The Cryptographic Marketability Premium: How Frontier AI Labs Became the De Facto Issuers of the Digital Trust Layer

On April 7, 2026, Anthropic announced Project Glasswing, a cross-industry cybersecurity initiative powered by its most capable frontier model, Claude Mythos Preview. The partner list was the salient data point. Alongside Anthropic itself: Apple, Google, Microsoft, Amazon Web Services, Nvidia, Cisco, Palo Alto Networks, Broadcom, Cato Networks, JPMorgan Chase, and the Linux Foundation. Anthropic committed $100 million in model-usage credits and an additional$4 million in direct donations to open-source security organizations. Mythos Preview, per Anthropic's own disclosure, had already found thousands of high-severity vulnerabilities across every major operating system and web browser — some latent for three decades before the model surfaced them. Anthropic explicitly decided not to release Mythos Preview publicly, citing the concentration of offensive capability the model would confer if it escaped the controlled partnership.

A week before the Glasswing announcement, Google had publicly set an internal 2029 deadline for migrating its own production systems to post-quantum cryptography. Cloudflare, in its follow-up post, set the same 2029 target and added that post-quantum authentication had moved from a secondary priority to its highest urgency. The U.S. National Institute of Standards and Technology had finalized its first three post-quantum cryptographic standards — FIPS 203, 204, and 205 — the previous year. The 2026 consensus among security practitioners is that Q Day, the moment a cryptographically relevant quantum computer exists, will probably arrive before 2030. "Harvest now, decrypt later" operations — in which encrypted traffic is collected and warehoused for future decryption — are now acknowledged by multiple government and corporate security organizations to be occurring at nation-state scale.

Almost no one discussed these two announcements as a single event. They are one event.

The saleability — in Menger's strict sense — of every digital financial claim on earth depends on a cryptographic substrate whose integrity is approaching two simultaneous, independent threats. The institutions with privileged access to the tools for addressing those threats have, in doing so, taken on a role that no statute contemplates: the role of issuer of the trust layer underneath the global financial system. This is not a metaphor. It is a structural description. And it is the most consequential development in monetary architecture since the 1971 closing of the gold window.

Marketability, revisited for the digital era

Menger defined the saleability of a good by the conditions under which it could be exchanged: how easily, in what time frame, at what discount from nominal value, under what circumstances of counterparty doubt. He identified the characteristics that enhanced saleability — divisibility, durability, widespread demand, homogeneity, transportability — and argued that the good occupying the highest position on the resulting spectrum becomes money.

Fekete extended this framework into the 20th century by showing how the paper substitute for a monetary good inherits its saleability only under conditions where the substitute is credibly redeemable. When that credibility erodes, the saleability of the substitute decays relative to the underlying, producing the gold basis phenomenon and — at the limit — backwardation. The paper's saleability is not a property of the paper. It is a property of the credibility of the claim that the paper represents.

The application of this framework to the 21st-century digital economy is immediate but has not, to my knowledge, been made explicitly anywhere in the literature. Every dollar held in a bank account, every Treasury on a broker's book, every stock certificate in a DTCC record, every cross-border payment through SWIFT, every central-bank reserve entry — every single digital financial claim in the modern system — is a paper substitute in Fekete's sense. The "paper" is a digital record. Its saleability depends on the credibility of the record. And in 2026, the credibility of every digital record rests on a cryptographic substrate: TLS for transport, RSA or ECC signatures for authentication, SHA-256 and related hash functions for integrity, hardware security modules for key custody.

If the cryptographic substrate fails — for any reason — the digital claim becomes, in the most literal sense, an unverifiable assertion. Not "an assertion whose enforcement is contested." An assertion whose identity cannot be established. The record of ownership, the signature authorizing a transfer, the hash chain proving a transaction's history — all of these presume a cryptographic floor. Without that floor, the claim is not merely less saleable. It is structurally unidentifiable.

This is the concept I propose, and will name, the Cryptographic Marketability Premium (CMP). CMP is the portion of any digital financial claim's present value that exists only because its cryptographic substrate is believed secure. Under normal conditions, when everyone assumes the cryptography works, CMP is invisible — it is bundled into the claim's nominal value, indistinguishable from the rest of the claim's worth. Under conditions of rising doubt about the substrate, CMP becomes visible as a spread between claims with different cryptographic assurances. The spread is the market revealing that it has begun to discount the instruments whose substrate it trusts less.

In 2026, CMP is on the cusp of becoming visible in five identifiable ways.

Five places where CMP will appear

The first place CMP will become visible is the spread between instruments secured by post-quantum algorithms and those still secured by legacy RSA or ECC. Such spreads do not exist today, because no market currently distinguishes these two categories. But they will exist by 2028 at the latest, as institutional allocators begin to require PQC-secured claims for long-duration obligations. The instrument whose maturity is 2045 and whose signature algorithm is RSA-2048 is not equivalent to the instrument whose maturity is 2045 and whose signature algorithm is NIST FIPS 204. The market has not yet priced the difference. It will.

The second place is the implied volatility on deep out-of-the-money puts against the equity of custody, settlement, and payment infrastructure — DTCC, Fedwire, CLS, the major custodian banks, the stablecoin issuers. These are the instruments whose value would collapse in a cryptographic-failure scenario. The deep puts against them are the market's cheapest way to insure against that outcome. When CMP begins to rise, the volatility surface on those options will begin to steepen in a characteristic way that any quantitative observer can track.

The third place is the central-bank gold-purchase trajectory relative to dollar reserves. This is already widening sharply. Central banks have been net buyers of gold for four consecutive years at a cumulative pace that implies a structural reallocation. This is partially explained by the 2022 Russian reserve freeze (a weaponization concern) and partially by dollar-dilution concern. But it is also, in part, a CMP signal — a reach for an asset whose saleability does not depend on any digital substrate at all. The purchase pace accelerates as CMP becomes more visible.

The fourth place is the spread in corporate cyber-insurance premiums for cryptographic-failure riders. This market is nascent but growing. As underwriters develop pricing models for the tail risk of cryptographic substrate failure, the premiums themselves constitute a market-clearing price for CMP.

The fifth place is the one most specific to the Glasswing moment: the emerging resilience premium for firms with access to frontier AI-assisted defensive cybersecurity versus those without. A bank with Mythos-tier vulnerability discovery and patching is in a categorically different risk position than a bank without. Over the next several years, that difference will begin to manifest in credit spreads, funding costs, and eventually equity valuations. The premium will be small at first, and attributable to many factors, but it will be real and measurable.

The 1909 parallel

In his 2014 interview Menger or Mises, Fekete identified what he considered the pivotal moment of pre-1914 monetary decay: the 1909 decision by France, quickly followed by Germany, to make the notes of their central banks legal tender. He wrote:

This seemingly invalidated the Gold Bills Doctrine as it pretended that gold bills could mature into paper. But it is preposterous to suggest that one kind of paper could "mature" into another kind of paper of lesser marketability.

The 1909 decision did something structurally specific: it privatized a public function (the issuance of legal money) by handing a de facto monopoly to a specific institution (the Bank of France, the Reichsbank) whose issuance was thereafter unconstrained by redemption discipline. Fekete viewed this as the single largest step toward the monetary pathology that ultimately produced the Great Depression and the entire post-war fiat regime.

The Glasswing moment has the same structural shape, in a different domain.

The trust layer that secures digital financial claims has, until now, been a diffuse, open, and primarily public good. Cryptographic standards have been developed openly through organizations like NIST, the IETF, and the academic cryptography community. Implementation has been widely distributed. No single entity has monopolized the issuance of trust.

The post-Mythos environment is different in kind. A capability has emerged — AI-mediated vulnerability discovery at superhuman scale — that is too dangerous to release publicly and is therefore being distributed selectively to a small set of institutional partners. The selection criteria are opaque to the public, known only to the issuing lab. The capability itself is proprietary and protected by some combination of model-weight secrecy, usage restrictions, and compute barriers to reproduction. The institutions inside the partnership gain access to a defensive capability their competitors do not have. The institutions outside the partnership are exposed to risks the insiders are not.

This is a private monopoly on the issuance of a specific form of trust. The trust is not the trust of money — the Federal Reserve still issues that. But it is the trust of the substrate underneath money, and underneath every other digital financial claim. And because the substrate is foundational to the saleability of the claims built on top of it, whoever controls the substrate is, in Fekete's framework, a new kind of monetary authority.

This is not a claim about anyone's intentions. Anthropic's stated motivation for Glasswing is to close a widening offensive-defensive gap in cybersecurity, and there is no reason to doubt that this is sincerely the intent. Fekete's critique of the 1909 legal-tender decision was also not a claim about anyone's intentions. The French and German central banks were not conspiring to cause the Great Depression. They were responding to specific policy pressures in what seemed, at the time, like a reasonable way. The structural consequences unfolded across the following decades regardless of the intent of the participants.

Structure does not care about intent. That is the Fekete point. A private monopoly on a foundational trust-issuing function will produce the structural consequences of such a monopoly, regardless of how carefully the monopolist stewards the capability. And those consequences will be compounding, asymmetric, and largely invisible until they are irreversible.

The cartel shape

The Glasswing partner list, re-read with the above framework in mind, describes the shape of the emerging private monetary infrastructure with remarkable clarity.

• Apple, Google, Microsoft, Amazon: the four firms that collectively control the primary consumer and enterprise computing platforms on earth. The surface area through which Glasswing-tier defensive capabilities can propagate downstream.

• Nvidia: the sole critical supplier of the training compute used to produce Mythos and its successors. The chokepoint at which the issuance of new trust capability can be regulated.

• Cisco, Palo Alto Networks, Broadcom, Cato Networks: the network infrastructure and security tooling tier, through which the operational expression of the defensive capability is distributed.

• JPMorgan Chase: the only bank in the partnership. The most systemically important U.S. financial institution. The canonical example of what it means for Glasswing-tier access to confer a solvency-grade advantage over non-access competitors.

• Linux Foundation: the steward of the open-source substrate on which most of modern infrastructure runs, and therefore the channel through which the defensive capability can be pushed into the broader ecosystem on Glasswing's terms.

• Anthropic: the issuer of the capability itself.

This is not an accidental configuration. It is an approximately minimal set of institutions required to constitute a self-contained trust-issuance regime. The computing platforms, the compute supplier, the network stack, the critical banking node, the open-source distribution channel, and the model provider. Every other institution in the global digital economy is, in some structural sense, downstream of this set.

A reasonable observer in the 1930s could have drawn a similar box around the Federal Reserve, the major New York money-center banks, the U.S. Treasury, and a handful of affiliated clearinghouses and produced an equivalent map of the pre-war U.S. monetary establishment. The shape of the Glasswing set is, structurally, a nascent private Bretton Woods for the digital-trust era.

Why the Fed cannot intervene

The Federal Reserve's toolkit, from open market operations through quantitative easing to the emergency lending facilities developed in 2008 and expanded in 2020, is built entirely on one presumption: that the digital rails through which the Fed moves money are trustworthy. Fedwire works. The discount window works. The reverse-repo facility works. The primary dealer network works. The TRACE reporting works. Every one of these systems depends on the cryptographic substrate that Glasswing and the post-quantum migration are racing to secure.

If that substrate is compromised — whether by Q Day's arrival, by an AI-discovered zero-day in a critical payment system, or by the cascading failure of trust in any of a thousand production systems — the Fed's monetary tools do not become more or less effective. They become unusable. The central bank cannot inject liquidity through a payment rail whose cryptographic integrity cannot be verified. It cannot conduct open market operations on records whose signatures cannot be distinguished from forgeries. It cannot extend emergency credit through a primary dealer network whose settlement messages may or may not be authentic.

This is the crisis that the Fed's entire institutional design assumes cannot occur. Fekete's critique of the 1922 open-market-operations innovation was that it made possible a specific pathology (capital erosion through bond-price manipulation) that the pre-1922 Federal Reserve Act was explicitly designed to prevent. The Glasswing moment introduces a pathology the entire Federal Reserve Act presumes away: a crisis in the informational substrate of money itself, which monetary policy tools cannot reach.

In this specific domain, the institutions of the Glasswing cartel are the relevant authority and the Fed is a spectator. Not by design. By the structural nature of the problem.

The Mengerian endnote

Menger's fundamental argument about money was that it emerges bottom-up, through the individual decisions of many unrelated traders to accept progressively more saleable instruments in exchange for less saleable ones. Money, he insisted, "has not been generated by law. In its origin it is a social, and not a state institution."

The digital trust layer is not emerging this way. It is emerging top-down, from a small set of laboratories with the resources to produce frontier AI capabilities, to a partner cartel of strategically critical institutions, through deliberate issuance decisions made by a tiny number of people. The Glasswing model of trust issuance is not a Mengerian process. It is structurally opposite to the Mengerian process.

This is not necessarily bad. Frontier AI security capability is a genuine technical breakthrough, and concentrating it in responsible hands may be the correct policy at this moment. The structural critique does not require that the current stewards be acting against the public interest. It requires only that we recognize what has been produced: a privatized, centralized, non-transparent, and now-essential trust-issuance function embedded in the operational substrate of the global financial system.

The appropriate response, from within the New Austrian Economics framework, is not to dismantle Glasswing. The capability cannot be un-invented. The cartel cannot be broken up without worse alternatives taking its place. The appropriate response is to recognize what has been created, and to build the public and decentralized institutions necessary to counterbalance it. These would include:

• Transparent post-quantum cryptographic standards, independently implemented and openly audited, that do not depend on any private lab's capability for their verification.
• Publicly funded AI-assisted defensive cybersecurity, producing capabilities adjacent to Mythos's but available without membership in any private cartel.
• International agreements that treat frontier AI security capability as a good-faith-shared public resource, analogous to historical agreements on nuclear materials (where the shared-resource framing ultimately prevailed, imperfectly but meaningfully, over the closed-cartel alternative).
• A revival of the Mengerian bottom-up tradition in digital-trust issuance, through decentralized cryptographic systems (Bitcoin, Ethereum, and their successors) whose trust emerges from distributed participation rather than from the decisions of any single issuer.

None of this is likely to happen quickly. The Glasswing cartel has a head start. The capability gap will widen before it narrows. The CMP signals will become visible in the five forms described earlier, and the financial consequences of CMP becoming visible will propagate through markets regardless of whether anyone in the policy establishment has the vocabulary to describe what is occurring.

What Fekete would have said

Fekete died in 2020. He did not live to see Glasswing, or the Mythos model, or the Q Day timeline. But the structure of his analytical framework answers the question of what he would have said almost without ambiguity.

He would have said this is 1909 all over again, in a new domain. A privatized monopoly on a foundational monetary function, granted without public consent or awareness, by institutions acting in what they believed to be the public interest, producing asymmetric advantages that will compound for decades and ultimately produce a structural crisis that the monetary authority cannot address because the problem operates at a level below monetary policy's reach.

He would have said that the proper response is to restore the Mengerian foundations: to make the trust layer an open, competitive, distributed, market-determined function rather than a privately issued one. This will not be easy. In 1909, the proper response would have been to refuse legal-tender status to central-bank notes and to restore the gold-bill regime. That did not happen. The consequences played out across the following century.

The 2026 Glasswing moment is a structurally similar inflection. The choice to address it well, while the Mengerian alternatives still exist, is open for perhaps the next five to ten years. After that, the cartel consolidation and compounding effects will be irreversible, and subsequent generations will inherit the structure as a given fact of monetary life — in the same way the post-1909 world inherited central-bank monopolies on money issuance and could no longer imagine any other arrangement.

The New Austrian Economics is, I believe, the framework best positioned to see what is happening and to describe it clearly while the window is still open. This essay is one contribution. The much larger work remains.

---

This concludes the first wave of the New Austrian Economics series. Future essays will develop the decay-function framework into a working quantitative dashboard, track CMP signals as they become observable, and extend the analysis to the crypto-native monetary experiments (Bitcoin, Ethereum, and their derivatives) that constitute the most serious contemporary attempt to build a Mengerian bottom-up alternative to the Glasswing-era trust architecture. The intellectual debt of the entire series is to Carl Menger and Antal E. Fekete, without whom the framework would not exist; any errors of application or extension are entirely my own.