Top Audit Guru Alerts: All DeFi is Unsafe, Withdraw Now!

Odaily星球日报Pubblicato 2026-05-28Pubblicato ultima volta 2026-05-28

Introduzione

Leading DeFi security auditor and OpenZeppelin founder Manuel Aráoz has issued a stark warning, declaring all DeFi protocols unsafe and advising the withdrawal of funds, even from established platforms like Aave and MakerDAO. This warning stems from the rapidly growing threat posed by AI-powered hacking tools. Aráoz highlights that AI agents can now identify and exploit smart contract vulnerabilities in minutes, a task that previously took expert teams weeks. This creates a critical asymmetry: defenders must patch every flaw, while attackers need only find one. Recent months have seen a surge in high-profile exploits, with billions lost in April and May alone across protocols like Drift Protocol, Kelp DAO, and THORChain. The acceleration is attributed to AI's ability to perform rapid code scanning, generate automated attack scripts, and even orchestrate social engineering and infrastructure attacks faster than human defenders can respond. The article cites Anthropic's powerful new AI model, Mythos, which demonstrated such proficiency in finding zero-day vulnerabilities that its public release was delayed over security concerns. This evolution fundamentally disrupts DeFi's risk-reward calculus. With yields on reliable protocols falling to single digits, users now face the potential of 100% capital loss for minimal returns. Aráoz's conclusion is that for most users, withdrawing funds to secure wallets is the most rational risk-management choice in the current landscape.

Original | Odaily Planet Daily (@OdailyChina)

Author | Azuma (@azuma_eth)

"I believe all DeFi is no longer secure."

This assertion left by Manuel Aráoz, founder of OpenZeppelin, on X yesterday is like a depth charge, once again shaking the already stagnant DeFi market.

Manuel even stated that he has started advising friends and family to withdraw funds from major DeFi protocols, including blue-chip protocols like Aave, MakerDAO, and Compound, which were once considered low-risk.

This is not alarmist talk from an outsider. On the contrary, Manuel himself is one of the core builders of the DeFi security ecosystem, and OpenZeppelin is one of the industry's most mainstream security auditing firms. Its contract libraries, security standards, and auditing frameworks have permeated almost the entire DeFi world.

The reason for Manuel's complete change in attitude lies in AI. Manuel pessimistically believes that the capability of AI Coding Agents to identify and exploit smart contract vulnerabilities is increasing exponentially.

This means that issues which previously took top white-hat teams weeks to discover might now be scanned by AI in minutes; where hackers needed to study protocol logic extensively, AI can now automatically analyze attack paths; where DeFi's "openness and transparency" was once an advantage, it has now become the best training corpus for attackers.

Manuel also mentioned a more fatal problem: smart contract security is essentially an extremely asymmetric game — defenders must patch all vulnerabilities, while attackers only need to find one to steal funds. As AI begins to exponentially enhance attack efficiency, this asymmetry is rapidly tilting out of balance.

The Icy Reality: DeFi Has Become a Hacker's ATM

Looking back at DeFi security incidents over the past few months, you'll find Manuel's concerns are not exaggerated.

April was arguably one of the worst months in DeFi history.

On April 1st, April Fool's Day, Drift Protocol suffered a theft of $280 million due to a manager privilege hijacking and multisig execution vulnerability (see April Fool's Joke? Drift Protocol Hacked for Over $280 Million, Possibly Becoming Solana Ecosystem's Second Largest DeFi Heist).
Subsequently on April 19th, Kelp DAO lost $292 million due to a breached bridge protocol (see Another $292 Million Stolen from DeFi, Is Even Aave Unsafe Now?). The hacker later escaped via lending protocols like Aave, casting a shadow of bad debts and their ripple effects over the entire DeFi space.

And since entering May, incidents have not decreased but rather further proliferated.

On May 15th, THORChain was attacked. A newly added node operator exploited a vulnerability in the GG20 threshold signature scheme (TSS) to reconstruct the vault's private key and directly execute outbound transactions, causing a loss exceeding $10 million.
On May 18th, Verus's bridge protocol was attacked. The attacker forged cross-chain import payloads to bypass verification and extract assets from the Ethereum reserves, stealing approximately $11.58 million.
On May 19th, Echo Protocol on Monad was attacked due to a private key leak. The attacker minted 1,000 eBTC (worth $76.7 million) and extracted funds via a previously tested attack path through Curvance.
On May 24th, StablR, a compliant stablecoin issuer under the MiCA regulatory framework, was attacked. The hacker profited over $2.8 million by minting EURR and USDR, causing EURR and USDR to depeg.
On May 25th, the SquidRouter module was attacked, resulting in the theft of approximately $3 million in assets from 86 Gnosis Safe wallets.
On May 27th, the StakeDAO deployer's private key was leaked on Arbitrum. The attacker minted about 5.45 trillion vsdCRV and partially exchanged them for 43.7 ETH to escape.

Frequently occurring security incidents have sounded the alarm. From on-chain code to off-chain management, DeFi seems to be losing ground across the board.

AI Has Become the Hacker's Nuclear Weapon

Why has the DeFi offensive-defensive balance suddenly collapsed this summer? Beyond the evolution of traditional hacking techniques, the rapid advancement of AI large language model capabilities is becoming the ultimate factor tipping the scales.

In the past, finding a complex smart contract vulnerability (especially one involving cross-chain interactions, multi-layer nesting, or extremely hidden reentrancy logic) required top-tier hackers weeks or even months of code analysis. However, with the maturation of AI agents possessing ultra-long context, strong logical reasoning, and autonomous tool-calling abilities, this has undergone a qualitative change.

Second-level Scanning and Global "Zero-day Vulnerability" Mining: Attackers only need to feed open-source code repositories to new-generation AI reasoning models, and AI can, within seconds, deduce hundreds of extreme interaction scenarios like a seasoned security expert, precisely identifying boundary conditions that human auditors might miss due to fatigue.
Automated Attack Script Generation: AI can not only discover vulnerabilities but also automatically write, test, and deploy "hacker smart contracts" designed to extract funds.
Perfect Orchestration of Off-chain DevOps and Social Engineering: AI can impersonate a perfect developer for phishing or monitor a DeFi team's GitHub commits 24/7. Once the team uploads code containing sensitive information or unverified fixes, AI can launch an attack within seconds—far faster than any human security personnel can respond.

In this AI-augmented security war, hackers, armed with AI, possess nearly unlimited ammunition and attack speeds measured in seconds. In contrast, DeFi, constrained by slow-paced governance voting, multisig confirmations, and delayed security audits, struggles to mount a corresponding defense.

Last month, Anthropic, the AI development company behind Claude, officially announced its new-generation model, Mythos (see Anthropic Develops the Most Powerful AI Model in History, But Dares Not Release It...). This is the first model in human history to exceed ten trillion parameters (in contrast, current mainstream models range from hundreds of billions to one trillion parameters), with a staggering training cost of $10 billion.

However, due to Mythos's specialized capabilities in cybersecurity (Anthropic disclosed that they identified thousands of zero-day vulnerabilities using Mythos in just a few weeks), the company even dares not release the model publicly directly, fearing malicious use by hacker groups. Instead, they plan to allow leading tech giants to test it first through a "Project Glasswing" to patch potential vulnerabilities in advance.

If the current DeFi security landscape is already this severe, it's hard to imagine what new threats industry security defenses will face once Mythos is publicly released.

The Biggest Problem: The Risk-Reward Ratio Has Long Been Out of Balance

For ordinary DeFi participants, liquidity providers (LPs), and whales, the most important issue now is to sit down and do the math.

For a long time, the reason users chose to deposit funds into DeFi was the pursuit of annualized yields several times higher than those in traditional finance. During bull markets or frenzied periods of liquidity mining, yields of 10%, 20%, or even higher were enough to cover people's psychological expectations for "potential technical risks."

But today, this underlying logic has long been shaken, even overturned. The risk-reward ratio of DeFi is already out of balance. On the reward side, as the market enters a phase of stock game competition and security cushions thicken, the real yields of most mainstream, relatively reliable DeFi protocols have fallen back to single-digit percentages. On the risk side, users' principal is exposed to a black box that could be breached by AI at any moment, emptied by flash loans in an instant. Once a protocol is hacked, token prices plummeting to zero and liquidity pools being drained often happen within minutes, with no legal recourse, insurance, or central bank to cover the losses.

The gamble of risking 100% principal loss for an annualized return of around 5% is clearly not a worthwhile bet.

Manuel's words may be somewhat absolute, but they tear off DeFi's final fig leaf. In the face of the reality where hackers have made AI a conventional weapon and security incidents keep erupting in the industry, if you are not mentally prepared to risk losing 100% of your principal for a certain return, then "withdrawing funds as soon as possible and securing profits" might be the most rational, most risk-control-compliant choice in the current market cycle.

Domande pertinenti

QAccording to the article, who is Manuel Aráoz and why is his warning about DeFi security considered significant?

AManuel Aráoz is the founder of OpenZeppelin, a leading security audit firm in the crypto industry. His warning is significant because he is a core builder of the DeFi security system, and his company's contract libraries, security standards, and audit frameworks are widely used across the DeFi ecosystem. His shift in stance carries substantial weight due to his deep expertise and role in the industry.

QWhat is the primary reason cited by Manuel Aráoz for his belief that all DeFi is now insecure?

AThe primary reason is the exponential improvement in AI (specifically AI Coding Agents) in identifying and exploiting smart contract vulnerabilities. AI can now find issues in minutes that once took top security teams weeks, automate the analysis of attack paths, and leverage the public nature of DeFi code as training data. This massively amplifies the inherent asymmetry in security where attackers need only find one flaw while defenders must patch all of them.

QWhat is the 'Mythos' model mentioned in the article, and why is it considered a potential threat?

AMythos is a new AI model developed by Anthropic, the company behind Claude. It is the first model to surpass 10 trillion parameters, with a training cost of $10 billion. It is considered a potential threat because Anthropic disclosed that in just a few weeks, Mythos identified thousands of zero-day vulnerabilities. Due to its specialized capabilities in cybersecurity, Anthropic is hesitant to release it publicly for fear it could be maliciously used by hackers to exploit vulnerabilities at an unprecedented scale.

QThe article argues that the risk-reward ratio for DeFi participation has become unbalanced. What is the core of this argument?

AThe core argument is that the potential rewards (returns) from mainstream DeFi protocols have fallen to single-digit percentages in the current market, while the risks have skyrocketed. Users now risk losing 100% of their principal in minutes due to AI-enhanced hacks, with no legal recourse, insurance, or central bank backstop. The article frames this as an irrational trade-off: risking total loss for a relatively low annual yield.

QBesides smart contract code, what other aspects of DeFi infrastructure have been targeted in recent hacks according to the article's examples?

ARecent hacks have targeted vulnerabilities beyond just smart contract code. Examples include bridge protocols (Kelp DAO, Verus), management/private key compromises (Drift Protocol, StakeDAO, Echo Protocol), threshold signature schemes (THORChain), and wallet management modules (SquidRouter). This indicates that security weaknesses exist across the entire DeFi stack, from on-chain code to off-chain operational and key management practices.

Letture associate

AI PC Battle: Bet on the Toll Booth, Not the Camp

**Title:** The AI PC Battle: Don't Bet on Sides, Bet on the Tollbooth **Summary:** The AI PC competition is moving beyond simple "x86 vs. Arm" narratives. The core investment thesis should focus on identifying which players can sustain margins, cash flow, and pricing power throughout the upgrade cycle, rather than backing a particular architecture. The opportunity is analyzed in three layers: 1. **The Advanced Foundry Tollbooth:** TSMC is positioned to collect "tolls" regardless of which chip designer wins, due to its dominant ~70% share in advanced semiconductor manufacturing, which is essential for high-end AI PC chips. 2. **Compute & Platform Spillover:** AMD represents an offensive in the x86 CPU+GPU space, while NVIDIA leverages its GPU and CUDA software stack dominance. Both benefit from the demand for increased local AI compute. 3. **Architecture Diffusion & Turnaround Plays:** ARM and Intel offer potential for significant upside (elasticity), but investments here require stricter discipline due to higher execution risks and competitive challenges. The industry is transitioning from concept to shipment validation. While short-term forecasts for AI PC adoption have been revised down slightly due to tariffs and procurement delays, the long-term trend towards AI becoming a standard PC feature remains intact. The key driver for upgrade cycles will be whether compelling enterprise applications (e.g., privacy-sensitive computing, low-latency inference) emerge beyond consumer-focused features like meeting summarization. Investment strategy should prioritize companies with platform-level advantages and recurring revenue streams. TSMC offers high certainty as the foundational tollbooth. AMD presents a strong offensive play within the established ecosystem. ARM and Intel are higher-risk, higher-potential-reward turnaround bets. The report cautions against chasing short-term hype and emphasizes a disciplined, long-term approach focused on buying ecosystem strength and cash-flow certainty after market enthusiasm subsides. **Key Risks:** Underwhelming AI PC applications slowing upgrade cycles; slow improvement in Windows on Arm compatibility; macro/tariff impacts on PC demand; potential advanced node supply-demand mismatches affecting TSMC; high overall AI sector valuations making stocks vulnerable to a risk-off shift in markets.

marsbit14 min fa

AI PC Battle: Bet on the Toll Booth, Not the Camp

marsbit14 min fa

Which Companies Has NVIDIA's "Three-Track Investment Architecture" Invested In?

NVIDIA's investment strategy operates through a "three-track architecture," not just its NVentures venture arm. Corporate Development handles massive strategic bets (e.g., $30B in OpenAI, $10B in Anthropic, $20B in Synopsys). NVentures, a small team, focuses on early-stage, financial investments across sectors like quantum computing (Alice & Bob, PsiQuantum), AI infrastructure (OpenRouter, Tensormesh), and biotech. The NVIDIA Inception accelerator provides non-monetary support. This system allows NVIDIA to nurture startups and lock in strategic partners, creating a vast AI ecosystem. This aggressive capital deployment has drawn scrutiny. Critics like Michael Burry and EU regulators question potential "circular financing," where NVIDIA's equity investments in companies (e.g., CoreWeave, OpenAI) facilitate those companies' purchases of NVIDIA hardware, potentially inflating revenue. Supporters view it as a necessary "virtuous cycle" to secure supply and demand in a compute-scarce market. While NVentures' smaller deals appear like traditional VC, its role within the larger, controversial investment framework remains a point of debate.

marsbit42 min fa

Which Companies Has NVIDIA's "Three-Track Investment Architecture" Invested In?

marsbit42 min fa

Ten-Thousand-Word Analysis: From $10 to $290, MRVL Wins the Entire AI Era by 'Not Making GPUs'

Marvell Technology's stock price surged from under $10 in 2016 to a record $290 in June 2026, fueled not by making GPUs, but by dominating AI infrastructure connectivity. This analysis argues the market misvalues MRVL as merely a smaller Broadcom in custom AI chips, overlooking its true, unique position. Marvell's core strength lies in enabling high-speed data flow for AI clusters through three interconnected businesses. First, it holds a commanding ~70% market share in high-speed optical DSPs (essential for data center light modules), a deep-moat business with accelerating growth. Second, its custom AI chip design business serves hyperscalers like AWS, Microsoft, and Google, with a significant revenue pipeline despite lower margins. Third, stable cash flows come from Ethernet switch chips and enterprise storage controllers. Together, they form a full-stack "AI data movement" platform. CEO Matt Murphy's transformative leadership since 2016, involving strategic divestments, key acquisitions (like Inphi for optical DSPs), and securing long-term agreements with major cloud providers, repositioned the company. A pivotal $2 billion strategic investment from NVIDIA in 2026 underscored Marvell's critical role in the AI ecosystem, particularly through collaborations like NVLink Fusion. While Marvell faces risks—including client concentration (losing the Amazon Trainium3 design), lower-margin business mix, competitive threats, insider selling, and complex supply chains—its fundamentals remain strong. The optical interconnect moat is widening with the acquisition of Celestial AI (photonics fabric), and financial metrics show accelerating revenue growth and operating leverage. With a PEG ratio suggesting undervaluation relative to its growth, the thesis is that the market undervalues Marvell's monopolistic position in AI "plumbing" while overemphasizing its competitive custom chip segment. The story transcends investing, symbolizing how in any complex system—from the internet to AI—the value of "connection" ultimately surpasses that of individual "nodes."

marsbit44 min fa

Ten-Thousand-Word Analysis: From $10 to $290, MRVL Wins the Entire AI Era by 'Not Making GPUs'

marsbit44 min fa

AI Relay Stations Spark Heated Debate on Zhihu: Behind Cheap Tokens, What Are Users Really Worried About?

A discussion on Zhihu about "AI relay stations" shifted the niche developer topic of "cheap tokens" into broader user awareness. Users moved beyond simply questioning the legitimacy of these services to focus on practical concerns: Where do cheap tokens truly come from? Is the model being accessed the real one? Can relay stations see prompts, code, and API keys? For occasional users, are the risks worth it? The core debate centered less on price and more on trust. A primary worry is model authenticity—the risk of "model swapping," where users paying for a premium model might be routed to a cheaper one, creating an information asymmetry. Others argued that cost comparisons matter; while cheaper than official pay-as-you-go APIs, relay stations may not be the lowest-cost option versus subscriptions, domestic models, or free tiers, making user needs assessment crucial. Speculation about token sources ranged from legitimate bulk discounts to gray-area methods like account sharing or exploiting regional pricing. This opacity makes risk assessment difficult for users. Data security emerged as a critical concern, especially for enterprise use. When processing sensitive information like code, contracts, or client data, the inability to verify a relay station's data handling, retention, or access policies poses significant compliance and confidentiality risks. The evolving consensus suggests relay stations can be used cautiously for low-sensitivity, disposable tasks (e.g., summarizing public info, simple translation). However, they should not be the default for sensitive, professional, or production workflows involving proprietary data, Agents, or automated systems. Recommendations include avoiding large prepayments, not relying on a single service, using test prompts to monitor quality, anonymizing data where possible, and keeping official channels as backups. Ultimately, the discussion framed tokens not just as a billing unit but as a measure of real cost encompassing price, model integrity, data security, and service stability. The popularity of relay stations highlights user demand for affordable access, but the debate underscores a key trade-off: the savings from cheap tokens may come at the price of trust, transparency, and control over one's data and AI experience.

marsbit1 h fa

AI Relay Stations Spark Heated Debate on Zhihu: Behind Cheap Tokens, What Are Users Really Worried About?

marsbit1 h fa

In-Depth Research Report on TradFi: The Convergence Wave of Crypto and Traditional Finance

In 2026, the crypto industry is undergoing a profound infrastructure-level transformation—TradFi assets are migrating on-chain at an unprecedented pace. According to CoinGecko's Q1 2026 report, the total value locked (TVL) of tokenized real-world assets (RWA) has surpassed $31 billion, a nearly 4x increase from $7.8 billion at the beginning of 2025, with the sector’s aggregate market capitalization reaching $19.3 billion. Among these, the market cap of tokenized stocks surged from $2 million to $486 million, with Q1 spot trading volume reaching $15.1 billion—a single quarter already surpassing the entire second half of 2025. RWA perpetual contract Q1 trading volume reached a staggering $524.8 billion, far exceeding the $313 billion for all of 2025. Meanwhile, BlackRock's BUIDL fund has reached $2.3 billion in scale and has filed for two new tokenized funds, signaling that the world's largest asset manager's tokenization strategy is evolving from pilot to product suite expansion. HTX, as a core participant in the crypto exchange sector, officially launched TradFi perpetual futures products including NVDA, AAPL, MSFT, META, and SPY in 2026, enabling crypto users to gain 24/7 trading access to core U.S. equities. Boston Consulting Group predicts that global tokenized asset scale could reach $16 trillion by 2030, while McKinsey offers a conservative estimate of approximately $2 trillion. The on-chain migration of TradFi assets is no longer a "future narrative" but a structural transformation unfolding in real time, as crypto exchanges evolve from single crypto asset trading platforms toward "multi-asset-class trading infrastructure."

HTX Learn1 h fa

In-Depth Research Report on TradFi: The Convergence Wave of Crypto and Traditional Finance

HTX Learn1 h fa

Trading

Spot

Futures