OpenZeppelin Founder Says All of DeFi Is Unsafe Now
What happens when the person who built DeFi's top security firewall tells you to get your money out?
That is exactly what Manuel Aráoz, co-founder of OpenZeppelin, did this week. He posted publicly that all DeFi is unsafe — and said he personally told his friends and family to exit every DeFi position they hold. This is not a random Twitter warning. Aráoz helped build OpenZeppelin, the security firm that has audited Aave, Compound, MakerDAO, Uniswap, and Coinbase. When he speaks, the world listens. And right now, he is saying is unsafe.
Source: X Account
Aráoz pointed to two specific reasons in his post on X. First, AI coding agents have now reached superhuman capability in finding smart contract vulnerabilities. Second, the security game in is deeply asymmetric — attackers only need to find one hole, while defenders must seal every single one.
That asymmetry has always existed. But AI changes the scale entirely. An AI agent does not get tired. It scans thousands of contracts simultaneously. It finds edge cases a human auditor would miss after 12 hours of work. A purpose-built AI security agent now detects vulnerabilities in 92% of exploited DeFi contracts tested, covering $96.8 million in exploit value across 90 real-world cases — far surpassing human-only detection rates.
The same tools that defenders use to find bugs can also be used by attackers. Prior research from Anthropic and OpenAI shows AI agents can execute end-to-end smart contract exploits at low cost, confirming that offensive AI capabilities are scaling faster than defensive adoption. The tools built to protect DeFi are now being turned against it.
Here is the dangerous reality: AI does not just find old bugs. It finds new ones—fast. Frontier AI agents now execute end-to-end exploits on 72% of known vulnerable contracts, according to Cecuro security researchers. That number was unimaginable two years ago. It is real today.
This matters because it is unsafe not just in theory—the losses are piling up in 2026 at a historic pace. In the first five months of 2026 alone, more than $840 million was lost to DeFi hacks, with April accounting for over $600 million stolen. The two biggest attacks were the $292 million KelpDAO exploit and the $285 million Drift Protocol breach.
North Korea-linked actors accounted for 76% of global crypto hack losses through April 2026, up from 64% in 2025 and under 10% in 2020, according to TRM Labs. These are not amateur hackers. They are well-funded, AI-assisted teams that operate with professional precision. Every week without an exploit is not safety. It is borrowed time.
The data behind Aráoz's warning is hard to argue with.
DefiLlama's cumulative tracker puts total crypto hack losses over the past decade at $17 billion, covering more than 500 hacks. That is not a rounding error. That is a systemic pattern.
Year | DeFi Losses | Notable Exploit |
2024 | $2.85 billion | Access control failures (multiple protocols) |
2025 | $3.4 billion | Bybit — $1.5B single breach |
2026 (to May) | $840 million+ | KelpDAO $292M, Drift $285M |
TRM Labs' 2026 Crypto Crime Report confirms that 2025 hack losses hit $2.87 billion, with the Bybit compromise alone at $1.46 billion — over half the full year's total. And 2026 is pacing worse on a per-month basis.
Aráoz's point about asymmetry is visible in every one of these numbers. Audits cost money. They take weeks. They cover the code that exists today — not the version an attacker manipulates tomorrow. Smart contract exploits cost the industry $3.8 billion across 2024 and 2025 in cases that researchers now believe could have been prevented with better tooling.
The man who built one of the industry's best audit firms is now saying his own tools are no longer enough.
The Aráoz warning is not a call to abandon crypto. It is a structural alert. It is unsafe in its current form because the threat model has changed. AI has shifted the offensive edge to attackers in a way that traditional audits cannot keep pace with.
The industry response is already forming. OpenZeppelin has launched Skills — a system giving AI coding agents authoritative knowledge of audited smart contract libraries to prevent insecure patterns at the point of development. That is defense shifting earlier in the development pipeline. But it is not yet a complete answer.
Analysts say It's long-term survival depends on three changes: real-time on-chain monitoring with auto-pause capability, formal verification at scale, and governance systems that can respond to exploits in minutes rather than hours. Until those become standard, users face a market where it is unsafe by architecture — not by accident.
The era of "audit it and ship it" is over. What replaces it will define whether DeFi survives this decade.
Manuel Aráoz spent years building the tools that kept It standing. His warning that DeFi is unsafe is not fear — it is firsthand knowledge. With $840 million lost in five months, AI agents finding exploits at superhuman speed, and Aráoz personally moving friends and family out of DeFi positions, the message is clear. The game has changed. The question now is whether the industry can change faster than the attackers already have.
YMYL Disclaimer — Your Money, Your Life This article is for informational and educational purposes only. It does not constitute financial advice, investment guidance, or a recommendation to enter or exit any DeFi position.
