OpenZeppelin CEO warns AI makes DeFi unsafe as hacks top $1 billion

OpenZeppelin co‑founder Manuel Aráoz announced on X that he now considers “all of DeFi unsafe” because AI‑driven coding agents can locate contract vulnerabilities faster than defenders can patch them [1]. His warning comes as DeFi’s total value locked has fallen by more than $20 billion this year and over $1.1 billion has been lost to exploits in the past twelve months [3].

Key takeaways

• AI coding agents can autonomously discover and exploit smart‑contract flaws, creating a “superhuman” attacker advantage [1].
• DeFi hacks have cost over $1.1 billion in the last year, including a $292 million Kelp DAO breach and a $27 million Step Finance exploit [1].
• TVL across DeFi protocols dropped roughly 14% since mid‑April, falling from about $172 billion to $148 billion [2].
• April alone saw $629.7 million stolen, driven by attacks on Drift Protocol and Kelp DAO [2].
• Aráoz advises friends and family to withdraw even from “low‑risk blue chips” such as Aave, Compound and MakerDAO [2].

AI‑powered attackers outpace defenders

Aráoz’s post emphasizes an asymmetry: defenders must identify and fix every bug in complex smart‑contract code, while an AI‑augmented attacker needs only a single exploitable flaw to drain funds [1]. He cites Anthropic’s restricted Claude Mythos model, which the company claims can autonomously discover software vulnerabilities and generate working exploits that surpass existing automated tools [1]. This shift threatens the core security model of DeFi, which was built on the assumption that human attackers operate at human speed.

The timing of the warning aligns with a series of high‑profile exploits. In April, the Kelp DAO bridge suffered a $292 million loss, highlighting how cross‑chain vulnerabilities can cascade across the ecosystem [1]. Earlier in the year, Solana‑based Step Finance was forced to shut down after a $27 million breach [1]. Additional incidents reported in May include an $11.6 million breach on Verus Network’s Ethereum bridge and a $573,200 exploit on Polymarket linked to a compromised private key [2].

Market impact and industry response

DeFi’s total value locked (TVL) has contracted by more than $20 billion this year, a decline reflected in a 14% drop from mid‑April’s peak of roughly $172 billion to about $148 billion now [2]. The sector’s confidence has been further eroded by a record‑high $629.7 million stolen in April alone, the worst month since the February 2025 Bybit hack [2]. While OpenZeppelin acknowledges that AI is both a threat and a potential defensive tool, the firm’s leadership stresses that current security practices may no longer keep pace with AI‑driven attacks [3].

Why it matters

The convergence of AI‑enhanced hacking tools and a shrinking DeFi ecosystem raises fundamental questions about the viability of on‑chain finance. If publicly available smart‑contract code can be scanned and weaponized at machine speed, the transparency that once distinguished DeFi could become a liability. Aráoz’s call to exit all DeFi protocols underscores the urgency for the industry to develop new defensive mechanisms, possibly integrating AI for detection and response. Until such solutions mature, investors and users may face heightened risk, prompting a reassessment of exposure to decentralized finance.