Hey there, PoI readers! 💫

It's your favorite crypto connoisseur, Mochi, back with another serving of tantalizing tech and web3 news. From Arizona's bold move to make crypto tax-free and Palmer Luckey's $4.3B banking empire to Bitmine's insane ETH hoarding spree and OpenAI admitting their AI browser might be hackable forever, we've got a lot to unpack. So, buckle up and get ready for a wild ride through the wonderland of digital assets!

INTEL BRIEF

🟧 Arizona Senator Wendy Rogers has proposed legislation to exempt crypto from state taxes and protect blockchain node operators from local government fees.

🟧 Palmer Luckey's crypto-focused digital bank Erebor just hit a $4.35 billion valuation while clearing major regulatory hurdles toward becoming a fully licensed US bank.

🟧 Bitmine just crossed the 4 million ETH mark after buying nearly 100,000 Ether tokens in a week, pushing its stash to over $12 billion as it chases a goal of owning 5% of total ETH supply

🟧 OpenAI admits that prompt injection attacks—where malicious instructions manipulate AI agents—may never be fully solved, even as the company rolls out new defenses for its Atlas AI browser.

Arizona Senator Wants to Ban All Crypto Taxes and Let Voters Decide in 2026

Arizona is making moves that could turn the Grand Canyon State into a crypto paradise! Senator Wendy Rogers just dropped not one, not two, but three pieces of legislation aimed at giving digital assets the tax break of a lifetime.

Here's the tea: Rogers filed two bills (SB 1044 and SB 1045) plus one resolution (SCR 1003) that would basically tell the taxman to keep his hands off your Bitcoin. SB 1044 wants to exempt virtual currency from taxation entirely, while SB 1045 is all about protecting those blockchain node operators from getting nickel-and-dimed by counties, cities, and towns. Think of it as a "don't tread on my nodes" situation.

But wait, there's a catch (because there's always a catch). While the blockchain node bill might cruise through the state legislature, the crypto tax exemptions would need Arizona voters to give it the thumbs up in the November 2026 general election. So basically, democracy has to do its thing first.

Now, this isn't Rogers' first rodeo with crypto legislation. She co-sponsored a Bitcoin reserve bill that Governor Katie Hobbs vetoed back in May—a move Rogers was not happy about. She's already promised to refile it, because apparently persistence is her middle name.

Arizona already has some interesting crypto laws on the books, including one that lets the government claim digital assets that have been ghosting their owners for three years or more. It's believed to be part of the state's broader efforts to establish a digital asset reserve, joining the exclusive club with New Hampshire and Texas.

Meanwhile, other states are playing a completely different game—Ohio wants to exempt crypto transactions under $200 from capital gains taxes, while New York is proposing a 0.2% excise tax on digital asset transactions. It's like watching a choose-your-own-adventure book, except with more bureaucracy and fewer dragons.

Arizona Senator Wendy Rogers proposed three bills to exempt crypto from state taxes and protect blockchain node operators from local fees

Voters would need to approve the crypto tax exemptions in November 2026, while the node protection bill could pass through the legislature

Arizona joins New Hampshire and Texas with digital asset reserve laws, while other states like Ohio and New York take different taxation approaches

Palmer Luckey's Digital Bank Just Hit a $4.3 Billion Valuation While Getting Federal Approval

Palmer Luckey, the guy who sold Oculus to Facebook and then pivoted to building defense tech? Well, plot twist: he's now in the banking business, and it's going surprisingly well. His digital bank Erebor (yes, named after the Lonely Mountain from The Hobbit—nerd cred intact) just raised $350 million and is now sitting pretty at a $4.35 billion valuation.

The funding round was led by Lux Capital, with backing from heavy hitters like Peter Thiel's Founders Fund, Haun Ventures, and 8VC. But here's what makes this more than just another Silicon Valley money grab: Erebor is actually getting regulatory approval to become a real bank. No, seriously.

The company recently secured preliminary conditional approval from the Office of the Comptroller of the Currency (OCC), which is basically the golden ticket for banking licenses in the US. Even better, the Federal Deposit Insurance Corporation (FDIC) approved their deposit insurance application last week, giving them a 12-month window to get everything officially up and running.

So why does Erebor exist? Well, remember when Silicon Valley Bank spectacularly imploded in March 2023? That disaster left a massive void for tech startups and crypto companies that suddenly had nowhere to bank. SVB's collapse—triggered by rapid interest-rate hikes that torched their long-term securities and sparked a good old-fashioned bank run—was one of the biggest bank failures since 2008. Erebor emerged from stealth in mid-2025 specifically to fill that gap.

The bank is positioning itself as crypto-friendly, AI-friendly, and stablecoin-friendly, which is apparently what investors want right now. And Erebor isn't alone—Coinbase, Circle, and Ripple Labs are all pursuing similar national trust charters or OCC approvals to bridge traditional banking with digital assets.

Timing is everything, and Erebor's momentum is believed to be fueled by the renewed push for regulatory clarity under President Trump's administration. We're talking stablecoin legislation approvals and long-awaited crypto market structure bills that—despite some delays—have the industry cautiously optimistic. Even David Sacks, Trump's crypto and AI czar, chimed in Monday saying the SEC and CFTC are expected to drop "clear regulatory guidelines for cryptocurrencies" soon.

Erebor raised $350 million at a $4.35B valuation, backed by Lux Capital, Founders Fund, and Peter Thiel

OCC and FDIC approvals signal the bank is on track to become fully licensed within 12 months

Launched to fill the Silicon Valley Bank void, Erebor joins Coinbase, Circle, and Ripple in pursuing crypto-friendly banking charters amid improving US regulatory clarity

Bitmine Bought Nearly 100,000 ETH in One Week and Now Owns Over 4 Million Tokens

If you thought you were bullish on Ethereum, meet Bitmine—the company that's basically treating ETH like Pokémon cards and trying to collect them all. The Ethereum treasury company just hit a massive milestone, crossing the 4 million ETH mark this week after dropping another $40 million on 13,412 tokens. Casual Monday shopping, right?

But wait, it gets better. Bitmine didn't just buy that $40 million worth of ETH—they've been on an absolute spending spree, scooping up nearly 100,000 ETH in the past week alone. According to blockchain analytics firm Lookonchain, the company now sits on a mountain of 4.06 million Ether tokens worth approximately $12.2 billion at current prices. That's not a typo. Billion. With a B.

Bitmine chairman Tom Lee (not to be confused with the other crypto Tom Lee, because apparently that's a popular name in this space) is absolutely thrilled about the achievement. "This is a tremendous milestone achieved after just 5.5 months," he said, probably while doing a victory lap around the office.

The company's average purchase price sits at $2,991 per ETH, and with prices climbing back to $3,000 over the weekend, Bitmine's stash has tipped back into profit after being in the red since the October market crash. Nothing like a little green in your portfolio to brighten the day.

But Bitmine isn't stopping here—oh no. Their ultimate goal is to own 5% of the total ETH supply, and according to data from Strategic ETH Reserve, they're already 67% of the way there. Lee calls this the "alchemy of 5%", which sounds like something out of a fantasy novel but is apparently very real corporate strategy.

The company's stock (BMNR) has been on an absolute tear, up 606% over the past six months since launching this Ether accumulation strategy in June. Investors are speculated to be loving this play, and Bitmine is doubling down by announcing plans to launch staking services in early 2026 through something called the "Made in America Validator Network" (MAVAN). Because nothing says crypto quite like patriotic validator branding.

Lee described MAVAN as a "best-in-class" staking solution that will offer secure infrastructure and, presumably, generate even more value for shareholders. It's believed to be Bitmine's way of making their massive ETH hoard work harder for them—because why just hold when you can stake and earn?

Bitmine crossed 4 million ETH worth $12.2 billion after buying nearly 100,000 tokens in one week

Stock up 606% in six months since launching the Ether strategy, with holdings now back in profit as ETH hits $3,000

Targeting 5% of total ETH supply and launching "Made in America Validator Network" staking platform in early 2026

OpenAI Says Prompt Injection Attacks May Never Be Solved But They Built a Hacker Bot Anyway

OpenAI just admitted that its Atlas AI browser might be fundamentally vulnerable to a type of cyberattack called prompt injection—and there's no permanent fix coming. Ever. In a refreshingly honest Monday blog post, the company basically said, "Yeah, this problem is like spam and phishing: it's never going away."

Prompt injection attacks are when hackers hide malicious instructions in web pages or emails that trick AI agents into doing things they absolutely should not do. Think of it as social engineering, but for robots. When OpenAI launched ChatGPT Atlas in October, security researchers immediately had a field day, demonstrating how a few carefully chosen words in a Google Doc could hijack the browser's behavior. Brave browser chimed in the same day, pointing out that this is a systematic problem affecting AI-powered browsers across the board, including Perplexity's Comet.

And it's not just OpenAI sounding the alarm. The UK's National Cyber Security Centre warned earlier this month that prompt injection attacks against generative AI applications "may never be totally mitigated." Their advice? Stop trying to eliminate the problem entirely and focus on reducing the damage instead. Fun times.

So what's OpenAI doing about this digital nightmare? They're taking the "fight fire with fire" approach by building an LLM-based automated attacker—essentially a hacker bot trained with reinforcement learning to probe for weaknesses in their own systems. This bot can run simulated attacks, study how the target AI responds, tweak its strategy, and try again hundreds of times until it finds a vulnerability. It's like having an evil twin constantly trying to break into your house so you can figure out where to add more locks.

The company claims this internal red-teaming bot has already discovered "novel attack strategies" that human testers and external researchers missed. In one demo, OpenAI showed how the automated attacker snuck a malicious email into a test inbox. When the AI agent scanned it, the hidden instructions made it send a resignation message instead of an out-of-office reply. Yikes. But after the security update, the system was able to detect and flag the injection attempt—so, progress?

Still, Rami McCarthy from cybersecurity firm Wiz isn't exactly doing backflips over agentic browsers. He points out that these tools sit in a "challenging part of the risk space" with moderate autonomy but very high access to sensitive data like emails and payment info. His take? "For most everyday use cases, agentic browsers don't yet deliver enough value to justify their current risk profile." Translation: the juice might not be worth the squeeze right now.

OpenAI's advice to users is basically "proceed with caution." They recommend giving AI agents specific instructions rather than blanket access to your inbox, requiring user confirmation before sending messages or making payments, and limiting logged-in access where possible. You know, common sense stuff that's speculated to hopefully prevent your AI assistant from accidentally quitting your job on your behalf.

OpenAI admits prompt injection attacks may never be fully solved, comparing them to ongoing web scams and social engineering threats

Built an AI "hacker bot" using reinforcement learning to discover vulnerabilities internally before real attackers exploit them

Security experts warn agentic browsers pose high risks due to access to sensitive data, with current value not justifying the threat level for most users

And that's a wrap, my lovely PoI readers! I hope this edition left you feeling informed, entertained, and maybe even a little bit richer (in knowledge, of course). Remember to stay curious, stay informed, and keep spreading the love. Until next time, this is Mochi, signing off with a virtual high-five!

P.S. Don't forget to share your thoughts, questions, and favorite crypto puns with us. very voice matters in the PoI community! 📣❤️ Share the newsletter

🍨📰 Catch you in the next issue! 📰🍨