Kraken, OKX, AI Agents, and the Infrastructure War Nobody Is Covering
March 2-8 2026: A week that moved fast and got buried by the bear market.
It was a quiet week for crypto prices and a loud one for the people building underneath them. Kraken became the first crypto firm to plug directly into the Federal Reserve’s payment rails. NYSE’s parent company took a board seat at OKX and put tokenized stocks on the roadmap. ENS dropped a new standard for AI agent identity on-chain, and almost nobody noticed. DeFi’s code theft problem resurfaced, again, with Curve publicly calling out PancakeSwap and ending it, again, with a handshake.
Here are the four narratives that actually mattered this week.
1/ Kraken Gets A First for Crypto Fed Master Account
On March 4, Kraken Financial received approval for a Federal Reserve master account through its Wyoming-chartered banking arm, making it the first crypto-native institution to secure direct access to the Fed's core payment rails. That means Kraken can now move US dollars directly through systems like Fedwire, without routing through an intermediary bank.
The application was filed in October 2020. It took over five years. The account grants direct entry into Fedwire, a real-time gross settlement network that processes trillions of dollars in transfers each day. Until now, every dollar Kraken moved went through a partner bank first.
Kraken co-CEO Arjun Sethi said: “This milestone marks the convergence of crypto infrastructure and sovereign financial rails. With a Federal Reserve master account, we can operate not as a peripheral participant in the U.S. banking system, but as a directly connected financial institution.”
The account comes with constraints. Blockworks Research pointed out it's a "skinny" account - no interest on reserves, no access to the discount window - and it's approved on a one-year term. But as Blockworks Research analyst Luke Leasure noted, those limitations don't undercut the significance: it eliminates reliance on correspondent intermediary banks, providing a more durable and regulated foundation for custody, payments, and institutional cash management tied to its exchange.
The approval also marks something broader. The decision signals a notable shift in the Fed's posture toward regulated crypto institutions after years of resistance and legal battles. The crypto industry has spent the better part of a decade trying to get inside the same plumbing that powers traditional finance. Kraken just walked through the door.
Not everyone's treating it as routine infrastructure news. Jeff Park at Bitwise called the integration a moment that is "redrawing the architecture of modern finance," framing stablecoins as a direct structural threat to fractional reserve banking. That's a stronger read than most but it points at the real anxiety underneath the banking lobby's objections. Several banking groups have already raised concerns, arguing the decision poses systemic risk. The Lark Davis newsletter noted the reaction plainly: the banking industry doesn't welcome the competition.
2/ NYSE's Parent Bets on OKX at $25B, Tokenized Stocks Are Next
On March 5, Intercontinental Exchange, the company that owns the New York Stock Exchange, took a minority stake in OKX at a $25 billion valuation and secured a board seat. Bloomberg reported the investment was roughly $200 million. The terms weren't officially disclosed, but the product roadmap was: OKX will let its 120 million users trade tokenized stocks and derivatives listed on the New York Stock Exchange, in a feature expected to launch in the second half of 2026.
Star Xu (OKX founder/CEO) on X said: issuers may in future be able to bring securities directly to global investors through modern digital infrastructure, while still benefiting from the governance and regulatory frameworks that have long defined traditional exchanges and that OKX's focus is not simply on new technology, but on building durable infrastructure for the global financial system.
The deal started, according to Fortune, as a 30-minute meeting between OKX's global managing partner Haider Rafique and ICE chairman Jeffrey Sprecher that turned into a four-hour conversation. Rafique's framing afterward: "There was great chemistry in how we looked at the world and the future of tokenized securities, how derivatives should make it to the global stage, how TradFi and digital assets should merge together."
This isn't ICE's first move in this direction. BeInCrypto noted that back in January, NYSE had already announced a platform for on-chain settlement of tokenized securities with 24/7 operations, instant settlement, and stablecoin-based funding, pending regulatory approval. The OKX deal adds the distribution layer to a vision ICE was already building in-house. ICE is also working with BNY and Citi to support tokenized deposits across its clearinghouses, enabling collateral transfer outside traditional banking hours. OKX's 120 million users are the global reach that NYSE's own infrastructure can't replicate alone.
The Decrypt Morning Minute newsletter put the week in context well: "Two major TradFi moves for crypto over the past two days. First, Kraken gets a Federal Reserve master account. Now, NYSE's parent company takes a board seat inside OKX. The pieces of a crypto-native financial system are assembling faster than most people realize and it's being overshadowed by the bear market."
The nuance worth holding onto: everything here is contingent on U.S. regulatory approval, and OKX is still rebuilding credibility after its $500 million DOJ settlement in 2025. As Cryptopolitan noted, OKB's 24-hour trading volume hit $470 million after the announcement, about 1,657% above its usual daily volume, reflecting a market conviction that ICE's backing will make OKX a legitimate TradFi-to-crypto bridge. Whether that conviction holds through H2 2026 depends entirely on whether the product actually ships.
3/ Curve vs PancakeSwap - DeFi's Code Theft Problem Isn't New
On March 6, Curve Finance posted a public callout directed at PancakeSwap. Curve shared a screenshot of a file named CLStableSwapHook, attributed to PancakeSwap as author, containing the comment @license # TODO: Which license should we use? - an unresolved placeholder indicating no license had been assigned at the time of publication. Curve's message was direct: you copied our code without asking, it's a license violation, and historically that has not ended well for projects that went that route.
DeFi code theft has a straight timeline. Let’s quickly walk over it together.
2020 — SushiSwap vampires Uniswap
An anonymous developer called Chef Nomi forked Uniswap V1 wholesale, added a governance token and yield incentives, then ran a “vampire attack”, incentivizing Uniswap liquidity providers to migrate over. In 2020, SushiSwap reached a TVL of over $8 billion at its peak as it challenged the dominance of the protocol whose code it had copied. Uniswap had no legal recourse because it had published under a fully open license. The response was to build Uniswap V3 with a Business Source License, a time-restricted commercial protection preventing forks for two years.
![SushiSwap Vampire Mining [Alpha Tractor] - by Coopahtroopa](https://substackcdn.com/image/fetch/$s_!iOlI!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2F88db0487-41ec-4bfa-b7d1-872288427ca5_2000x505.png "SushiSwap Vampire Mining [Alpha Tractor] - by Coopahtroopa")
2021 — Saddle Finance copies Curve line by line
Curve publicly accused Saddle Finance of porting its code line by line into a different programming language, a direct translation with no meaningful independent contribution. Saddle’s own security audit confirmed it: the implementation was ported from Curve’s codebase and was “also vulnerable to the same attack” vectors as the original. Saddle launched anyway. It got hacked in 2022.
2021 — HolaSwap forks Uniswap V3 days after launch
Uniswap had literally just introduced the BSL specifically to prevent another SushiSwap situation. Anonymous developers launched a fork of Uniswap V3 on Binance Smart Chain, defying the business source license that restricts any use of the source code for two years. No consequences.
2021 — Uranium Finance copies SushiSwap, changes one number wrong, loses $57M
The most operationally spectacular example. Uranium developers copied the code of SushiSwap, replacing the number 1,000 with 10,000 everywhere, except for one instance. As a result, the attacker could swap a tiny amount of input tokens for $57 million in output cryptocurrency. The developer who spotted it called it “one of the most expensive typos in blockchain history.” Users lost the money, not the devs who copied the code.
2021 — Andre Cronje, on the builder’s perspective
Cronje wrote: “I can build the superior product even, but a competitor can just fork my code, add a token that infinitely mints, and they’ll have twice the users in a week. Motivating to keep building right?” (now post is deleted). He wasn’t describing an edge case as he was describing standard DeFi competitive dynamics.
2024 — Andre Cronje again, Aerodrome Finance steals his GPL code
Cronje claimed someone used his work to create an unauthorized copycat that amassed $1 billion in TVL and FDV and they “slapped on a restrictive license” over his open-source GPL3 code (post isn’t available anymore). The project was reportedly Aerodrome Finance, one of the largest protocols on Base. Taking GPL3-licensed code and re-licensing it under BUSL violates the GPL3 explicitly derivative works must be licensed under the same terms. From a legal standpoint, this constitutes copyright infringement. Aerodrome is still running.
2025 — Balancer gets exploited for $128M via Curve-derived code
Not a copy dispute but a consequence. Curve cited the $128 million hack of DeFi protocol Balancer in 2025 as an example of swap-based code exploits, specifically when warning PancakeSwap that copying StableSwap without deep expertise creates attack surface, not just legal exposure.
2026 — PancakeSwap, license field reads “TODO”
DefiLlama's forks dashboard shows Uniswap V2 is the single most-forked protocol in all of DeFi, accounting for nearly 35% of all tracked forks. Aave V3 and Compound V2 round out the top three. The forks collectively hold more TVL than many of the originals.
The industry has essentially normalised code appropriation as a business strategy. Uniswap tried to fight it with BSL licensing; when the two-year license expired in April 2023, developers forked Uniswap V3 within days, attracting $123M in TVL almost immediately.
Andre Cronje’s framing from 2021 is still the most honest read on why this keeps happening: the incentive structure rewards shipping over building. Fork fast, add a token, capture liquidity. The original developer gets credit on crypto Twitter and nothing else. The pattern from 2020 → 2021 → 2024 → 2025 → 2026 isn’t a series of isolated incidents but it’s a cultural norm that the industry has never seriously confronted.
Curve’s message to PancakeSwap ended with “better to be friends and build together.” Contrary, some users expressed their negativity in regards to such a mild public resolution, calling out Curve Finance for not escalating this issue to legal matters.
The question is whether the industry ever develops enforcement mechanisms that make friendship optional rather than the only available path.
4/ AI Agents Need Passports and Ethereum Is Building Them
AI agents are no longer running in sandboxes. They’re signing transactions, managing treasury positions, submitting governance votes, and interacting with lending protocols without direct human initiation. The infrastructure question nobody fully answered until recently: how do you know which agent you’re dealing with, whether it’s the same one across sessions, and who’s accountable if it does something wrong?
On March 5, ENS published ENSIP-25, a new standard that addresses exactly this. If an AI agent is registered in a system like ERC-8004 and claims an ENS name, the name owner can explicitly confirm that association by setting a standardized text record. Wallets, explorers, and frontends can then independently verify the link using a single resolver lookup. The design is deliberately minimal as ENS doesn't become the agent registry, just the identity bridge. Same thing it's always done for humans and DAOs, now extended to autonomous software.
The underlying standard ENSIP-25 went live on Ethereum mainnet in January, built by a team from MetaMask, the Ethereum Foundation, Google, and Coinbase. It creates three on-chain registries: Identity (a global directory assigning each agent an on-chain ID via ERC-721), Reputation (a persistent, queryable history of ratings after interactions), and Validation (a standard for recording independent verification of agent actions). The Allium blog put it plainly: lending protocols can check an agent's reputation before extending credit; DAOs can hire agents for treasury proposals once their history of producing correct financial reports is validated; agents can offer different pricing tiers based on their track record.
The problem this solves is structural, not cosmetic. According to a Cloud Security Alliance survey cited by Strata, only 21% of organizations maintain a real-time inventory of active agents, and nearly 80% of those deploying autonomous AI cannot tell you in real time what those systems are doing or who's responsible for them. The current workaround: 44% authenticate agents with static API keys, and 43% use username and password combinations as methods designed before the concept of an autonomous on-chain actor existed.
The deeper issue is legal as one Medium analysis by Jung-Hua Liu noted, an on-chain identity for an agent does not confer legal identity. It is a technical handle. Current law doesn't recognize AI agents as persons, so any action an agent takes gets attributed back to a human or corporate principal. That works fine for simple automation. It gets complicated fast when an agent is autonomously rebalancing a $25M vault or casting a governance vote on a protocol treasury.
A Substack from PhD Research in DeFi framed the coordination gap well earlier this year: existing AI agents optimize narrow objectives, react locally, and operate without shared context which works in simple environments but breaks down completely once you introduce cross-protocol complexity. Identity continuity is the prerequisite for coordination. You can't build agent-to-agent trust, portable reputation, or accountability without a stable way to refer to the same entity across interactions.
ENSIP-25 is a small standard. ERC-8004 is still a draft. But the stack being assembled: identity, reputation, validation, payments via x402 - is the plumbing for an agent economy that actually functions at scale. The Ethereum Foundation's decentralized AI team has made it a core part of their 2026 roadmap. The question isn't whether AI agents will participate in on-chain finance. That's already happening. The question is whether the infrastructure catches up before something consequential goes wrong.
The Numbers:
BTC: ~$67K | ETH: ~$1,932 | BTC dominance: 56.7%
38% of altcoins trading near all-time lows
Total market cap: $2.37T
Crypto VC funding: $895M in February, down 40% from January and down 77% since October 2025
Stablecoin supply: $310B
Deals this week:
a16z Crypto — $2B Fund V targeting H1 2026 close
Paradigm — up to $1.5B new fund
Crossover Markets — $31M Series B led by Tradeweb, with Ripple, Virtu, Wintermute, XTX
Unknown stablecoin project — $70M, Sequoia + Founders Fund + Brevan Howard + YC
Kazakhstan central bank — $350M crypto infrastructure allocation
That’s the week. Now go build something.
— Byblos.digital