AI Agents Speed Up DeFi Exploits; Teams Harden Protocols

On May 27, Manuel Aráoz, co-founder and former CTO of OpenZeppelin, urged investors to exit decentralized finance positions, saying autonomous AI coding agents are accelerating the discovery of smart-contract exploits. The sector has recorded more than $1.1 billion in losses over the past year, including $635 million in April across 28 reported hacks, and total value locked fell from about $172 billion in mid‑April to $148 billion.

Aráoz wrote: “Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric. Defenders need to fix every bug while attackers need just one exploit to steal funds.”

Venture capital firm a16z found that autonomous agents can reproduce core steps of past DeFi exploits and often identify starting points for attacks. AI developers such as Anthropic have limited access to powerful models over concerns they could autonomously discover and weaponize software flaws.

DeFi contracts, governance rules and integrations are public and composable. AI can speed reconnaissance, vulnerability discovery and exploit testing at near‑zero marginal cost, which reduces the technical barrier for attackers who no longer need deep manual expertise to begin probing protocols.

Founders and security firms have pointed to a different pattern in many recent incidents: operational failures rather than audited contract bugs. Examples include stolen private keys, bridge spoofing, social engineering and access control breakdowns. Several large breaches in recent months follow that pattern; Drift Protocol’s $285 million loss has been linked to a long social engineering campaign attributed to North Korea’s Lazarus Group.

Aave founder Stani Kulechov highlighted improvements in DeFi infrastructure such as stronger risk engines, market structures, formal verification, audits, bug bounties, cap management, improved oracles, automated monitoring and circuit breakers. He described the remaining attack surface as largely Web2‑style operational lapses, including weak internal controls and infrastructure processes. Uniswap founder Hayden Adams noted that well‑built smart contracts can support applications with strong security properties and that AI will surface weak code and rushed launches more quickly.

Teams are also adopting AI defensively. Security and analytics providers report that leading protocols are using AI tools to find and fix bugs before attackers do. OpenZeppelin released tooling to help AI agents generate contracts that use current audited security libraries. Uniswap launched a developer platform with AI features intended to make secure deployments easier. Other providers report protocols preparing for an AI‑versus‑AI security environment.

Security executives say defenses must move beyond point‑in‑time audits. Cyvers CEO Deddy Lavid has called for continuous monitoring, live transaction simulation and automated systems that can slow or pause suspicious activity. Some protocols have implemented circuit breakers, transaction monitoring, multisig controls and runtime protections to limit how far an attack can spread or to give teams time to respond. Those controls increase human discretion in systems designed for open access and automated execution.

Practitioners focused on limiting damage recommend tighter limits on privileged roles, stronger key management, conservative exposure caps, improved oracle design, transaction‑level monitoring and pre‑execution blocking. Insurance, bug bounties and dedicated live response teams are cited as additional tools to contain losses.

A pseudonymous developer associated with Yearn Finance advised against exiting all DeFi positions but recommended avoiding new, exotic protocols in favor of older, more tested systems. That approach may redirect capital toward mature protocols with simpler designs, longer operating histories and clearer controls, while projects with complex integrations or aggressive yields could face greater scrutiny as AI makes weak points easier to find.