Top Audit Guru Alerts: All DeFi is Unsafe, Withdraw Now!

Odaily星球日报Published on 2026-05-28Last updated on 2026-05-28

Abstract

Leading DeFi security auditor and OpenZeppelin founder Manuel Aráoz has issued a stark warning, declaring all DeFi protocols unsafe and advising the withdrawal of funds, even from established platforms like Aave and MakerDAO. This warning stems from the rapidly growing threat posed by AI-powered hacking tools. Aráoz highlights that AI agents can now identify and exploit smart contract vulnerabilities in minutes, a task that previously took expert teams weeks. This creates a critical asymmetry: defenders must patch every flaw, while attackers need only find one. Recent months have seen a surge in high-profile exploits, with billions lost in April and May alone across protocols like Drift Protocol, Kelp DAO, and THORChain. The acceleration is attributed to AI's ability to perform rapid code scanning, generate automated attack scripts, and even orchestrate social engineering and infrastructure attacks faster than human defenders can respond. The article cites Anthropic's powerful new AI model, Mythos, which demonstrated such proficiency in finding zero-day vulnerabilities that its public release was delayed over security concerns. This evolution fundamentally disrupts DeFi's risk-reward calculus. With yields on reliable protocols falling to single digits, users now face the potential of 100% capital loss for minimal returns. Aráoz's conclusion is that for most users, withdrawing funds to secure wallets is the most rational risk-management choice in the current landscape.

Original | Odaily Planet Daily (@OdailyChina)

Author | Azuma (@azuma_eth)

"I believe all DeFi is no longer secure."

This assertion left by Manuel Aráoz, founder of OpenZeppelin, on X yesterday is like a depth charge, once again shaking the already stagnant DeFi market.

Manuel even stated that he has started advising friends and family to withdraw funds from major DeFi protocols, including blue-chip protocols like Aave, MakerDAO, and Compound, which were once considered low-risk.

This is not alarmist talk from an outsider. On the contrary, Manuel himself is one of the core builders of the DeFi security ecosystem, and OpenZeppelin is one of the industry's most mainstream security auditing firms. Its contract libraries, security standards, and auditing frameworks have permeated almost the entire DeFi world.

The reason for Manuel's complete change in attitude lies in AI. Manuel pessimistically believes that the capability of AI Coding Agents to identify and exploit smart contract vulnerabilities is increasing exponentially.

This means that issues which previously took top white-hat teams weeks to discover might now be scanned by AI in minutes; where hackers needed to study protocol logic extensively, AI can now automatically analyze attack paths; where DeFi's "openness and transparency" was once an advantage, it has now become the best training corpus for attackers.

Manuel also mentioned a more fatal problem: smart contract security is essentially an extremely asymmetric game — defenders must patch all vulnerabilities, while attackers only need to find one to steal funds. As AI begins to exponentially enhance attack efficiency, this asymmetry is rapidly tilting out of balance.

The Icy Reality: DeFi Has Become a Hacker's ATM

Looking back at DeFi security incidents over the past few months, you'll find Manuel's concerns are not exaggerated.

April was arguably one of the worst months in DeFi history.

  • On April 1st, April Fool's Day, Drift Protocol suffered a theft of $280 million due to a manager privilege hijacking and multisig execution vulnerability (see April Fool's Joke? Drift Protocol Hacked for Over $280 Million, Possibly Becoming Solana Ecosystem's Second Largest DeFi Heist).
  • Subsequently on April 19th, Kelp DAO lost $292 million due to a breached bridge protocol (see Another $292 Million Stolen from DeFi, Is Even Aave Unsafe Now?). The hacker later escaped via lending protocols like Aave, casting a shadow of bad debts and their ripple effects over the entire DeFi space.

And since entering May, incidents have not decreased but rather further proliferated.

  • On May 15th, THORChain was attacked. A newly added node operator exploited a vulnerability in the GG20 threshold signature scheme (TSS) to reconstruct the vault's private key and directly execute outbound transactions, causing a loss exceeding $10 million.
  • On May 18th, Verus's bridge protocol was attacked. The attacker forged cross-chain import payloads to bypass verification and extract assets from the Ethereum reserves, stealing approximately $11.58 million.
  • On May 19th, Echo Protocol on Monad was attacked due to a private key leak. The attacker minted 1,000 eBTC (worth $76.7 million) and extracted funds via a previously tested attack path through Curvance.
  • On May 24th, StablR, a compliant stablecoin issuer under the MiCA regulatory framework, was attacked. The hacker profited over $2.8 million by minting EURR and USDR, causing EURR and USDR to depeg.
  • On May 25th, the SquidRouter module was attacked, resulting in the theft of approximately $3 million in assets from 86 Gnosis Safe wallets.
  • On May 27th, the StakeDAO deployer's private key was leaked on Arbitrum. The attacker minted about 5.45 trillion vsdCRV and partially exchanged them for 43.7 ETH to escape.

Frequently occurring security incidents have sounded the alarm. From on-chain code to off-chain management, DeFi seems to be losing ground across the board.

AI Has Become the Hacker's Nuclear Weapon

Why has the DeFi offensive-defensive balance suddenly collapsed this summer? Beyond the evolution of traditional hacking techniques, the rapid advancement of AI large language model capabilities is becoming the ultimate factor tipping the scales.

In the past, finding a complex smart contract vulnerability (especially one involving cross-chain interactions, multi-layer nesting, or extremely hidden reentrancy logic) required top-tier hackers weeks or even months of code analysis. However, with the maturation of AI agents possessing ultra-long context, strong logical reasoning, and autonomous tool-calling abilities, this has undergone a qualitative change.

  • Second-level Scanning and Global "Zero-day Vulnerability" Mining: Attackers only need to feed open-source code repositories to new-generation AI reasoning models, and AI can, within seconds, deduce hundreds of extreme interaction scenarios like a seasoned security expert, precisely identifying boundary conditions that human auditors might miss due to fatigue.
  • Automated Attack Script Generation: AI can not only discover vulnerabilities but also automatically write, test, and deploy "hacker smart contracts" designed to extract funds.
  • Perfect Orchestration of Off-chain DevOps and Social Engineering: AI can impersonate a perfect developer for phishing or monitor a DeFi team's GitHub commits 24/7. Once the team uploads code containing sensitive information or unverified fixes, AI can launch an attack within seconds—far faster than any human security personnel can respond.

In this AI-augmented security war, hackers, armed with AI, possess nearly unlimited ammunition and attack speeds measured in seconds. In contrast, DeFi, constrained by slow-paced governance voting, multisig confirmations, and delayed security audits, struggles to mount a corresponding defense.

Last month, Anthropic, the AI development company behind Claude, officially announced its new-generation model, Mythos (see Anthropic Develops the Most Powerful AI Model in History, But Dares Not Release It...). This is the first model in human history to exceed ten trillion parameters (in contrast, current mainstream models range from hundreds of billions to one trillion parameters), with a staggering training cost of $10 billion.

However, due to Mythos's specialized capabilities in cybersecurity (Anthropic disclosed that they identified thousands of zero-day vulnerabilities using Mythos in just a few weeks), the company even dares not release the model publicly directly, fearing malicious use by hacker groups. Instead, they plan to allow leading tech giants to test it first through a "Project Glasswing" to patch potential vulnerabilities in advance.

If the current DeFi security landscape is already this severe, it's hard to imagine what new threats industry security defenses will face once Mythos is publicly released.

The Biggest Problem: The Risk-Reward Ratio Has Long Been Out of Balance

For ordinary DeFi participants, liquidity providers (LPs), and whales, the most important issue now is to sit down and do the math.

For a long time, the reason users chose to deposit funds into DeFi was the pursuit of annualized yields several times higher than those in traditional finance. During bull markets or frenzied periods of liquidity mining, yields of 10%, 20%, or even higher were enough to cover people's psychological expectations for "potential technical risks."

But today, this underlying logic has long been shaken, even overturned. The risk-reward ratio of DeFi is already out of balance. On the reward side, as the market enters a phase of stock game competition and security cushions thicken, the real yields of most mainstream, relatively reliable DeFi protocols have fallen back to single-digit percentages. On the risk side, users' principal is exposed to a black box that could be breached by AI at any moment, emptied by flash loans in an instant. Once a protocol is hacked, token prices plummeting to zero and liquidity pools being drained often happen within minutes, with no legal recourse, insurance, or central bank to cover the losses.

The gamble of risking 100% principal loss for an annualized return of around 5% is clearly not a worthwhile bet.

Manuel's words may be somewhat absolute, but they tear off DeFi's final fig leaf. In the face of the reality where hackers have made AI a conventional weapon and security incidents keep erupting in the industry, if you are not mentally prepared to risk losing 100% of your principal for a certain return, then "withdrawing funds as soon as possible and securing profits" might be the most rational, most risk-control-compliant choice in the current market cycle.

Related Questions

QAccording to the article, who is Manuel Aráoz and why is his warning about DeFi security considered significant?

AManuel Aráoz is the founder of OpenZeppelin, a leading security audit firm in the crypto industry. His warning is significant because he is a core builder of the DeFi security system, and his company's contract libraries, security standards, and audit frameworks are widely used across the DeFi ecosystem. His shift in stance carries substantial weight due to his deep expertise and role in the industry.

QWhat is the primary reason cited by Manuel Aráoz for his belief that all DeFi is now insecure?

AThe primary reason is the exponential improvement in AI (specifically AI Coding Agents) in identifying and exploiting smart contract vulnerabilities. AI can now find issues in minutes that once took top security teams weeks, automate the analysis of attack paths, and leverage the public nature of DeFi code as training data. This massively amplifies the inherent asymmetry in security where attackers need only find one flaw while defenders must patch all of them.

QWhat is the 'Mythos' model mentioned in the article, and why is it considered a potential threat?

AMythos is a new AI model developed by Anthropic, the company behind Claude. It is the first model to surpass 10 trillion parameters, with a training cost of $10 billion. It is considered a potential threat because Anthropic disclosed that in just a few weeks, Mythos identified thousands of zero-day vulnerabilities. Due to its specialized capabilities in cybersecurity, Anthropic is hesitant to release it publicly for fear it could be maliciously used by hackers to exploit vulnerabilities at an unprecedented scale.

QThe article argues that the risk-reward ratio for DeFi participation has become unbalanced. What is the core of this argument?

AThe core argument is that the potential rewards (returns) from mainstream DeFi protocols have fallen to single-digit percentages in the current market, while the risks have skyrocketed. Users now risk losing 100% of their principal in minutes due to AI-enhanced hacks, with no legal recourse, insurance, or central bank backstop. The article frames this as an irrational trade-off: risking total loss for a relatively low annual yield.

QBesides smart contract code, what other aspects of DeFi infrastructure have been targeted in recent hacks according to the article's examples?

ARecent hacks have targeted vulnerabilities beyond just smart contract code. Examples include bridge protocols (Kelp DAO, Verus), management/private key compromises (Drift Protocol, StakeDAO, Echo Protocol), threshold signature schemes (THORChain), and wallet management modules (SquidRouter). This indicates that security weaknesses exist across the entire DeFi stack, from on-chain code to off-chain operational and key management practices.

Related Reads

Justin Sun’s Interview with Hurun Report: A New Order and Certainty for Value Flow in the Era of Transformation

In an interview with *Hurun Report*, Justin Sun, founder of TRON, discussed the evolution of the Web3 industry as it moves from initial exploration to large-scale adoption. He emphasized that the core value of blockchain lies in building an open and inclusive internet of value, enabling anyone globally to transfer and use funds efficiently and at low cost, regardless of location or access to banking. Sun highlighted that projects with lasting impact are those built on genuine demand and real-world usage. He pointed to the stablecoin payment ecosystem as the most mature and scalable application currently, noting that TRON has rapidly become one of the world's largest stablecoin networks. The circulation of USDT on TRON has surpassed $86.3 billion, driven by actual use cases such as cross-border transfers and daily payments, demonstrating strong network effects. Regarding strategy, Sun outlined a methodology combining data-driven iteration, rapid execution, and user-centric focus. He cited the decision to partner with Tether to launch TRC-20 USDT as a key strategic move, based on an assessment of market trends and long-term potential, which has become a significant growth engine for the TRON ecosystem. On globalization, Sun stressed the importance of local compliance and cultural adaptation, noting that success in different markets depends on deep understanding and local partnerships. He also addressed the convergence of AI and blockchain, describing it as a transformative direction where blockchain provides decentralized infrastructure for AI, while AI enhances the intelligence and user experience of blockchain systems. For industry participants and young entrepreneurs, Sun advised continuous learning and adaptability in a fast-changing environment, focusing on building irreplaceable core strengths rather than spreading resources too thinly. Through infrastructure development, global strategy, and technological foresight, TRON aims to advance the practical implementation and evolution of the value internet.

marsbit19m ago

Justin Sun’s Interview with Hurun Report: A New Order and Certainty for Value Flow in the Era of Transformation

marsbit19m ago

Samsung Leverages Technology Cycles, SK Hynix Relies on HBM, What Enabled Micron to Win a Trillion-Dollar Market Cap?

Micron Technology, the Idaho-based memory chip maker, recently saw its market cap surpass $1 trillion, securing its position as one of the top three DRAM manufacturers alongside Samsung and SK Hynix. Its survival and growth story is marked by a unique combination of political maneuvering and hard-won manufacturing efficiency, but also strategic missteps that now challenge its future. Founded in 1978 in Boise without significant government or capital backing, Micron repeatedly turned to Washington for survival during critical junctures. In the 1980s, it filed anti-dumping complaints against Japanese firms, leading to the U.S.-Japan Semiconductor Agreement. Ironically, this created an opening for Samsung, which Micron had earlier licensed its 64K DRAM technology to. In 2002, Micron avoided heavy fines in a price-fixing investigation by acting as a whistleblower against its competitors, cementing its reputation as a "political opportunist." A major strategic error occurred in 2013 with its $2.5 billion acquisition of bankrupt Japanese firm Elpida. This deal burdened Micron with integrating incompatible manufacturing processes just as the industry was pivoting toward HBM (High Bandwidth Memory), a critical technology for AI. SK Hynix had launched its first HBM chip that same year. By the time AI demand exploded with ChatGPT in 2022, SK Hynix commanded about 85% of the HBM3 market, while Micron, playing catch-up, held only around 3%. In 2017, Micron employed similar tactics against a new competitor, Chinese startup Fujian Jinhua, by alleging intellectual property theft, which led to U.S. sanctions effectively crippling the firm. However, this strategy backfired in 2023 when China banned Micron's products from its critical infrastructure, causing its revenue share from China to plummet from 14% in FY2023 to just 7.1% by FY2025. Today, Micron faces a triple squeeze: it lags in the high-margin HBM race, faces pricing pressure in low-end DRAM from Chinese manufacturers like CXMT, and has lost crucial access to the booming Chinese AI server market. Despite its political strategies, Micron's core strength is its exceptional manufacturing cost control, achieved through decades of engineering. Its DRAM chips have a smaller cell area than its rivals, yielding more chips per wafer. This efficiency has been vital for weathering industry downturns. However, this advantage cannot compensate for the decade lost in HBM development. Micron is now racing to ramp up production of its HBM3E, certified by NVIDIA, and develop HBM4. Its future hinges on whether it can close this technological "time debt" through relentless R&D and execution, in a marathon where its competitors, having started earlier, are not slowing down.

marsbit37m ago

Samsung Leverages Technology Cycles, SK Hynix Relies on HBM, What Enabled Micron to Win a Trillion-Dollar Market Cap?

marsbit37m ago

Deconstructing Mysterious Researcher Serenity's Chokepoint Algorithm and the Global Revaluation of Equity Assets

Unmasking Serenity's "Chokepoint Theory": A Framework for AI-Era Investment This article deconstructs the investment methodology of the pseudonymous online researcher Serenity (formerly AleaBito on Reddit), who claims extraordinary returns by identifying critical bottlenecks in AI and robotics supply chains. Rejecting Wall Street's typical top-down analysis, Serenity employs a bottom-up, reverse-engineering approach. Starting with an end product like an Nvidia GPU cluster, he meticulously maps the global supply chain down to its most essential, irreplaceable physical components—the "choke points." These are low-profile, often monopolized sub-sectors where a disruption could paralyze entire downstream industries, analogous to a strategic strait controlling global oil flow. His primary focus is the physical evolution of AI data centers, specifically the shift from copper interconnects to silicon photonics and Co-Packaged Optics (CPO). He identifies five critical, monopolized technical barriers within CPO: high-precision fiber alignment components (e.g., FOCI), external light sources and high-power lasers (e.g., SIVE), molecular beam epitaxy equipment (ALRIB/Riber), ultra-high-purity red phosphorus raw materials, and Silicon-on-Insulator (SOI) wafers (Soitec). Serenity extends this framework to humanoid robotics, arguing that while the AI "brain" resides in the US, the physical "body" hardware (actuators, gears, motors) is dominated by Asian manufacturers. He highlights a looming "demand tsunami" for specific rare earth elements essential for robot motors, presenting a severe future supply chain and geopolitical challenge. The article cites several of his investment targets (RPI, SIVE, Soitec, VLN, NBIS) where identifying such choke points, coupled with correcting market mispricings (e.g., ticker code confusion for VLN), allegedly led to significant re-ratings. Ultimately, the article posits that Serenity's core value is not in providing stock picks, but in demonstrating a paradigm: using deep technical analysis to find the silent, indispensable "physical switches" within complex systems, thereby exploiting institutional research blind spots. However, it warns of major risks, including illiquidity in micro-cap stocks, potential "pump-and-dump" accusations, and the foundational gamble that his identified technological paths (like CPO) are the correct and inevitable ones.

marsbit39m ago

Deconstructing Mysterious Researcher Serenity's Chokepoint Algorithm and the Global Revaluation of Equity Assets

marsbit39m ago

Cross-strait Regulators Jointly Block Hong Kong Stock Account Openings: Where Can Your Money Go Now?

**Summary:** On May 22, 2026, financial regulators in mainland China and Hong Kong launched a synchronized crackdown targeting informal channels used by mainland investors to trade in Hong Kong and US stocks via Hong Kong-based securities firms. The Hong Kong Securities and Futures Commission (SFC) issued a stringent circular to licensed brokers, mandating stricter onboarding procedures for mainland clients. New requirements include a mandatory written declaration stating that all investment funds originate from *outside* mainland China and are from legal sources. The SFC also demanded the closure of accounts opened with suspicious documents and dormant accounts. Simultaneously, China's securities regulator, along with seven other ministries, initiated a two-year rectification plan, penalizing firms like Futu and Tiger Brokers for illegal cross-border operations. This effectively ends the previously common grey-area practice for mainlanders. Immediate impacts are evident. Social media reports show mainland investors traveling to Hong Kong for in-person account openings are now frequently denied after signing the new declaration, even at firms like uSMART that still accept applications. The declaration acts as both a compliance shield for brokers and a filter for clients. While major internet brokers have halted new mainland accounts, limited options remain. A few Hong Kong-licensed firms like uSMART, Fosun Wealth, and Cheerful still offer avenues, but approval is not guaranteed and hinges on proving offshore fund sources. Crucially, funding accounts must now be in the investor's own name at qualified Hong Kong or international banks, blocking previous informal methods like third-party transfers. For compliant access, official channels like Stock Connect, QDII, and the Cross-boundary Wealth Management Connect remain open. Individuals with verifiable overseas residency or status have better prospects. The crackdown signals the definitive end of the loosely regulated expansion period, forcing mainland investors toward stricter, fully compliant pathways for overseas asset allocation.

marsbit44m ago

Cross-strait Regulators Jointly Block Hong Kong Stock Account Openings: Where Can Your Money Go Now?

marsbit44m ago

Iran and the Fed -- Three Scenarios That Will Impact Global Markets Next

"Three Scenarios for Iran and the Fed Shaping Global Markets" Iranian geopolitics and the Fed's monetary policy path are two dominant themes for markets. Deutsche Bank Research outlines three scenarios linking Iran ceasefire outcomes to Fed policy, with oil prices as the key transmission channel. **Scenario 1: Peace Deal.** A breakthrough leading to the Strait of Hormuz reopening would ease near-term Fed tightening pressure. Recent inflation would be viewed as a temporary energy shock. However, medium-term risks remain; rate hikes could resurface in 2027 if inflation persists. **Scenario 2: Stalemate.** A breakdown in talks and a prolonged Strait closure, but no major escalation, is deemed the scenario with the *highest* Fed hike risk. Sustained high oil prices would feed into core inflation and threaten inflation expectations, while not severely damaging demand enough to give the Fed a reason to pause. This environment could necessitate multiple Fed rate hikes in 2026. **Scenario 3: Conflict Escalation.** Renewed conflict and sharply higher oil prices create a two-way risk for Fed policy. On one hand, it would risk severe inflation expectations de-anchoring, forcing a hawkish response. On the other, extreme oil prices could severely damage demand and the labor market, potentially shifting the Fed's focus toward easing. The ultimate policy decision would depend on which risk materializes first. Overall, Deutsche Bank's framework emphasizes that the path for oil prices, dictated by Iran, will define the nature of inflation pressures and ultimately determine the Fed's policy space. Key signals to watch include ceasefire progress, whether Brent crude stabilizes below $100, and any shift in Fed officials' rhetoric from discussing cuts to potential hikes.

marsbit53m ago

Iran and the Fed -- Three Scenarios That Will Impact Global Markets Next

marsbit53m ago

Trading

Spot
Futures
活动图片