OKX SG CEO Gracie Lin says AI agents cannot function on legacy web infrastructure due to CAPTCHAs and slow bank rails. She advocates blockchain rails with built-in security and accountability.
Every time an autonomous AI agent tries to complete a purchase or execute a trade, it runs into a wall designed decades ago for humans. CAPTCHAs, one-time codes, and redirect pages – built to block automated abuse – instantly become operational blockers when the actor is a program, not a person.
This structural mismatch is now a pressing risk for the emerging machine economy. Gracie Lin, CEO of OKX SG, told AlphaScala that the collision between legacy web infrastructure and autonomous agents is a critical turning point for digital payments, security, and accountability.
When an AI agent attempts to compare liquidity across exchanges or pay an API call, the old web assumes the user is human. Behavioral biometrics mistake the agent's structured programmatic interactions for malicious hacking. Multi-factor authentication loops break automation by demanding a human-in-the-loop to input a text code. Web application firewalls flag high-velocity price comparisons as distributed denial-of-service (DDoS) attacks.
Lin explains the core problem succinctly.
The issue becomes acute at scale. An AI agent that needs to execute hundreds of sub-cent micropayments across different APIs to complete a single complex task cannot use traditional settlement rails. “For an AI agent making hundreds of micro-payments across different services to complete a single task, the traditional system simply doesn’t work at that speed or scale,” Lin says. Legacy banking infrastructure expects a person at every critical step, with settlement times measured in days.
Blockchain networks offer programmatic, instant, and borderless settlement. They do not require a human to authorize each micro-transaction, making them the native infrastructure for the machine economy. The risk for developers and platforms is that without upgrading to these rails, AI agents will remain stalled at checkout.
As autonomous agents scale, they introduce severe technical risks. Indirect prompt injection – where malicious text hidden on a website hijacks an agent's programming – can steal assets or trigger unauthorized trades.
Lin is blunt about the unresolved dilemma. “If an AI makes a disastrous purchase or gets hacked, who is responsible?” She admits the law is still catching up. “For any player in this space, it’s important to bake accountability into AI tools from day one.”
Lin argues that accountability must be hardcoded. She outlines three core pillars:
“The technology to do all of this exists today on crypto rails,” Lin reveals. “The question is whether the people building these tools prioritize it.”
Global regulators are scrambling to draft legal definitions for AI agent liability. Lin is upfront that she is not a legal expert, pointing to a structural reality: the law is trailing the technology. Until frameworks are finalized, users are left exposed.
The practical risk for exchanges, wallet providers, and payment protocols is that without built-in accountability, a single high-profile agent hack could trigger a crisis of confidence – withdrawals, lawsuits, and tighter scrutiny. The market read is that platforms that implement permissioned access and sandboxing now will reduce their liability exposure later.
A second-order risk is who controls the agent layer. Lin warns that proprietary, closed-loop agent systems risk creating corporate gatekeepers that monopolize user data and restrict merchant access.
“There’s a real version of this future where a few platforms control the agent layer and by extension how AI spends your money,” she says. “It should be open, and at OKX we are trying to set a good example.”
OKX has shipped two tools to counter this. The OKX agent trade kit is fully open-source under an MIT license, with its code publicly auditable on GitHub. The Agent Payments Protocol establishes an open standard that any chain or developer can implement.
Lin sees a narrow window to lock in openness. “If the payment rails and protocols are built as open standards now, while the architecture is still being decided, the competitive landscape stays open for everyone. The window to get this right is now.”
Developers and investors should watch which payment protocols gain adoption among AI agent frameworks. If proprietary solutions dominate, the crypto-native infrastructure could be sidelined.
For broader context on how crypto payment rails are being shaped by regulation, see our coverage of Trump Orders Review of Barriers to Crypto Payment Rails and the crypto market analysis.
The risk event here is not a single hack or outage. It is the structural mismatch between autonomous agents and legacy rails, combined with unresolved security and liability frameworks. The catalysts that would confirm the thesis are:
Factors that would reduce the risk:
Factors that would make it worse:
The practical takeaway is that the infrastructure decisions made in the next 12 months will determine whether AI agents operate on open, auditable rails or behind corporate walled gardens. For those building or investing in the machine economy, the choice of payment layer is a risk management decision, not just a technical one.
Prepared with AlphaScala research tooling and grounded in primary market data: live prices, fundamentals, SEC filings, hedge-fund holdings, and insider activity. Each story is checked against AlphaScala publishing rules before release. Educational coverage, not personalized advice.