OpenZeppelin CEO says all DeFi unsafe as AI surpasses human hackers. $20bn TVL drop and $1.1bn in exploits over 365 days raise questions about onchain finance’s future.
Alpha Score of 47 reflects weak overall profile with moderate momentum, weak value, moderate quality. Based on 3 of 4 signals – score is capped at 90 until remaining data ingests.
OpenZeppelin CEO Manuel Araoz said he now considers all of decentralized finance unsafe. Coding agents have become superhuman at finding vulnerabilities, he wrote on X Wednesday. The warning from the head of crypto's most prominent security audit firm challenges the sector's core assumption that smart contract defenses can scale.
DeFi's total value locked has fallen by over $20 billion since the start of 2025, according to DeFiLlama data. Some of that decline reflects broader crypto price weakness. The sector absorbed a steady stream of exploits that continue to test confidence in onchain finance. Araoz's statement pushes what was a theoretical risk into a present-tense market concern.
PSA: I now consider all of DeFi unsafe. Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric: defenders need to fix every bug while attackers need just one exploit to steal funds.
For traders, the immediate implication is a widening risk premium for DeFi tokens relative to Bitcoin and Ethereum. If the firm that audits many of the largest protocols publicly declares the sector unsafe, project insurance costs should rise and capital allocation should shift. The question is whether this becomes a self-fulfilling loss of confidence.
DeFiLlama data shows that more than $1.1 billion has been lost to DeFi hacks over the past 365 days. The largest single incident was April's $292 million Kelp DAO exploit, which exposed how vulnerabilities in cross-chain infrastructure can spill into the broader ecosystem. Solana-based Step Finance shut down earlier this year after a $27 million exploit left the project unable to recover.
Each exploit adds to a drag on investor confidence and liquidity. Protocols that survive one attack must often raise new capital or restructure tokenomics, further diluting existing holders. The asymmetric nature Araoz describes means a single undetected bug can erase months of development and billions in value.
The $20 billion TVL decline since January reflects both price depreciation and actual capital outflows. If Araoz's warning accelerates those outflows, the next data point to watch is weekly TVL changes across major chains. A sudden acceleration would confirm that the security narrative shift is driving real positioning changes.
Araoz's comments arrived alongside a separate warning from Anthropic. The company said its restricted Claude Mythos AI model can autonomously discover software vulnerabilities and develop working exploits at a level that surpasses existing automated tools.
DeFi's core security model was designed around human attackers operating at human speed. Audit cycles, bug bounties, and time-locked upgrades assume a reaction window of hours or days. An AI agent that can scan publicly available smart contract code, identify weaknesses, and deploy an exploit in seconds compresses that window toward zero.
The transparency that DeFi markets as a strength–every contract visible on chain–now becomes a liability. Attackers no longer need to reverse engineer closed-source software. They can feed open-source bytecode directly into a model trained to find edge cases.
Developers may need to shift from transparent to opaque execution models, using zero-knowledge proofs or private data layers to obscure sensitive logic. Any layer of obfuscation adds complexity and execution risk, potentially introducing new bugs. The trade-off between security and transparency is becoming a direct design constraint.
The same property that allowed DeFi to grow–permissionless composability–also creates a larger attack surface. A vulnerability in one contract can be exploited across dozens of protocols that depend on it. The Kelp DAO exploit is a recent example of how cross-chain bridges amplify single-point failures.
Defenders need to identify, patch, and deploy fixes across every affected contract before an attacker exploits any one of them. With AI-driven attackers, that race becomes increasingly one-sided. OpenZeppelin itself provides audit tools and security libraries. Araoz’s statement suggests the current tooling is no longer sufficient.
If major custodians or institutional investors interpret Araoz's warning as a signal to reduce exposure, the next phase could be a second-order liquidity crunch for DeFi tokens. Insurance protocols may raise premiums or drop coverage for certain chains. Regulators in jurisdictions that already scrutinize DeFi may use the AI risk as a reason to tighten requirements.
For traders, the immediate signal is a widening risk premium in DeFi tokens relative to Bitcoin and Ethereum. The BTC and ETH profiles offer exposure to crypto without the same smart contract execution risk. Even those assets could face contagion pressure if a large-scale exploit triggers a broader market sell-off.
OpenZeppelin CEO Manuel Araoz has done what few security executives do: publicly declare his own industry's defense insufficient. Whether that statement becomes a turning point or a temporary overreaction depends on whether the asymmetric vulnerability he describes is met with a matching leap in defensive AI. Until that leap arrives, the default stance for capital in DeFi is higher risk than the previous baseline.
For more on the broader crypto landscape, see AlphaScala’s crypto market analysis and the risk profiles for Bitcoin (BTC) and Ethereum (ETH).
Prepared with AlphaScala research tooling and grounded in primary market data: live prices, fundamentals, SEC filings, hedge-fund holdings, and insider activity. Each story is checked against AlphaScala publishing rules before release. Educational coverage, not personalized advice.