Today in The Quorum Room: The theoretical regulatory frameworks we've been tracking are turning into operational realities. The MiCA deadline has officially arrived in Europe, forcing Binance to halt services across multiple member states. Across the Atlantic, the eleventh-hour scramble over the CLARITY Act has introduced strict new yield limits for stablecoins, even as the fight over developer liability threatens to derail the bill's momentum.
The CLARITY Act push we've been tracking is accelerating ahead of the August recess. While Senator Cynthia Lummis continues to defend the contentious Section 604 safe harbor against the law enforcement pushback we noted previously, a newly reported draft provision introduces a fresh hurdle: explicitly restricting stablecoin yields. The new language allows rewards only for active protocol use, banning passive holding yields.
Why it matters
For DAO operators and governance strategists, these two developments are pivotal. The proposed stablecoin yield restrictions directly impact protocol design, forcing a move away from passive interest models toward activity-based rewards, fundamentally altering tokenomics and user incentive structures. More critically, the outcome of the Section 604 debate will define the legal risk for every contributor to a decentralized protocol in the U.S. A strong safe harbor could unleash a new wave of permissionless innovation, while a weak or ambiguous one would entrench the current climate of legal uncertainty, forcing DAOs to rely heavily on legal wrappers and limit the scope of contributor activity.
Proponents like Senator Lummis argue the bill's intent is to create a clear distinction between financial intermediaries and software developers, fostering innovation. Critics, including Jake Chervinsky and anti-trafficking groups, fear the current wording doesn't go far enough and could either fail to protect developers or create loopholes for illicit finance. The compromise on stablecoin yield is seen by some as a pragmatic move to appease regulators concerned about systemic risk.
The July 1 MiCA deadline we've been monitoring has arrived, triggering the expected market shakeout. Following reports of ECB resistance to its licensing efforts, Binance confirmed Friday it is suspending services for users in France, Italy, Spain, and Poland. With Binance retreating to pursue authorization in a different member state, fully authorized competitors like Kraken are actively moving to capture the vacuum.
Why it matters
This is the first major, tangible consequence of MiCA's implementation, transforming the European regulatory landscape from theoretical to operational. For DAOs and decentralized protocols, this serves as a critical case study: even the largest centralized players are not immune to stringent regulatory requirements. The event underscores the necessity of a clear legal and compliance strategy for any organization serving EU users. The resulting market consolidation will likely concentrate power in fewer, more regulated hands, potentially increasing the compliance burden for decentralized entities seeking to interoperate with the European financial system.
Binance stated its plan is to pursue authorization in another EU member state, suggesting a temporary setback rather than a permanent withdrawal. Competitors like Kraken are using the moment to highlight their own regulatory compliance. Some analyses suggest MiCA, intended to harmonize rules, is still subject to varied interpretations by national regulators, creating an uneven playing field.
Confirming the 'pseudo-bank' framework for stablecoin issuers we covered earlier this month, FinCEN and other U.S. agencies published their formal Notice of Proposed Rulemaking for the GENIUS Act. The key new detail for DeFi operators is an explicit carve-out: the Customer Identification Program (CIP) requirements exempt relationships that exist solely through smart contract interactions or token ownership, provided no other formal relationship indicators are present.
Why it matters
This is a critical development for DAO treasuries and any protocol interacting with regulated stablecoins. The codification of PPSIs as financial institutions cements their compliance burden. The exemption for smart contract-only interactions is the key detail for DAO operators. It suggests a potential path for protocols to interact with regulated stablecoins without triggering direct CIP obligations on the protocol itself, provided the interaction remains purely on-chain and avoids formal off-chain agreements. This distinction will be crucial for structuring DAO operations and partnerships to manage regulatory exposure.
The proposed rule is a direct implementation of the GENIUS Act, aiming to bring stablecoin issuers into the existing AML/CFT framework for traditional finance. Legal analysts note the importance of the smart contract exclusion, but caution that its practical application will depend on how regulators interpret 'formal relationship indicators' in the context of decentralized governance.
In a significant move toward regulatory clarity, the SEC, in coordination with the CFTC, issued new interpretive guidance on Saturday that categorizes digital assets into five distinct classes. Crucially, the guidance states that most crypto assets are not inherently securities. The framework also proposes a 'fit-for-purpose startup exemption' designed to allow early-stage projects to develop and raise funds with a reduced regulatory burden, provided they adhere to specific disclosures and limitations.
Why it matters
This guidance could mark a turning point for crypto innovation in the U.S. By creating a clearer taxonomy and formally acknowledging that not all tokens are securities, the SEC is providing a more predictable regulatory path. For DAOs and decentralized protocols, the 'startup exemption' is particularly important. It could create a sanctioned 'sandbox' for new projects to experiment with tokenomics and governance models without immediately falling under the full weight of securities law, potentially lowering the barrier to entry and reducing the reliance on complex legal wrappers for early-stage development.
This move is being interpreted as a significant shift from the SEC's recent 'regulation by enforcement' posture. The five-bucket taxonomy aims to provide a more nuanced approach than the simple Howey Test application. Industry proponents are cautiously optimistic, waiting to see the specific details and eligibility criteria for the proposed startup exemption.
A new report published Saturday warns that the financial compliance stack is unprepared for autonomous AI agents, creating a critical 'Know Your Agent' (KYA) gap. Unlike human actors, agents exhibit nondeterministic behavior, operate continuously, and can create complex delegation chains, rendering traditional KYC/AML frameworks obsolete. The analysis, citing warnings from NIST and the IMF, proposes a KYA framework built on four pillars: Identity (verifiable origin), Capability (vetted tools and functions), Scope (enforced operational guardrails), and Lineage (auditable action history). It anticipates regulators will mandate such standards within 12-18 months.
Why it matters
This 'Know Your Agent' concept provides a crucial blueprint for any DAO or autonomous organization aiming to deploy agents in a compliant and operationally sound manner. For a governance strategist, the four pillars offer a direct roadmap for designing auditable and controllable agentic systems. Implementing a KYA framework isn't just about regulatory compliance; it's about building foundational trust and control over autonomous systems that manage treasuries or execute protocol operations. The report's prediction of a 12-18 month window before regulation solidifies highlights the urgency for DAOs to begin building this infrastructure now to avoid being caught flat-footed.
The report frames KYA as an urgent necessity to prevent systemic risks as agent-initiated transactions scale. It introduces a reference architecture, KALIB (KYA Agent Lineage and Identity Broker), as a potential technical solution for implementing the framework's principles. The analysis suggests a 'first-mover window' for financial institutions and protocols to adopt these standards before they become mandated.
Adding to the consensus that traditional enterprise security cannot handle autonomous agents, a KuppingerCole analysis argues that agents cause an 'identity collapse' by breaking core IAM assumptions. Because agents are probabilistic and dynamically switch between acting as users, resources, and decision-makers, static role-based access controls are proving unworkable, echoing the high incidence of credential-based failures we tracked in recent security reports.
Why it matters
This analysis is fundamental for anyone building autonomous organization infrastructure. It confirms that simply porting existing enterprise security models to DAOs or agentic systems is a recipe for failure. The concept of 'identity collapse' forces a rethink of governance and security from first principles, emphasizing the need for systems that can handle dynamic permissions, verifiable intent, and runtime authorization. For a DAO operator, this means that securing the organization requires building or adopting a new class of identity infrastructure specifically designed for the probabilistic and autonomous nature of AI agents.
The analysis is echoed by a 1Password blog post from Friday which categorizes agent identity into 'delegated,' 'bounded,' and 'autonomous' architectures, each with distinct threat models. It details emerging protocols like WIMSE and CAEP as potential solutions for continuous, secure authorization. Both pieces converge on the idea that agent identity is a fundamentally new security problem, not just an extension of existing ones.
Research from Harvard Business School, highlighted in an article on Saturday, examines how agentic AI is transforming work by acting as a 'digital support team.' The analysis states that these autonomous systems can plan, reason, and execute entire workflows, democratizing expertise across an organization. However, realizing these benefits requires organizations to thoughtfully design new work processes, establish robust governance systems for the agents, and invest in upskilling their human workforce.
Why it matters
This research provides a valuable framework for thinking about the integration of AI agents into DAO operations. It moves beyond the technical capabilities of agents to the organizational and governance challenges they create. For a DAO operator, the key takeaway is that simply deploying agents is not enough. To be effective, their roles must be designed, their actions governed, and their collaboration with human contributors intentionally structured. This aligns directly with the core challenge of building effective autonomous organization infrastructure.
The article emphasizes a balanced approach, warning against both techn-optimism and Luddism. The key to success, it argues, lies in the co-evolution of human roles and AI capabilities, guided by a clear governance framework.
A technical analysis posted Friday argues that the foundational trust for an autonomous agent must be established at the moment of its creation or 'enrollment.' While protocols like RFC 8693 can handle token exchanges for authorized actions, they don't prove the legitimacy of the agent itself. The author proposes a new primitive, a 'checkable enrollment receipt,' which would be a verifiable artifact binding the agent's identity, public key, and enrollment method to an attestation chain. This would allow any relying party to verify the agent's origin and authority without needing to trust the agent's current state.
Why it matters
This gets to the heart of a core problem for agentic governance: how do you trust an autonomous entity? By shifting the trust anchor from the agent's ongoing behavior (which can be unpredictable) to a verifiable, immutable record of its creation, this proposal offers a path toward cryptographic, rather than behavioral, trust. For a DAO operator, this is a critical primitive. It means an agent could be granted permissions based on a verifiable 'birth certificate' that proves it was created by a trusted entity with specific constraints, forming a robust foundation for secure and auditable delegation within an autonomous organization.
The author contrasts this approach with traditional session tokens, arguing that for truly autonomous agents that operate without a human in the loop, the trust must be rooted in a verifiable, non-repudiable event. This concept complements emerging standards for agent identity by providing a specific mechanism to make the agent's initial authorization cryptographically provable.
As AI agents increasingly gain the ability to initiate transactions, a new paradigm for crypto wallets is emerging to manage their autonomy securely. An analysis on Friday highlights consensus among experts that traditional, human-centric wallets are inadequate. The new models focus on tiered authorization, session keys, programmable spending caps, and whitelisted contract interactions. These features are designed to give agents the scoped permissions they need to operate without granting them unrestricted access to all of a wallet's funds.
Why it matters
This is the practical, rubber-meets-the-road implementation of AI agent governance. For a DAO, securing an agent that helps manage its treasury isn't just about smart contract logic; it's about the security of the agent's own 'wallet.' The development of agent-native wallets with features like session keys and spending limits is a critical piece of infrastructure. It provides DAO operators with concrete tools to enforce policy and limit risk when delegating financial responsibility to autonomous systems.
Experts quoted in the article emphasize that the goal is not to eliminate agent autonomy but to bound it safely. The discussion also touches on the role of decentralized identifiers (DIDs) and account abstraction (ERC-4337) as enabling technologies for these more sophisticated wallet architectures.
A federal judge on Saturday cleared the way for the Aave DAO to conduct an on-chain governance vote regarding $71 million in Ether linked to a North Korean-backed hack. The ruling modifies a prior restraining notice that had frozen the assets on Arbitrum. While the funds will remain subject to a legal freeze due to claims from separate plaintiffs, this decision allows Aave to move forward with its internal governance process for recovery efforts.
Why it matters
This ruling represents a significant, albeit nuanced, acknowledgment of on-chain governance by a traditional court. By allowing the DAO's vote to proceed while maintaining a legal hold on the funds, the court is threading the needle between respecting a decentralized protocol's internal mechanics and upholding external legal obligations. For DAO legal teams, this case sets a crucial precedent. It demonstrates that courts may be willing to accommodate on-chain processes, but it also affirms their ultimate authority, creating a complex hybrid governance model where DAO decisions are subject to judicial oversight.
This case follows Aave's earlier challenge to the court's order freezing funds on Arbitrum. The current ruling is seen as a partial victory for Aave, enabling its governance to function, but it keeps the core legal dispute over the funds unresolved. The involvement of terrorism victims as plaintiffs adds another layer of legal complexity.
Following up on the suspicious Tornado Cash governance proposal flagged by security researchers last week, new analysis shows the malicious payload targets approximately $23 million worth of TORN tokens. The unverified contract code was submitted by an address funded via the privacy tool Railgun, masking the attacker's origins and confirming the severe risk token-weighted voting systems face from anonymous exploits.
Why it matters
This incident serves as another stark reminder of the inherent vulnerabilities in on-chain governance, a recurring threat vector for DAOs. Even for a project as security-focused as Tornado Cash, the governance process itself can be the attack surface. For DAO operators, this highlights the absolute necessity of rigorous, mandatory, and independent code verification for all executable proposals before they go to a vote. It demonstrates that social consensus and token-weighted voting are insufficient defenses against sophisticated technical attacks targeting the treasury.
Blockchain security researcher Sergey Shemyakov was among the first to sound the alarm, pointing to the combination of unverified code and privacy-tool funding as major red flags. This event is similar to past governance attacks on other protocols, where malicious proposals are used to grant the attacker control over treasury funds.
The fallout from a massive $292 million bridge hack has escalated into a public dispute, with Kelp DAO accusing infrastructure provider LayerZero of being responsible. In a Saturday blog post, Kelp claims LayerZero approved a vulnerable '1-of-1 verifier' security setup that led to the exploit, allegedly carried out by North Korean hackers. Kelp DAO released Telegram messages as evidence, which appear to contradict LayerZero's initial post-mortem that blamed Kelp for deviating from recommended security practices.
Why it matters
This blame game highlights a critical and unresolved issue in DeFi: where does liability lie when shared infrastructure is compromised? For DAOs that rely on third-party protocols for core functions like cross-chain bridging, this case is a cautionary tale. It underscores the ambiguity of responsibility between infrastructure providers and the protocols that build on them. The outcome could set a precedent for how security assurances are made and how liability is assigned in the event of an exploit, forcing DAOs to conduct deeper due diligence on the security models of their dependencies.
Kelp DAO's post positions them as a victim of poor security advice and a flawed default setting from LayerZero. LayerZero's prior statements have maintained that their protocol was secure and the vulnerability lay in Kelp's specific implementation. The dispute is now playing out in the public sphere, with both sides presenting their evidence to the community.
Coinbase's Layer 2 network, Base, experienced a nearly two-hour complete outage on Thursday after its centralized sequencer failed to process a single invalid block. The consensus failure halted all block production across the network. While no funds were lost and the network was eventually restored, the incident has brought the operational risks of centralized L2 architectures into sharp focus, particularly as Base is a key component of Coinbase's strategy and a growing hub for the agent economy.
Why it matters
For DAO operators and protocols built on Layer 2s, this outage is a stark reminder of the trade-offs between speed, cost, and true decentralization. A single point of failure in a centralized sequencer can bring an entire ecosystem to a standstill, undermining the promise of unstoppable applications. This event directly challenges the narrative of L2s as fully decentralized scaling solutions and should prompt any governance strategist to re-evaluate dependency risks and demand a clearer roadmap toward sequencer decentralization from the L2s they utilize.
Base's head of engineering, Jesse Pollak, provided a post-mortem explaining the technical cause of the consensus issue. The broader community response has revived long-standing debates about whether L2s with centralized sequencers can be considered sufficiently decentralized for high-value applications, with some critics labeling them 're-centralized' sidechains.
The Ethereum Foundation's shift toward 'subtraction' that we've been covering now has hard numbers attached: a confirmed 20% workforce reduction and 40% budget cut. This formalizes the $30 million annual core development funding gap previously projected by Trent Van Epps, intensifying the ongoing community debate over controversial solutions like the proposed 'validator tax'.
Why it matters
This is a pivotal moment for Ethereum's governance. The EF's move away from a central coordinating role is a deliberate act of decentralization, but it creates a power vacuum and a funding crisis that the ecosystem itself must now solve. For DAO strategists, this is a real-time experiment in decentralized governance at the highest level. The success or failure of community-led funding initiatives, like the proposed 'validator tax,' will determine the protocol's ability to evolve and maintain its security, setting a precedent for how large-scale open-source infrastructure can sustain itself without a central benefactor.
ConsenSys founder Joe Lubin endorsed the EF's shift, arguing the foundation should focus narrowly on core stewardship. In contrast, a new proposal on the ethresear.ch forum for 'validator redirected revenue' represents a more radical, protocol-level solution to the funding gap, sparking its own fierce debate about validator cartelization and economic centralization.
Ethereum's next major upgrade after Glamsterdam, codenamed Hegota, is slated to introduce Verkle trees, a significant data structure change that will replace the current Merkle Patricia Tries. This technical shift, targeted for the second half of 2026, is designed to drastically reduce proof sizes to under 150 bytes, which will in turn enable stateless Ethereum nodes. Statelessness removes the need for validators to store the entire chain state, dramatically lowering hardware requirements for network participation.
Why it matters
The implementation of Verkle trees is a crucial step toward solving Ethereum's state bloat and ensuring its long-term decentralization. For governance, the implications are direct: by making it easier and cheaper to run a validating node, the upgrade could significantly increase the number and diversity of network participants. This helps counteract centralizing pressures from staking pools and large institutional validators, strengthening the resilience and censorship-resistance of the base layer upon which all DAOs and on-chain governance systems depend.
Ethereum core developers see this as a fundamental architectural improvement necessary for the network's scalability roadmap. The move to stateless nodes has been a long-term goal, and Verkle trees are the key enabling technology.
Cardano's on-chain governance model is seeing active progress, according to a weekly update from Intersect on Friday. The 'van Rossem' hard fork is nearing final ratification with strong support from delegate representatives (DReps). In parallel, the election timeline for the new Constitutional Committee has been revised to allow for more thorough credential verification of candidates. The ecosystem also launched a new monthly collaboration call for DReps to share resources and best practices.
Why it matters
These developments demonstrate the maturation of a large-scale, decentralized governance system in practice. The formalization of processes like candidate credentialing and the creation of forums for delegate collaboration are crucial for the operational health and legitimacy of any DAO. For governance strategists, Cardano's experience offers a valuable case study in scaling delegate-based systems, fostering an informed delegate class, and managing the logistics of constitutional evolution on-chain.
The update also noted the launch of the 'Musashi Dojo' testnet for the Leios scaling protocol, indicating that technical development is proceeding alongside the governance advancements.
A pair of academic papers, with final versions submitted for July 3, aim to create a formal semantic framework for protocol-governed systems. The research details how 'behavioral law' is represented in ratified protocol artifacts, defining concepts like artifact identity, version immutability, and referential integrity. A companion paper formalizes the execution mechanics, showing how this ratified law is deterministically enforced at runtime through a compilation and execution engine.
Why it matters
This research provides a rigorous theoretical foundation for what many in Web3 practice intuitively: the idea of 'code is law.' By formalizing the entire lifecycle—from governance and ratification of behavioral rules to their deterministic on-chain enforcement—this work offers a blueprint for building more robust, predictable, and auditable autonomous organizations. For a governance strategist, these frameworks can inform the design of next-generation governance tooling that is not just functional but provably correct and secure.
The papers build on previous work on the structural taxonomy and governance lifecycle of protocols, aiming to complete the formalization of the entire system. They provide a language for specifying and verifying the behavior of complex decentralized systems.
Global fintech platform Airwallex announced on Friday it has raised a $320 million Series H round, bringing its valuation to $11 billion. A significant portion of the new capital is earmarked for accelerating development in autonomous finance and agentic commerce. The company also unveiled T:0, an AI-native financial platform, and Airi, an agentic consumer wallet, signaling a deep strategic commitment to the agent economy.
Why it matters
Airwallex's massive fundraise and explicit focus on 'autonomous finance' represents a significant injection of traditional venture capital into the race to build the agent economy's financial layer. While crypto-native protocols like x402 have been pioneering this space, Airwallex's entry with deep funding validates the market opportunity and introduces a formidable competitor. For Web3 strategists, this reinforces the need to build robust, open, and interoperable agent payment rails to compete with polished, well-funded TradFi alternatives.
Airwallex is positioning its new products as a comprehensive AI-native financial stack for businesses. This move places it in direct competition with both established payment giants and emerging Web3 protocols aiming to facilitate machine-to-machine payments.
On Friday, the company Proof launched x401, a new open protocol designed to complement the x402 payment protocol. While x402 handles payments, x401 focuses on verifying the identity and authorization behind an AI agent. It is designed to be an issuer-neutral standard that allows a service to cryptographically confirm *who* or *what* authorized an agent to act before executing a sensitive transaction, like signing a document or transferring funds.
Why it matters
This is a critical piece of missing infrastructure for the agent economy. A payment rail (x402) is useful, but a verifiable authority rail (x401) is what unlocks high-stakes, trust-required interactions. For autonomous organizations, this is fundamental. It provides a standardized way to answer the question: 'Does this agent really have the right to drain the treasury or sign this legal contract?' By creating an open standard for authorization, x401 could become a foundational layer for secure delegation and accountability in both agent-to-agent and agent-to-human interactions.
Proof is positioning x401 as the 'missing link for trust' in the agent ecosystem. The protocol's success will depend on its adoption by wallets, services, and other agent platforms. Its issuer-neutral design is a strategic choice to encourage broad industry support.
GenBrain AI, the company behind the agent.ceo platform, on Saturday detailed its enterprise architecture for running 'Cyborgenic Organizations' in private, secure environments. The architecture is designed to meet strict requirements for data residency, auditable logging, and compliance for regulated industries like finance and government. The platform can be deployed on-premise or in a customer's own cloud infrastructure, with options for fully air-gapped operations for maximum security.
Why it matters
This represents the maturation of agentic platforms from cloud-native toys to enterprise-grade, sovereign infrastructure. For a DAO seeking to operate with a high degree of autonomy and security, the ability to run a fully-featured agent orchestration platform within its own controlled environment is a critical capability. It addresses key concerns around data privacy, regulatory compliance, and operational resilience, providing a technical path for an autonomous organization to achieve true digital sovereignty without relying on third-party cloud providers.
The platform's support for SSO and private networking indicates a clear focus on integrating with existing enterprise IT. The air-gapped deployment option is particularly notable, catering to the most security-conscious organizations.
CLARITY Act's Final Form Takes Shape Amid Intense Negotiation A flurry of activity around the CLARITY Act reveals its key battlegrounds: developer safe harbors (Sec. 604), which remain contentious, and a newly surfaced provision restricting stablecoin yields. While a White House adviser signals progress, the debate between Senator Lummis's intent to protect DeFi developers and critics' concerns over money transmitter definitions shows the legislation's final impact is still in flux.
MiCA's Go-Live Date Forces EU Market Consolidation The July 1 enforcement of MiCA is no longer a future event, but a present reality forcing major operational shifts. Binance's confirmation that it will suspend services in unlicensed EU countries marks the first major consequence, while compliant competitors like Kraken are positioned to benefit. The regulation is actively reshaping the European competitive landscape.
Agent Identity Infrastructure Moves Beyond Wallets The conversation around agent security is maturing, moving from wallet-level controls to foundational identity primitives. New analyses and proposed standards focus on verifiable enrollment receipts, issuer-neutral authority protocols (x401), and persistent identity layers. This shift recognizes that true agent autonomy requires a robust, portable, and verifiable identity that can be trusted across platforms and protocols.
Base Outage Reignites L2 Centralization Debate A two-hour outage on Coinbase's Base network, caused by a single invalid block, has put the operational risks of centralized sequencers back in the spotlight. The incident serves as a stark reminder for DAO operators and protocols relying on L2s that many of these solutions have not yet achieved true decentralization, presenting single points of failure that can halt network activity.
Ethereum's Funding and Governance Model Undergoes Foundational Stress Test Concurrent with the Ethereum Foundation's strategic downsizing, new proposals are emerging to address a potential core development funding gap. A proposal for a validator-redirected revenue stream ('validator tax') highlights the search for new, sustainable funding models, shifting responsibility from a central entity to the protocol's economic actors.
What to Expect
2026-07-01—The EU's Markets in Crypto-Assets (MiCA) regulation transitional period ends, requiring all Crypto Asset Service Providers (CASPs) to be licensed to operate in the EEA.
2026-07-03—Submission date for academic papers formalizing the semantics of protocol artifacts, including behavioral specifications and deterministic enforcement, providing a theoretical framework for 'protocol as law'.
2026-07-24—Deadline for public comments on the Reserve Bank of India's draft guidance for AI model risk management, which includes mandatory 'kill switches' for financial institutions.
Fall 2026—A crypto tax bill could be ready for markup in the U.S. Senate, aiming to provide statutory clarity for staking, mining, and small transactions.
November 2026—Cardano's Leios scaling protocol mainnet hard fork is targeted, following the public testnet phase.
How We Built This Briefing
Every story, researched.
Every story verified across multiple sources before publication.
🔍
Scanned
Across multiple search engines and news databases
399
📖
Read in full
Every article opened, read, and evaluated
145
⭐
Published today
Ranked by importance and verified across sources
20
— The Quorum Room
🎙 Listen as a podcast
Subscribe in your favorite podcast app to get each new briefing delivered automatically as audio.
Apple Podcasts
Library tab → ••• menu → Follow a Show by URL → paste