DeFi Faces Critical Threat With AI Reaching ‘Superhuman’ Hacking Capabilities, Security Chief Warns

TL;DR:

• OpenZeppelin CEO Manuel Aráoz warned that all of DeFi is unsafe because AI coding agents are becoming superhuman at finding smart contract vulnerabilities.
• DeFi’s total value locked has dropped by more than $20B this year, while over $1.1B was lost to hacks in 365 days.
• Kelp DAO and Step Finance showed the damage, as AI tools may weaponize public code faster than defenders can respond across ecosystems.

Manuel Aráoz, CEO of OpenZeppelin, delivered an unusually stark warning for decentralized finance: he now considers all of DeFi unsafe. His argument is not that smart contracts suddenly became fragile, but that artificial intelligence has changed the attacker’s leverage. The central concern is asymmetric security at machine speed, because defenders must find and fix every flaw while attackers need only one exploitable bug to drain funds. The warning lands as DeFi’s total value locked has fallen by more than $20B this year, putting technical risk directly beside shrinking market confidence.

PSA: I now consider *all* of DeFi unsafe.

Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric: defenders need to fix every bug while attackers need just one exploit to steal funds.

— Manuel Aráoz (@maraoz) May 26, 2026

AI turns smart contract transparency into a liability

The timing is difficult to dismiss. More than $1.1B has been lost to DeFi hacks over the past 365 days, with recent incidents showing how quickly one weakness can contaminate confidence across protocols. April’s $292M Kelp DAO exploit exposed risks around cross-chain infrastructure, while Solana-based Step Finance shut down earlier this year after a $27M exploit left the project unable to recover. The damage is no longer theoretical or isolated, and each headline makes the sector’s promise of open, composable finance look more exposed to adversaries with better tools.

The AI dimension makes the warning sharper. Anthropic has said its restricted Claude Mythos model can autonomously discover software vulnerabilities and develop working exploits at a level surpassing existing automated tools. For DeFi, that raises an awkward contradiction: public code enables verification, but it also gives AI systems a permanent map of possible attack surfaces. Transparency, long marketed as DeFi’s strength, may become operational exposure, especially if machine systems can scan contracts, identify flaws and weaponize them faster than human teams can audit, patch or coordinate defensive responses across ecosystems.

That does not mean DeFi is finished, but it does reset the risk conversation. Security can no longer be treated as a final audit before launch, or as a marketing badge attached to total value locked. The new baseline is continuous adversarial defense, with protocols needing faster monitoring, hardened upgrade processes and realistic assumptions about AI-assisted attackers. Aráoz’s warning is severe precisely because it comes from inside crypto security. If coding agents are now superhuman at finding vulnerabilities, DeFi’s next competitive advantage may be survival, not yield, scale or composability under conditions where public code can be indexed instantly by machines now.