OpenAI rolled out Daybreak on Monday, a cybersecurity initiative tailored for crypto and blockchain projects that aims to fix vulnerabilities before they're exploited. The move comes as new data from TRM Labs shows infrastructure attacks — not code exploits — drove $2.2 billion of the $2.87 billion stolen across nearly 150 hacks in 2025.
What Daybreak actually does
Daybreak isn't another audit tool. OpenAI's pitch is a broader set of services: AI-assisted secure code review, continuous threat modeling, dependency and oracle risk analysis, patch validation before governance votes go live, privileged-access review, and active monitoring. The stated goal is making projects 'resilient by design' rather than reactive after a breach.
The launch on May 11 positions Daybreak against a clear gap in the market. Hacken's Q1 2026 data found that Web3 lost $482 million across 44 incidents — and six of those involved audited protocols. One victim had passed 18 separate audits before getting hit.
Infrastructure attacks dwarf code exploits
TRM Labs' 2026 Crypto Crime Report breaks down the 2025 losses: infrastructure attacks — compromised private keys, wallet infrastructure, privileged access, front-end surfaces, and control planes — accounted for $2.2 billion, more than six times the $350 million lost to code exploits.
A single $282 million theft last year involved no code exploit at all. The attacker bypassed the contract layer entirely and compromised operational and social infrastructure instead. That kind of attack is exactly what Daybreak's focus on privileged-access review and monitoring is meant to catch.
Code exploits, the kind traditional audits are designed to find, made up just 12.1% of total losses.
Physical coercion is rising, too
CertiK reported 34 verified physical coercion incidents — kidnappings, home invasions — globally from January to April 2026, up 41% from the same period in 2025. Estimated losses hit $101 million. If the current trajectory holds, CertiK expects roughly 130 incidents by year-end.
That's a different threat vector than Daybreak addresses, but it underscores how the crypto security landscape is broadening beyond smart contract bugs.
Daybreak launches as a service for projects that can afford it — OpenAI hasn't disclosed pricing — and will compete with existing firms like Hacken, CertiK, and TRM Labs. The real test will be whether a general AI company can earn trust in a niche where auditors' reputations are built on years of specific crypto experience. No word yet on which projects have signed up.
