DeFi security expert warns all protocols unsafe as AI hacking advances

Manuel Aráoz, co‑founder of blockchain security firm OpenZeppelin, warned on May 26 that he now considers every decentralized finance (DeFi) protocol unsafe because AI‑driven coding agents can locate and exploit smart‑contract bugs faster than defenders can patch them [1].

Key takeaways

• AI coding agents are described as “superhuman” at finding vulnerabilities, creating a security asymmetry where attackers need only one flaw to steal funds [1].
• Recent DeFi hacks in April 2026 alone drained over $600 million, with Kelp DAO, Drift and Euler each losing hundreds of millions [2].
• Total DeFi value locked has fallen by more than $20 billion this year, and over $1.1 billion has been lost to hacks in the past 12 months [3].
• OpenZeppelin has not endorsed Aráoz’s call to exit DeFi; the firm continues to promote a layered risk framework and AI‑augmented audit services [1][4].
• Critics argue that most losses stem from operational errors rather than code flaws, and that timelocks, circuit breakers and future AI‑based defenses could mitigate risk [1].

AI‑powered attacks shift the security balance

Aráoz’s warning centers on a structural imbalance: defenders must identify and fix every vulnerability, while attackers need only a single exploit to siphon funds. He argues that recent advances in AI coding agents have tipped this balance dramatically, allowing machines to read smart‑contract code and generate exploits at “machine speed” [1][3]. The concern is amplified by reports that models such as Anthropic’s restricted Claude Mythos can autonomously discover and weaponize software flaws, surpassing existing automated tools [3][4].

The timing of the warning coincides with a series of high‑profile breaches. In April 2026, Kelp DAO lost $292 million, Drift $285 million, and Euler $197 million, contributing to a month‑long outflow of more than $600 million from DeFi protocols [2]. Over the past year, total losses from DeFi hacks exceed $1.1 billion, and the sector’s total value locked has dropped by over $20 billion, reflecting both market weakness and security incidents [3][4].

Industry response and OpenZeppelin’s stance

OpenZeppelin itself has pushed back on Aráoz’s exit advice. The firm released a “Four Layers of DeFi Risk” framework in May, emphasizing continuous monitoring, bug‑bounty programs, formal verification, and insurance as necessary safeguards beyond static audits [2][4]. It also launched an AI‑assisted audit subscription to complement traditional reviews, signaling confidence that defensive tools can evolve alongside offensive AI capabilities [1].

Critics of Aráoz’s position, such as Aave Chan Initiative founder Marc Zeller, argue that code flaws accounted for fewer than 10 % of DeFi losses last year, with most incidents tied to parameter misconfigurations or weak operational security [1]. Investor Jacob Franek added that high‑TVL protocols would already be drained if the AI threat were as pervasive as suggested, and he expects future AI models to aid formal verification and reduce attack surfaces [1].