Manuel Aráoz, co-founder of smart-contract auditor OpenZeppelin, didn't mince words last week. On May 26 he told friends and family to get out of DeFi entirely — naming Aave, MakerDAO, and Compound as unsafe. His reasoning: AI-powered coding agents have tilted the security balance decisively toward attackers.
The warning
Aráoz argued that defenders must find and fix every vulnerability while attackers need only one. AI coding agents can scan smart contracts faster than any human team, he said, making the old audit model obsolete. The message was blunt: all DeFi is unsafe now.
OpenZeppelin's own data backs the concern. The firm reported that crypto companies lost over $3.4 billion to hacks in 2025. April 2025 alone saw more than $650 million stolen — $292 million from KelpDAO and $285 million from Drift Protocol, both via social engineering rather than code exploits. Aráoz pointed to compromised credentials, operational failures, and code shipped between audits as the main culprits.
The pushback
DeFi builders pushed back fast. Mark Zeller of Aave Chan Initiative countered that fewer than 10% of DeFi issues stem from code-level vulnerabilities. Most failures, he said, come from poor risk parameters, collateral mismanagement, and weak operational security — not smart-contract bugs.
Phoenix Lab co-founder Sam McPherson agreed. Blue-chip DeFi smart contracts are 'quite safe,' he stated, blaming opsec failures for the major hacks. Robert, a developer at Polaris Finance, went further, calling smart-contract exploits 'almost non-existent' and arguing that recent breaches involve centralized components.
Can AI defend?
Vitalik Buterin offered a different take. He suggested AI-assisted formal verification could enhance crypto security — letting developers write code and mathematical proofs of correctness. That would turn AI from an attacker's tool into a defender's shield. But no one has shipped that at scale yet.
The debate leaves an open question. If the biggest hacks are opsec failures, not code bugs, does Aráoz's blanket warning miss the mark? Or does the speed of AI-powered scanning mean the old audit cycle simply can't keep up? Either way, the exchange this week shows how fast the security conversation is shifting — and how little agreement there is on what to do about it.
