Home
News
Details

DeFi Security Crisis: OpenZeppelin Founder Warns All Protocols Are Vulnerable

icon MarsBit
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
AAVE
$83.2430.12%
This is the logo of the coin.
Maker
----
This is the logo of the coin.
COMP
$18.604.02%
AI summary iconSummary

expand icon
Manuel Aráoz, founder of OpenZeppelin, has warned that all DeFi protocols are at risk due to AI-powered DeFi exploits. He advised close contacts to withdraw funds from Aave, MakerDAO, and other platforms. In April, Drift Protocol suffered a major security breach involving $2.8 billion, followed by over $100 million in losses in May. Aráoz claims that AI can now detect smart contract vulnerabilities in real time, leaving DeFi investors exposed to emerging threats.

Original | Odaily Planet Daily (@OdailyChina)

Author | Azuma (@azuma_eth)

DeFi

I believe all DeFi is no longer safe.

The statement left by OpenZeppelin founder Manuel Aráoz on X yesterday acted like a depth charge, once again shaking the DeFi market, which had already been as still as stagnant water.

DeFi

Manuel even said he has begun advising friends and family to withdraw their funds from major DeFi protocols, including blue-chip protocols like Aave, MakerDAO, and Compound, which were previously considered low-risk.

This is not alarmism from an outsider. On the contrary, Manuel himself is one of the core builders of the DeFi security ecosystem, and OpenZeppelin is one of the industry’s most widely used security audit firms, whose contract libraries, security standards, and audit frameworks permeate nearly the entire DeFi world.

The reason for Manuel’s complete shift in attitude is AI. Manuel is pessimistic that AI coding agents are exponentially improving their ability to identify and exploit smart contract vulnerabilities.

This means that issues that once took top-tier white-hat teams weeks to discover can now be scanned by AI in minutes; hackers who previously needed to spend months studying protocol logic can now have attack paths automatically analyzed by AI; what once made DeFi’s “open transparency” an advantage has now become the best training corpus for attackers.

Manuel also mentioned a more critical issue: smart contract security is inherently an extremely asymmetric game—defenders must patch all vulnerabilities, while attackers only need to find one to steal funds. After AI begins exponentially enhancing attack efficiency, this asymmetry is rapidly becoming unbalanced.

The harsh reality: DeFi has become a hacker’s ATM

Looking back at the DeFi security incidents over the past few months, you'll find that Manuel's concerns are not exaggerated.

April was almost the worst month in DeFi history.

  • On April 1st, April Fools’ Day, Drift Protocol suffered a $280 million theft due to compromised admin privileges and a multisig execution vulnerability (see “April Fools’ Joke? Drift Protocol Stolen Over $280 Million, Possibly Solana’s Second-Largest DeFi Heist”).
  • Subsequently, on April 19, Kelp DAO suffered a theft of $292 million due to a compromised bridging protocol (see “DeFi Stolen Again: $292 Million Lost—Is Aave No Longer Safe?”), with the hacker subsequently using lending protocols like Aave to launder funds, casting a shadow of bad debt and cascading effects over the entire DeFi ecosystem.

After entering May, the incidents did not decrease; instead, they further spread.

  • On May 15, THORChain was attacked, as newly joined node operators exploited a vulnerability in the GG20 threshold signature scheme (TSS) to reconstruct the vault private key and directly execute outbound transactions, resulting in losses exceeding $10 million.
  • On May 18, Verus's bridge protocol was attacked, with the attacker forging cross-chain import payloads to bypass verification and withdraw assets from the Ethereum reserve, stealing approximately $11.58 million.
  • On May 19, Echo Protocol on Monad was compromised due to a private key leak, allowing the attacker to mint 1,000 eBTC (valued at $76.7 million) and withdraw funds via Curvance using a previously tested attack path.
  • On May 24, StablR, a compliant stablecoin issuer under the MiCA regulatory framework, was attacked; the hacker profited over $2.8 million by minting additional EURR and USDR, causing both EURR and USDR to de-peg.
  • On May 25, the SquidRouter module was attacked, resulting in approximately $3 million in assets stolen from 86 Gnosis Safe wallets.
  • On May 27, the StakeDAO deployer private key was compromised on Arbitrum, allowing the attacker to mint approximately 5.45 trillion vsdCRV and partially exchange them for 43.7 ETH before fleeing.

Frequent security incidents have sounded the alarm, as DeFi appears to be losing ground across the board—from on-chain code to off-chain management.

AI has become the hacker's nuclear weapon

Why did the DeFi arms race accelerate dramatically this summer? Beyond the evolution of traditional hacking techniques, the rapid advancement of AI large models is becoming the ultimate tipping point.

In the past, identifying complex smart contract vulnerabilities—especially those involving cross-chain interactions, multi-layer nesting, or extremely subtle reentrancy logic—required top-tier hackers weeks or even months of code analysis. However, with the maturation of AI agents capable of handling ultra-long contexts, strong logical reasoning, and autonomous tool invocation, everything has undergone a qualitative transformation.

  • Second-by-second scanning and full-network "zero-day vulnerability" discovery: Attackers only need to feed open-source code repositories into the next-generation AI inference model, which can, within seconds, simulate hundreds of extreme interaction scenarios like a seasoned security expert, precisely identifying boundary conditions missed by human auditors during fatigue.
  • Automated attack script generation: AI can not only identify vulnerabilities but also automatically write, test, and deploy "hacker smart contracts" designed to extract funds.
  • Perfectly orchestrated off-chain DevOps and social engineering: AI can impersonate flawless developers to conduct phishing attacks, or monitor DeFi team GitHub commits around the clock. Once the team uploads sensitive information or unverified patch code, AI launches an attack within seconds—far faster than human security personnel can respond.

In this AI-powered battle of security defense, hackers, armed with AI, possess nearly unlimited ammunition and attack speeds measured in seconds, while DeFi is constrained by slow-paced governance voting, multi-signature confirmations, and delayed security audits, making it difficult to mount an adequate defensive response.

Last month, Anthropic, the AI development company behind Claude, officially unveiled its next-generation model, Mythos (see “Anthropic Has Created the Strongest AI Model Ever—But Dares Not Release It”). This is the first model in human history to surpass ten trillion total parameters (compared to mainstream models on the market today, which typically range from hundreds of billions to one trillion parameters), with a training cost of a staggering $10 billion.

However, due to Mythos’s specialized capabilities in cybersecurity—Anthropic has disclosed that the company identified thousands of zero-day vulnerabilities using Mythos in just a few weeks—Anthropic dares not publicly release the model directly, fearing malicious exploitation by hacker groups. Instead, it plans to first allow leading tech companies to test and identify potential vulnerabilities through a “Glass Wing” program.

The current DeFi security landscape remains extremely severe; it's hard to imagine what new threats the industry's security defenses will face after Mythos is publicly released.

The main issue: the risk-reward ratio has long been unbalanced.

For ordinary DeFi participants, liquidity providers (LPs), and whales, the most important question now is to sit down and do the math.

For a long time, users have chosen to deposit funds into DeFi to pursue annualized yields several times higher than those offered by traditional finance. During bull markets or periods of intense liquidity mining, yields of 10%, 20%, or even higher were sufficient to offset users' psychological expectations of "potential technical risks."

But today, this underlying logic has long been shaken—or even overturned— and the risk-reward ratio of DeFi has become imbalanced. On the yield side, as the market enters a zero-sum game and safety cushions have grown thicker, the actual yields of most mainstream and relatively reliable DeFi protocols have fallen back into the single-digit range. On the risk side, users’ principal is exposed to a black box that could be breached at any moment by AI or wiped out instantly by flash loans; should a protocol suffer a hack, token values can plummet to zero and liquidity pools can be drained within minutes—with no legal recourse, insurance, or central bank to provide coverage.

Risking 100% of your principal to chase an annual return of around 5% is clearly not a worthwhile trade.

Manuel’s words may sound absolute, but they have stripped away the last veil of DeFi. Given the reality that hackers have made AI a standard weapon and security incidents continue to erupt across the industry, if you haven’t mentally prepared to lose 100% of your principal for a certain return, then “withdraw your funds as soon as possible and secure your profits” may be the most rational and risk-management-aligned choice in this market cycle.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.