Decentralized finance, once hailed as the future of transparent and permissionless finance, is facing an existential threat from artificial intelligence. Manuel Aráoz, the co-founder and former chief technology officer of OpenZeppelin—the cybersecurity firm that has audited some of the most prominent blockchain projects—has declared that DeFi is no longer safe. His reason: AI coding agents have evolved beyond human capabilities and can now discover and exploit vulnerabilities in smart contracts at a speed and scale that outstrips any human-led security effort.

The warning from a pioneer

Aráoz, who left OpenZeppelin in 2019, spoke candidly in a recent interview. He stated that the rise of AI models capable of autonomously writing and fuzzing code has fundamentally altered the threat landscape. “I now consider all of DeFi unsafe,” Aráoz said. “The AI agents we are seeing today are superhuman at hunting for bugs. They don’t get tired, they don’t miss obscure edge cases, and they can iterate millions of times faster than any human auditor.” OpenZeppelin itself built the industry standard for smart contract security—the OpenZeppelin library used by countless projects. Aráoz’s departure from the firm came years before the current AI boom, but his perspective carries the weight of deep technical expertise.

The warning is not abstract. In the past 12 months, the DeFi sector has lost more than $1.1 billion to hacks, including high-profile exploits at Kelp DAO and Step Finance. Meanwhile, the total value locked in DeFi protocols has plummeted by over $20 billion this year, partly due to market conditions but also due to eroding trust. Aráoz’s comments suggest that the root cause is not just market cycles but a structural vulnerability that is accelerating faster than the industry can adapt.

How AI became a superhuman hacker

The key development is the emergence of advanced AI coding agents. One example cited by Aráoz is Anthropic’s restricted Claude Mythos model, which is designed to be contained but has demonstrated the ability to autonomously discover software vulnerabilities and even weaponize them. Unlike earlier automated tools that relied on static analysis or pattern matching, modern AI agents use large language models trained on vast codebases and exploit databases. They can reason about code logic, simulate attack vectors, and generate novel exploits—all without human guidance.

This is not a theoretical risk. In controlled experiments, AI agents have outperformed professional human bug bounty hunters in both speed and the number of vulnerabilities found. The transparency of blockchain code—which is publicly visible on-chain—makes DeFi an especially attractive target. While transparency was once a selling point for trustlessness, it now provides AI hackers with an open book of potential weaknesses. Smart contracts, once deployed, cannot be easily modified, and many projects lack the resources to patch vulnerabilities as quickly as an AI can find them.

Aráoz emphasized that the problem is compounded by the sheer volume of DeFi protocols. Thousands of contracts are launched each month, many by teams with limited security budgets. “Even if you have the best human auditors, they can only cover a fraction of the code being deployed,” he said. “AI agents can scan every new contract on every chain in real time. It’s a fight between humans and machines, and the machines are winning.”

The broader landscape: Quantum and AI intersect

The alarm raised by Aráoz is part of a wider pattern of security concerns in the blockchain industry. In a related development, Andrew Gault, a venture capitalist who backed quantum computing hardware research, warned that the most urgent quantum threat may not be wallet keys but the encrypted data already being intercepted and stored for future decryption—a “harvest now, decrypt later” strategy. Meanwhile, CertiK’s CEO recently called the mass deployment of AI agents “a disaster waiting to happen.” These voices together paint a picture of an industry racing to keep up with dual technological revolutions that are eroding the foundations of digital security.

The intersection of AI and quantum computing is particularly concerning. AI models that can break smart contracts today could eventually be paired with quantum algorithms capable of breaking the cryptography that underpins blockchain itself. Although practical quantum computers are still a few years away, experts argue that the data being harvested now will one day be decrypted, exposing past transactions and private keys.

Historical context: From OpenZeppelin to today

OpenZeppelin was founded in 2015 by Manuel Aráoz, Demian Brener, and others. The company quickly became the gold standard for smart contract auditing, having verified many of the largest initial coin offerings and DeFi protocols. Aráoz served as CTO until 2019, when he left to pursue other interests. His departure occurred before the current generation of large language models, but he has remained a close observer of blockchain security. In his view, the advent of AI agents is the most disruptive change since the creation of Ethereum itself.

“When we started OpenZeppelin, the goal was to provide a formal verification layer for smart contracts,” Aráoz recalled. “We believed that if you wrote clean code and audited it thoroughly, you could achieve reasonable security. But AI changes the speed of the game. No human team can compete with a system that can generate and test thousands of potential exploits every second.”

The situation is reminiscent of earlier crises in blockchain security, such as the 2016 DAO hack or the 2022 Terra collapse, but Aráoz argues that this one is different. “Previous hacks were about specific bugs or protocol failures,” he said. “This is about the entire paradigm of trusting code. If AI can break any contract faster than humans can fix it, then the trust model of DeFi collapses.”

Responses from the industry

Not everyone agrees that the situation is hopeless. Many security firms are investing in AI-driven defense tools. For example, some companies are developing AI-powered fuzzers that can test contracts more thoroughly than traditional methods. Others are exploring formal verification with machine learning assistance. However, Aráoz is skeptical that defensive AI can keep pace with offensive AI, especially given that attackers only need to find one flaw while defenders must find all of them.

The broader market reaction has been cautious. DeFi total value locked has fallen to levels not seen since 2021, and major protocols are increasingly moving toward centralized oversight mechanisms or insurance pools. Even large projects like Hyperliquid, which recently drew praise from ICE CEO Jeffrey Sprecher for being bigger than NASDAQ in terms of trading volume, face scrutiny over their security posture.

Regulators are also taking note. The U.S. Commodity Futures Trading Commission recently opened the door for crypto perpetual markets, but with conditions that include stronger cybersecurity measures. The Securities and Exchange Commission, meanwhile, has been debating the CLARITY Act, which would potentially regulate stablecoin rewards, with JPMorgan CEO Jamie Dimon warning that banks will not accept them without proper safeguards.

The cumulative effect of these trends is a reckoning for the crypto industry. If Aráoz is correct, the very premise of trustless, on-chain finance is under threat from an intelligence that is no longer human. The coming years will test whether the industry can evolve its security models fast enough—or whether DeFi will remain a playground for superhuman AI hackers.

Source: Coindesk News