Stablecoins run 24/7, forcing a shift to always-on controls as risks move beyond custody into execution layers, APIs, and multi-system authority management.
They move in seconds, settle around the clock, and they don’t wait for banking hours, batch windows, or correspondent chains to reopen on Monday morning. That is exactly why they matter, and it is exactly why the security model around them has to change.
The market has spent the last few years focused on growth: issuance, volume, payments, consumer adoption, and institutional traction. That growth is real, but that is only half the story. The more important shift is operational. Stablecoins are turning money movement into a 24/7 financial system. Once that happens, controls cannot remain periodic, manual, or dependent on human timing. Always-on money needs always-on controls.
Stablecoins are no longer a niche payment story
They are increasingly being used where traditional money movement breaks down: cross-border settlement, treasury flows, intercompany funding, remittances, and platform payouts. BCG estimates that stablecoins supported around $4.2 trillion in meaningful economic activity in 2025, reinforcing that they are becoming more than trading infrastructure.
Consumer behavior points in the same direction. BVNK’s Stablecoin Utility Report 2026 found that 54% of respondents had held stablecoins in the past 12 months, 56% intend to acquire more, and nearly half increased their holdings over the previous year. Among people already getting paid in stablecoins, they account for around 35% of annual earnings on average. This is not passive ownership. It is operational money.
Stablecoins change the operating model of money
For years, digital asset security was framed primarily as a custody problem: protect the private key, protect the asset. That model is no longer enough. Risk has expanded far beyond key storage into the execution layer, where APIs, automation, exchanges, liquidity venues, deployment environments, validators, and operational credentials determine how capital moves. As Sodot has argued before, modern custody is no longer just about who holds the key. It is about what can trigger execution.
And that execution layer does not exist in one place. It spans multiple vendors, multiple venues, multiple countries, and increasingly complex cross-border workflows, each with its own operational, policy, and compliance requirements.
That is why modern custody is not just a key management problem. It is an authority management problem. Digital asset operations now require coordination across custody providers, exchanges, signing infrastructure, API integrations, developer credentials, and vendors operating across both on-chain and off-chain environments.
That distinction becomes critical in stablecoin systems. Stablecoins are attractive because they reduce friction. They make money movement faster, more global, and more programmable. But they also shorten the time available to detect, stop, and recover from failures. In a multi-vendor, multi-venue environment, a compromised credential can quickly spread across systems and escalate into a catastrophic event.
The contradiction at the heart of stablecoin adoption
People are drawn to stablecoins for practical reasons such as lower fees, stronger security, and global usability. But the biggest frustrations are just as telling: irreversible payments, the risk of losing funds, too many steps, chain-selection complexity, and limited recovery options.
That tension matters because stablecoins remove friction from money movement, but they also remove much of the forgiveness layer that exists in traditional finance. Once a payment is made, it is often final. There is no chargeback flow, no intermediary review layer, and often no realistic path to recovery.
That is why the control layer matters so much. In stablecoin systems, security cannot start after execution. It has to exist before and during execution, through policy enforcement, key governance, and infrastructure designed to prevent the wrong transaction from being signed in the first place. Users want payments that feel instant, intuitive, universal, and protected. Delivering that safely is the infrastructure challenge.
Stablecoins Are Scaling Faster Than Their Control Layer
Most of the infrastructure beneath stablecoins still relies on exposed keys, fragmented controls, manual approvals, and execution environments built for speed first and governance second. The real risk is no longer confined to on-chain signing. It increasingly sits off-chain, across API keys, exchange connections, treasury operations, automation layers, and the systems that decide how and when money moves.
That model does not scale when payments run all day, treasury moves globally in real time, and merchants, platforms, fintechs, and AI-driven systems begin interacting with money as software.
The lesson from private key security was never just “store keys better.” It was to eliminate unilateral exposure and enforce policy around usage. That principle now has to extend to every credential and every execution surface capable of authorizing money movement.
Always-on controls are the missing layer
This is where MPC and key governance become essential. MPC removes the single point of failure by distributing signing authority, so the private key is never reconstructed in one place, and no single machine or actor can move funds unilaterally. Self-hosted MPC, distributed key shares allow transaction signing without recreating the full private key, replacing the fragile model of one exposed secret with a more resilient control structure.
In always-on systems, authority also has to be governed. Key governance defines how signing authority can actually be used: who can approve what, under which conditions, with what limits, and with what separation of duties. It turns key management into execution control. In practice, that means a programmable policy layer that can enforce granular controls across keys, vendors, exchanges, machines, and operational workflows, including both on-chain and off-chain keys
As businesses scale, teams change, approval structures evolve, and risk models become more sophisticated. The control model has to evolve with them. That means more than adjusting signing thresholds. It means updating the policy layer around execution itself: who can approve which transactions, under what limits, across which keys, vendors, exchanges, machines, geographies, or workflows. Those controls need to adapt without forcing key rotation, changing public addresses, or disrupting operational continuity.
That is not just better key management. It is the control layer for programmable money.
Always-on money raises the standard
Stablecoins are no longer just an asset class or a payments trend. They are becoming operational financial infrastructure, and that raises the bar for everything underneath them. The upside is clear: faster settlement, lower friction, global reach, and continuous availability. In that environment, risk is no longer just a private key issue.
It sits across the execution layer, where systems, credentials, approvals, and workflows determine how capital moves. The problem begins wherever too much authority is concentrated in one place. The solution begins by removing that unilateral authority and replacing it with distributed, governed control before execution happens.
