v2 1/ A complete overhaul of the only on-chain, gas-efficient JSON builder library for smart contracts Wanting on-chain metadata (NFTs, agents, etc.) or need structured JSON in Solidity? Read on. 👇

Apptokens are obvious once you understand all tokens are programs and not currencies Programs can also be currencies but they can be much much more

So bullish on Apptokens I'm literally having a panic attack

What wants to happen here, as this expression of consciousness, in this moment?

ERC20 was never designed for agentic commerce x402 should be designed to support tokens having custom rules. Agent to agent commerce should have tokens designed for agent to agent commerce, not ERC20!

Having some AI follow you into your zoom meetings or google meet for taking notes is the digital equivalent of showing up to a meeting with your fly down

As funny as it sounds, this is what ads for deep research promote in LLMs which take mins would look like Brainrot appetizers before Slop as the main course

@gabrielleydon Yep. It'll take one economy getting wrapped before others realise agents need controlled composability Wild seeing how web2 builders think web3 infra works compared to how it actually works

Apptokens solve all of it.

@Darviridis @benhoneill Yes. Can have hooks and you can add custom logic based on conditions inside them and provide alternate execution paths

@Spaceman6766 @benhoneill Will I be able to add a tokenFallback function?

Every thread I read on "agentic payments" seems to lack imagination. They talk about paying contractors or doing things humans do online today, but not what new surface areas appear when you remove humans from the loop entirely. Its like pitching the iPhone app store, but only building for messaging, music, and contracts. You miss the fact that when everyone has a connected GPS device on their phone you can build Uber. Agent-to-agent and machine to machine payments will unlock an economy entirely different than what we have today and we should be for that, not just an automation of existing payments infrastructure.

5 years ago: "Onchain infra is ready, just build games!" Reality: Broken economies. Devs had to build the tech themselves Today: "Onchain infra is ready for AI agents!" History repeats. Agent builders will learn they'll need a lot of custom infra

@Darviridis @benhoneill Depends on how you configure the token rules. They are modular. Looking fwd to show it thru action when we ship it 🫡

@Spaceman6766 @benhoneill It looks like your new tokens are as insecure as ERC-20 due to their backward compatibility