OpenZeppelin CEO: AI Agents Now 'Superhuman' at Hacking DeFi
OpenZeppelin CEO Manuel Araoz warns all DeFi is unsafe as AI coding agents become superhuman at finding exploits. With $1.1B lost to hacks in a year and Anthropic's Claude autonomously discovering vulnerabilities, DeFi's transparency may turn into a fatal liability.
Quick Take
Manuel Araoz: AI coding agents are superhuman at finding DeFi vulnerabilities.
Over $1.1B lost to DeFi hacks in the past 365 days, including Kelp DAO's $292M.
Anthropic's Claude Mythos model autonomously discovers exploits, heightening risks.
DeFi's public code could become a liability as AI outpaces human patching.
Market Impact Analysis
BearishWarning from a leading security firm that AI can exploit DeFi vulnerabilities could shake confidence in the sector, potentially accelerating TVL outflows and depressing DeFi token prices.
Speculation Analysis
Key Takeaways
- OpenZeppelin CEO Manuel Araoz declared all of DeFi unsafe, warning that AI coding agents now possess superhuman abilities to uncover smart contract bugs.
- Over $1.1 billion was drained from DeFi protocols in the last 365 days, with high-profile exploits like the $292 million Kelp DAO breach eroding trust.
- Anthropic’s Claude Mythos model can autonomously find vulnerabilities and build exploits, escalating the arms race between attackers and defenders.
- DeFi’s total value locked has cratered by more than $20 billion year-to-date, driven by both market downturns and a relentless wave of security failures.
What Happened
OpenZeppelin CEO Manuel Araoz issued a stark warning on X: coding agents have become “superhuman” at finding vulnerabilities, rendering all decentralized finance unsafe. His statement came as DeFi continues to bleed from exploits, and as AI lab Anthropic disclosed that its restricted Claude Mythos model can autonomously discover software flaws and craft working exploits. The convergence of AI prowess and DeFi’s transparent, immutable codebase threatens to upend the sector’s security paradigm.
The Numbers
DeFi exploits have cost users $1.1 billion over the past 12 months. The single largest hit was Kelp DAO’s $292 million loss in April, exposing weaknesses in cross-chain infrastructure. Solana’s Step Finance shuttered after a $27 million attack left it insolvent. Meanwhile, total value locked across DeFi protocols has tumbled by over $20 billion since January, reflecting growing investor unease.
Why It Happened
The asymmetry of smart contract security remains the core issue: defenders must patch every flaw, but attackers need just one. AI agents now accelerate the attacker side, scanning public codebases for vulnerabilities far faster than human auditors can review them. Anthropic’s own tests showed its model outperforming existing automated tools, confirming that the threat level has fundamentally increased.
Broader Impact
Araoz’s alert may accelerate capital flight from DeFi, as the sector’s foundational transparency becomes a liability. Protocols will face pressure to adopt AI-augmented defenses or formal verification methods. Regulators may also seize on the risk to demand stricter security standards.
What to Watch Next
- How quickly AI-powered exploit tools evolve and whether DeFi teams can deploy countermeasures like continuous AI-driven audits.
- Shifts in total value locked as risk-averse investors rotate out of DeFi into safer assets.
- Announcements from major protocols or security firms about new AI-based defense systems.
Always late to trends?
Join for the latest news, insights & more.
Disclaimer: Bytewit is an independent media outlet that delivers news, research, and data.
© 2026 Bytewit. All Rights Reserved. This article is for informational purposes only.
