OpenZeppelin CEO Manuel Araoz said he now considers “all” of decentralized finance (DeFi) unsafe because AI-powered coding agents have become “superhuman” at finding vulnerabilities in smart contracts.
The stark warning from one of crypto’s top security executives comes as DeFi’s total value locked has dropped by over $20 billion since the start of the year, battered by a steady stream of exploits that continue to test confidence in onchain finance.
“All of DeFi Is Unsafe”
Araoz made the statement in a widely circulated post on X on May 26, writing: “PSA: I now consider *all* of DeFi unsafe. Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric: defenders need to fix every bug while attackers need just one exploit to steal funds.”
The warning is particularly notable coming from the CEO of OpenZeppelin, the company behind the most widely used smart contract security system in the industry. OpenZeppelin’s smart contract libraries underpin thousands of DeFi protocols and have been audited by nearly every major project in the space.
The Numbers Behind the Warning
DefiLlama data shows that more than $1.1 billion has been lost to DeFi hacks over the past 365 days. The largest single incident was April’s $293 million Kelp DAO exploit, which exposed how vulnerabilities in cross-chain infrastructure can quickly spill into the broader system.
Solana-based Step Finance shut down earlier this year after a $27 million exploit left the project unable to recover. The pace of attacks has accelerated in 2026, with security researchers documenting several high-value exploits per month on average.
AI’s Growing Role in Crypto Attacks
Araoz’s comments arrive alongside a growing body of evidence that AI systems are becoming increasingly capable of autonomously discovering and exploiting software vulnerabilities.
Anthropic has warned that its restricted Claude Mythos AI model can autonomously discover software vulnerabilities and develop working exploits at a level the company says surpasses existing automated tools. This raises uncomfortable questions for DeFi, whose core security model was designed around human attackers operating at human speed.
DeFi’s transparency – long marketed as a strength – could become a liability if AI systems can scan publicly available smart contract code, identify weaknesses, and weaponize them faster than defenders can patch them.
Araoz’s argument centers on the asymmetric nature of smart contract security. Even a single undiscovered vulnerability in any protocol can lead to total loss of user funds. As AI systems improve at finding these needles in haystacks, the odds increasingly favor attackers.
Industry Reaction
The warning has sparked intense debate across the crypto industry. Some security researchers argued that Araoz’s statement was overly alarmist, noting that formal verification tools and AI-powered defensive systems are also improving. Others pointed to the Kelp DAO hack and the recent $3.2 million SquidRouterModule exploit on Gnosis Safe wallets as evidence that the threat is real and escalating.
Coinbase’s Ethereum Layer 2 network Base took a different approach, launching “Base MCP” – a new AI integration that lets users connect their crypto wallets to AI tools like ChatGPT and Claude. The product allows AI systems to send funds, swap tokens, track portfolios, and interact with DeFi apps using simple chat prompts – deeply embedding AI into DeFi’s infrastructure.
What This Means for DeFi Users
For everyday DeFi users, Araoz’s warning raises difficult questions. If the industry’s top security expert says all DeFi is unsafe, what practical steps can users take?
Security best practices suggest diversifying across protocols, limiting exposure to any single platform, using hardware wallets, and staying informed about recent security audits. However, Araoz’s core argument is that these precautions may ultimately be insufficient against AI-driven attackers.
FAQ
What did the OpenZeppelin CEO say about DeFi?
OpenZeppelin CEO Manuel Araoz said he now considers “all of DeFi unsafe” because AI coding agents have become “superhuman” at finding smart contract vulnerabilities. He warned that defenders need to fix every bug while attackers need just one exploit.
How much has been lost to DeFi hacks in the past year?
More than $1.1 billion has been lost to DeFi hacks over the past 365 days, according to DefiLlama data. The largest incident was April’s $293 million Kelp DAO exploit.
Can AI really hack DeFi protocols?
Security researchers and AI companies including Anthropic have demonstrated that advanced AI models can autonomously discover software vulnerabilities and develop working exploits. DeFi’s transparent, public smart contract code makes it particularly vulnerable to AI-powered scanning for weaknesses.
