Opinion by Michal “Mehow” Pospieszalski, founder of AmericanFortress Every time I read another headline about a billion-dollar crypto hack, I feel two things at once: anger and responsibility
Opinion by Michal “Mehow” Pospieszalski, founder of AmericanFortress
Every time I read another headline about a billion-dollar crypto hack, I feel two things at once: anger and responsibility.
I’ve spent the last 20 years working in cybersecurity. Before crypto, I worked in the Beltway trenches, helping government systems keep bad actors out. After that, I was a white-hat hacker, showing companies how easily their digital doors could be kicked in.
But here’s the truth most people don’t want to hear: Crypto isn’t getting hacked because it’s decentralized. It’s getting hacked because it was never designed for humans.
One look at the latest wave of scams, whether it be fake X links mimicking wallet URL, copy-paste address swaps stealing millions in seconds or AI-generated “support agents” tricking users in Discord, reveals they aren’t zero-day exploits or deep protocol bugs. They’re user experience failures, at scale.
People are getting tricked because they’re asked to make collectively billion-dollar decisions using unreadable wallet strings, clunky confirmation windows, and no clear way to verify who they’re sending to.
What we need as a space is to eliminate address-based phishing entirely. Instead of copying a wallet address, you should be able to just type a name. Under the hood, the system then generates a stealth, unique address, known only to sender and receiver.
It’s the difference between asking users to check every pixel of a 42-character string… and letting them send crypto like they send a Venmo.
With $1.5 billion stolen in the latest ByBit hack, phishing attacks up 58% year-over-year, and 9 out of 10 organizations reporting security breaches, the threat landscape is evolving. Deepfakes, voice phishing, and AI-powered social engineering are now targeting reserve-backed chains and financial infrastructure. If we want to future-proof crypto, we need to redefine how digital assets are transacted, stored, and secured.
Send-to-name technology, where receive addresses are generated privately between sender and recipient, with no public transaction history, offers exactly that. When embedded alongside off-chain KYC/AML compliance systems, it can power the U.S. Crypto Strategic Reserve and other sovereign-grade networks to operate with frictionless, fully compliant asset management for individuals, institutions, and autonomous AI agents alike.
The Bybit breach wasn’t some unsolvable mystery. Neither was the Coinbase mass phishing scam or any of the myriad wallet-poisoning scams that occur daily. These are predictable, repeatable failures that could’ve been prevented by simply not exposing wallet addresses at all.
The crypto industry is drowning in post-mortems. What we need are pre-mortems, systems that don’t just detect fraud after it happens, but make it mathematically impossible before it starts.
That’s what send-to-name does. And it works across Ethereum, Bitcoin, Solana, and beyond.If we don’t build in safety ourselves, governments will do it for us.
Crypto can do better, not with more rules or another plugin, but with default-private, human-readable, send-to-name infrastructure that stops scams before they start.
It’s time to fix the foundation, the rest is just noise.
