On May 26th, Manuel Aráoz, who helped found the smart contract security company OpenZeppelin, publicly advised people to withdraw from all of decentralized finance (DeFi), even well-established projects.
He believes that AI coding tools have given attackers such a significant advantage that no current security system is reliable enough to protect users’ money.
Aráoz’s Warning
The software engineer wrote in a post on X;
“PSA: I now consider all of DeFi unsafe.”
He’s been telling his friends and family to sell all their investments in DeFi, specifically mentioning Aave, MakerDAO, and Compound as platforms he now sees as risky.
As a crypto investor, I’ve always known security is a huge challenge. The problem is, defenders have to be perfect – they need to find *every* weakness in a smart contract. But attackers only need to find *one*. That’s always been a tough asymmetry to overcome. Now, with these new AI coding tools that can audit contracts way faster and more completely than any human team, I’m starting to think that imbalance is becoming a real problem. It feels like the attackers are gaining a serious edge, and that’s worrying.
OpenZeppelin recently reported that crypto companies lost over $3.4 billion to hacks in 2025. However, they found that most of these losses weren’t due to flaws in the smart contracts themselves, but rather to things like stolen passwords, mistakes in how companies operated, and code changes made after security checks.
This year has been marked by a surge in cyberattacks, including over $650 million stolen in April. A major incident involved KelpDAO, where an exploit led to $292 million being taken, and Drift Protocol lost $285 million after a prolonged social engineering campaign, according to security experts.
Pushback From X Users
Hearing Aráoz’s concerns definitely gave me pause, but the crypto community immediately responded – and pretty strongly. One of the most vocal critics was Mark Zeller from the Aave Chan Initiative, and he didn’t pull any punches with his reply.
He backed up his argument with data, explaining that most problems with DeFi projects over the past year weren’t caused by flaws in the code itself. Instead, failures usually happened because of issues like poorly set risk levels, problems managing collateral, and weak security practices – not because hackers used AI to find vulnerabilities.
Others generally agreed with Zeller, though not as strongly. Sam McPherson, co-founder of Phoenix Lab, said that the core code of leading DeFi platforms is now very secure, and that most recent hacks are caused by human error or security lapses, not flaws in the code itself.
Robert, a developer at Polaris Finance and an X user, pointed out that true smart contract hacks are now rare. He explained that most recent security problems haven’t come from flaws in the code itself, but from vulnerabilities in the centralized parts of systems that people control.
Vitalik Buterin, a co-founder of Ethereum, believes AI could actually *improve* crypto security. He recently suggested that AI could help developers not only write code, but also create the mathematical proofs needed to ensure that code works correctly, ultimately making crypto systems more reliable over time.
Read More
- USD CNY PREDICTION
- Silver Rate Forecast
- Brent Oil Forecast
- CNY JPY PREDICTION
- ETH PREDICTION. ETH cryptocurrency
- USD VND PREDICTION
- EUR USD PREDICTION
- Gold Rate Forecast
- DOGE PREDICTION. DOGE cryptocurrency
- NEAR PREDICTION. NEAR cryptocurrency
2026-05-27 16:09