Manuel Aráoz, co-founder and former CTO of smart-contract security firm OpenZeppelin, advised investors on May 27 to exit DeFi positions. His warning centers on autonomous AI coding agents that he says are rapidly widening the gap between attackers and defenders in decentralized finance. The call comes as DeFi has already lost more than $1.1 billion to exploits over the past year, with April alone accounting for $635 million across 28 reported hacks.
Why the warning came now
Aráoz didn't cite a single incident. Instead he pointed to a structural shift: AI coding agents that can discover and weaponize software flaws faster than human defenders can patch them. Research from a16z backs that up — their tests show AI agents consistently identify core vulnerabilities in historical DeFi exploits, often reaching a starting point for an attack even if they fail to complete it. The concern isn't hypothetical. Anthropic recently restricted public access to its unreleased Claude Mythos model precisely because it demonstrated the capacity to autonomously find and exploit software bugs.
The numbers behind the advice
The broader DeFi market is already under pressure. Total value locked has fallen from roughly $172 billion in mid-April to $148 billion as of press time — five straight weeks of outflows. Bitcoin approached $72,000 earlier today, but the TVL decline suggests capital is leaving DeFi protocols faster than new money comes in. For context, the sector lost over $1.1 billion to hacks in the last 12 months. April was brutal: $635 million gone in 28 separate incidents, averaging more than one per day.
Where the real risk lies
OpenZeppelin's own analysis argues that many recent security incidents stem from operational failures — stolen private keys, bridge spoofing, social engineering, access control issues — rather than flaws in audited contract code. The Drift Protocol's $285 million loss, tied to a six-month social engineering campaign from North Korea's Lazarus Group, fits that pattern. Aave founder Stani Kulechov notes that DeFi infrastructure now benefits from better risk engines, formal verification, audits, bug bounties, and circuit breakers. He says much of the remaining attack surface involves Web2-style operational lapses. Uniswap founder Hayden Adams makes a similar point: well-built smart contracts can support strong security, but AI is likely to expose weak code, rushed launches, and poor development practices.
AI on both sides of the fight
DeFi teams aren't sitting still. They're bringing AI into their own defense stack, though specifics are still emerging. The tension is clear: attackers get faster at finding holes, defenders get faster at closing them. Aráoz made his call before the gap widens further. Whether that gap has already passed a tipping point is the unresolved question — and one that's likely to define DeFi's security landscape for the rest of 2026.
