Coin98 AI Wallet — agentic threat model
Coin98 AI Wallet presents a high-risk profile due to its direct integration with Web3 financial transactions across 130+ networks, where prompt injection or model compromise could lead to direct financial theft or unauthorized smart contract execution.
OWASP AIVSS score rationale
| Autonomy of Action | 0.60 | |
| Goal-Driven Planning | 0.50 | |
| Self-Modification | 0.10 | |
| Dynamic Tool Use | 0.80 | |
| Persistent Memory | 0.40 | |
| Contextual Awareness | 0.60 | |
| Dynamic Identity | 0.70 | |
| Multi-Agent Interactions | 0.30 | |
| Non-Determinism | 0.50 | |
| Opacity & Reflexivity | 0.60 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — the specific LLM or model used for the AI wallet/messenger is not disclosed. Threats include prompt injection leading to unauthorized transaction generation or misaligned financial advice.
Not certain from the listing — details on how blockchain state, user transaction history, and market data are ingested or stored (RAG/vector databases) are omitted. Threats include poisoning of market data feeds or transaction history.
Not certain from the listing — the orchestration framework translating chat to Web3 transactions is proprietary. Threats include insecure tool calling where malicious prompts trigger unintended smart contract interactions or token transfers.
Not certain from the listing — hosting details for the AI backend and key management systems are not provided. Threats include compromise of the infrastructure hosting the wallet's private key management or API gateways.
Not certain from the listing — no mention of real-time transaction monitoring, guardrails, or anomaly detection for AI-generated transactions. Threats include undetected drift in transaction routing or failure to log malicious prompt injections.
Not certain from the listing — while it claims to connect users 'safely and securely', specific compliance standards (e.g., SOC2, ISO 27001) or decentralized identity governance are not detailed. Threats include regulatory non-compliance and weak access controls over wallet APIs.
Not certain from the listing — the extent of multi-agent collaboration or integration with external DeFi dApp agents is unspecified. Threats include cascading failures if an integrated third-party DeFi protocol or oracle agent is compromised.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).