Manuel Aráoz, co-founder and former CTO of OpenZeppelin, has publicly declared that he now considers all decentralized finance (DeFi) projects unsafe due to artificial intelligence (AI) tools that can discover vulnerabilities faster than human defenders can patch them. His warning carries unusual weight because OpenZeppelin helped design the foundational security standards used across Ethereum and DeFi today. The statement has sparked intense debate about whether the balance between attackers and defenders has fundamentally shifted in favor of malicious actors.

Why Is an OpenZeppelin Founder Sounding the Alarm on DeFi Security?

Aráoz's concern centers on what he calls a fundamental asymmetry in smart contract security. Defenders must secure every line of code, every dependency, every governance mechanism, and every cross-chain interaction. Attackers, by contrast, only need to find one successful exploit to drain millions of dollars. This imbalance has always existed, but Aráoz argues that AI has dramatically accelerated the problem.

According to Aráoz, AI coding agents can now autonomously identify vulnerabilities, test exploit paths, and generate attack strategies at machine speed. Public smart contract code, once celebrated as a strength of DeFi because anyone could audit it openly, has become a liability. AI systems can scan that same code faster and more efficiently than human researchers ever could.

"I currently believe all DeFi projects have security vulnerabilities. Smart agents possess superhuman abilities to discover vulnerabilities, and there is a serious asymmetry in smart contract security: defenders must fix every vulnerability, while attackers only need to find one breakthrough to steal user assets," stated Manuel Aráoz, co-founder and former CTO of OpenZeppelin.

Manuel Aráoz, co-founder and former CTO of OpenZeppelin

Aráoz reportedly advised friends and family to withdraw from major protocols including Aave, MakerDAO, and Compound, which have historically been viewed as among the safest sectors of decentralized finance due to their maturity, liquidity, and auditing history.

How Are AI Tools Making Smart Contract Exploits More Dangerous?

Traditional hacking required teams of experienced researchers manually searching for weaknesses in Solidity contracts or protocol integrations. That process was time-consuming and expensive. Today, advanced AI models can automate much of that work, fundamentally changing the threat landscape.

• Automated Vulnerability Detection: AI systems can analyze thousands of smart contracts simultaneously and detect hidden edge-case vulnerabilities that might take human researchers months to find.
• Rapid Exploit Simulation: Attackers can use AI to simulate exploit scenarios, generate exploit scripts rapidly, and identify cross-chain weaknesses without manual testing.
• Optimized Attack Timing: AI can optimize when and how attacks are executed, increasing the likelihood of success and making detection harder.

A small group of attackers equipped with powerful AI systems may potentially outperform entire security teams operating manually. DeFi protocols built for human-scale threats are now confronting machine-speed adversaries.

The implications are especially severe for complex protocols involving bridges, wrapped assets, governance voting systems, or composable DeFi layers. Research shows the threat is real: AI models like Mythos have uncovered high-risk vulnerabilities that lay dormant for decades and survived millions of automated tests. Researchers spent only $50 to uncover a 25-year-old vulnerability using Mythos.

In a benchmark test called EVMBench, jointly launched by Paradigm and OpenAI, an AI model's detection rate for high-risk cryptocurrency theft vulnerabilities skyrocketed from an initial 12 to 13 percent to over 70 percent in just six months, based on the Codex 5.3 model.

What Recent Exploits Show About the Current Risk Environment?

Aráoz's warning arrives during a difficult period for the industry. DeFi hacks in 2026 continue to pile up, and confidence in even blue-chip protocols is facing new pressure. Industry reports estimate that more than $1.1 billion has been lost to DeFi exploits over the past year alone.

Last month alone, the number of on-chain attacks reached a record high in the crypto industry, with attacks occurring almost daily and the total amount of stolen assets exceeding $625 million. Several incidents have intensified concerns across the ecosystem.

The Kelp DAO exploit reportedly caused losses approaching $292 million. The attack highlighted the growing fragility of cross-chain systems and wrapped asset infrastructure. Cross-chain interoperability remains one of the largest attack surfaces in crypto because multiple systems, validators, and dependencies must function flawlessly simultaneously.

Another notable incident involved Step Finance, where attackers reportedly drained around $27 million before the project ultimately shut down. Most recently, Stake DAO confirmed that an attacker compromised the protocol's deployer private key and minted 5.4 trillion vsdCRV tokens on Arbitrum. While the protocol secured the vsdCRV backing on Ethereum mainnet before the attacker could seize it, the incident underscores how a single compromised key can trigger an unlimited mint, a vulnerability pattern that has driven some of the costliest DeFi exploits of 2026.

Is OpenZeppelin Officially Backing This Warning?

OpenZeppelin has publicly clarified that Manuel Aráoz's statements do not represent the company's official position. The firm continues to advocate for stronger security infrastructure rather than abandoning DeFi altogether. OpenZeppelin notes that Aráoz left the company in 2019 and his personal views are his own.

The company believes AI can strengthen both attackers and defenders. The race may ultimately depend on who adapts faster. OpenZeppelin and other security firms are exploring solutions including AI-assisted monitoring, formal verification, runtime protection systems, multi-layer auditing, continuous bug bounty programs, and real-time anomaly detection.

What Do Experts Say About the Risk-Return Tradeoff in DeFi?

Beyond the AI threat, experts point out a troubling mismatch between risk and reward in current DeFi products. Many users still equate so-called "low-risk DeFi products" like asset vaults and Aave with bank savings accounts. Morpho Vault, for example, holds $11.8 billion in locked assets but offers only a 2 to 4 percent annualized return, most of which flows in through platforms like Coinbase and Kraken.

In these products, users stake their entire principal for only single-digit annualized returns. This explains why market funds are shifting towards perpetual contracts and memes. While the latter are highly speculative, their risk-return ratio is far superior to traditional DeFi.

An attack targeting Drift took six months to prepare, making the risk-reward structure of a 3 percent annualized asset pool seem extremely unreasonable in comparison.

Are There Defensive Tools Emerging to Counter AI-Powered Attacks?

While Aráoz's position reflects an increasingly cautious view, some industry participants believe the warning may be overly absolute. Technology is a double-edged sword; AI tools, while reducing the cost of attacks, also lower the barrier to security defense.

Intelligent allocation agents like Zyfai represent a new defensive approach. These platforms monitor on-chain data 24/7 in real time, strictly enforce preset risk control rules, and refuse to add new assets once the risk exceeds a limit. Although such claims should be viewed rationally, the technical architecture has reference value. Leveraging mechanisms such as smart accounts, session keys, and spending limits, these agents construct a defensive barrier that surpasses human capabilities in terms of reaction speed and continuous monitoring.

On-chain insurance is also evolving. For many years, on-chain insurance remained on the fringes of the industry. Leading project Nexus Mutual has only paid out $18.6 million in claims since its inception, while in 2025 alone, the crypto industry lost $3.4 billion in assets due to hacking attacks. New solutions are improving this situation: OpenCover's principal-protected vault directly deducts premiums from investment returns, eliminating the need for additional user fees; Vaults.fyi has also completed ecosystem cooperation, simultaneously pushing insurance-related information while displaying risk data.

Supporters of DeFi argue that modern protocols are stronger than earlier generations because they incorporate insurance funds, layered defenses, better operational practices, and more sophisticated monitoring tools. Yet even optimists acknowledge one reality: AI changes the equation.

The future of decentralized finance may depend on whether security innovation can outpace exploit automation. For investors, the warning from an OpenZeppelin co-founder serves as a reminder that crypto remains a high-risk environment, and the emergence of AI-powered attack tools has raised the stakes significantly.