Data shows that as of June, the Total Value Locked (TVL) in DeFi has dropped from approximately $115 billion at the beginning of the year to around $70 billion, a decline of 39%, with losses occurring almost every month.
Meanwhile, security incidents have added another layer of pressure on DeFi. According to statistics, there have been 121 hacker attacks in the DeFi sector since 2026, resulting in cumulative losses of approximately $942 million. In the second quarter alone, 85 incidents occurred, with losses reaching $775 million, making it the quarter with the highest frequency of attack activity during the statistical period.
With the proliferation of a new generation of AI tools, the cost and skill requirements for finding vulnerabilities in smart contracts have significantly decreased,forcing security audit companies to the center of this transformation.
I. The AI-ization of the Attack Side, and the Failure of Old Security Defenses
The Collapse of Old Logic
Whenever the industry discusses the impact of AI on the crypto space, the first thoughts often go to quantitative trading, robo-advisors, and on-chain data analysis. However, the direction of reality has taken everyone by surprise: AI has first broken through what was originally considered the most stable business in this industry—security auditing.
Two or three years ago, security audit firms were seen by investment institutions as conservative assets to participate in the crypto industry's boom. The logic was straightforward: whenever a new protocol launches, it needs auditing; the more prosperous the industry, the stronger the audit demand; high client fees, stable income, independent of token price fluctuations.
Immunefi data shows that losses suffered by DeFi protocols due to hacker attacks once dropped 74% from the 2022 peak of $2.62 billion to approximately $680 million in 2025. The proportion of cross-chain bridge attacks in total DeFi losses plummeted from 73% in 2022 to 3% in 2025. The industry generally believed that the continuous maturation of security audits was playing a role.
However, this assessment is gradually being proven wrong.
On June 9, Anthropic released the new-generation AI model Claude Mythos. A viewpoint subsequently emerged in the market: the abnormal increase in recent attack frequency on top protocols may be related to the continuous leap in capabilities of cutting-edge AI models.
Simon Dedic, founder of Moonrock Capital, pointed out that with the proliferation of new-generation AI tools, the cost and skill requirements for finding smart contract vulnerabilities will drop to essentially zero, unaudited protocols will become targets, and known vulnerabilities will be repeatedly exploited.
Data from Chainalysis corroborates this trend: in the past six months, attacks targeting only contracts with unverified source code have caused approximately $36.7 million in losses. Attackers use AI-assisted decompilation of original bytecode to find vulnerabilities, and large language models can now systematically identify vulnerability patterns, scanning thousands of contracts at scale. Protocols like Truebit, Aperture Finance, and Ekubo were among them.
The entire process from discovery to execution by attackers is being compressed to the minute level. The validity period of traditional audit reports is measured in months. This time gap is the most fatal structural flaw in the old audit model.
Audited, but Still Hacked?
The main targets of hacker attacks are no longer second- or third-tier small protocols. Drift Protocol is a leading perpetual contract platform on Solana, and its smart contracts have undergone multiple rounds of audits by several well-known security firms. However, an investigation by security firm TRM Labs revealed that the attacker, through a six-month-long social engineering attack, gradually infiltrated Drift team members and ultimately obtained privileged admin keys.
The situation with KelpDAO was similar. The attacker exploited a vulnerability in the single validator node configuration of the LayerZero cross-chain bridge, forged deposits, minted unbacked tokens, and stole $293 million within 46 minutes. It was later determined that a multi-validator node configuration scheme had been recommended previously but was not adopted. The contract passed the audit, but the infrastructure configuration had flaws, and the loss still occurred.
In those protocols that passed audits, although code correctness was covered, attackers circumvented them by targeting business logic and operational processes.
On the other hand, AI's scanning scope is not limited to new protocols. Web3 security company GoPlus Security pointed out that attackers are using AI technology to mine vulnerabilities in historical contracts deployed years ago on a large scale. On June 9, an Ethereum contract deployed for 7 years, Token of Power, was attacked, resulting in a loss of about $1.5 million. On May 25, a 3-year-old WUSD.fi contract was attacked, losing about $200,000. An old contract deployed 2 years ago for Aztec Network was attacked twice on June 14 and 18, with total losses exceeding $4 million. This indicates that the protective validity period of old audit reports may have already expired.
Just last month, Manuel Aráoz, co-founder of crypto security company OpenZeppelin, stated that he now believes "all DeFi is insecure" and claimed he had advised friends and family to exit all DeFi positions, including Aave, MakerDAO, and Compound. His reasoning is that the ability of AI programming agents to find vulnerabilities has reached a superhuman level, and the structure of smart contract security is extremely asymmetric—the defense side must patch every vulnerability, while the attacker only needs to find one effective entry point.
OpenZeppelin has provided audit services for Aave, Compound, Uniswap, and Coinbase, making it one of the most important smart contract security infrastructure providers in the crypto industry. This statement, coming from him, carries unusual weight.
However, the market also has its disagreements on this. Marc Zeller, an Aave ecosystem contributor, mentioned that less than 10% of DeFi losses in the past year stemmed from code vulnerabilities, with the rest coming from misconfigured risk parameters, improper collateral management, and weak operational security. Michael Heinrich, CEO of 0G Labs, also pointed out that the security of DeFi lending has improved by about 98% compared to the 2020 baseline.
The problem now is that the scope covered by code audits is becoming increasingly limited, while the attacker's strike surface is continuously expanding. The old security framework can no longer provide a convincing answer.
II. The Response and Restructuring by Project Teams and Audit Firms
Although the old audit standards have shown obvious cracks in the face of AI attacks, this does not mean audit demand will disappear. On the contrary, both project teams and audit companies will adjust according to the new reality.
Short-term: The Concentration of Defensive Audit Demand
Many leading protocols that have previously completed audits are now under pressure to be re-audited according to new security standards in the AI era. Project teams are beginning to realize that in the context of continuously improving AI attack capabilities, the protective cycle of traditional audits is shortening.
The nature of this demand is defensive spending, not a signal of healthy industry growth. Security firm CertiK noted in its 2026 regulatory report that smart contract security audits are evolving from an industry best practice to a regulatory access condition, becoming a necessary threshold for license approvals and token listings.
In the short term, this defensive spending will generate a certain amount of audit demand, but it is more of a passive investment by project teams to mitigate risks.
Long-term: The Fundamental Differentiation of Audit Firm Business Models
Audit firms are also feeling the pressure. As attack-side AI tools continue to evolve, leading companies are accelerating the development of their own detection capabilities. Multiple mainstream audit firms have launched AI-assisted audit systems between 2025 and 2026, improving efficiency through multi-model parallel analysis and automated detection.
While efficiency improves, the traditional model faces pressure. The commercial value of delivering a one-time audit report is declining. In the long run, institutions relying on point-to-point reports face the risk of contracting business volumes.
Analysts at J.P. Morgan explicitly stated that ongoing DeFi security incidents are limiting the entry of major institutional investors. This is not just market sentiment; it's an open questioning of the very value proposition of the entire audit industry.
Code4rena, a smart contract audit platform known for its competitive audit model, recently announced its shutdown, with client and researcher resources transferred to Immunefi. This platform had raised $6 million from Paradigm in 2023 and was once seen as a strong complement to the traditional audit model, shutting down less than two years after acquisition.
Image Source:RooData
After experiencing a hacker attack in October 2024, the DeFi lending protocol Radiant, despite 18 months of effort, was unable to recover the funds and announced its shutdown. Ionic Protocol also announced an immediate halt to all operations due to the expanding impact of a security vulnerability.
However, the change is not unidirectional. AI also demonstrates superhuman-level capabilities on the defense side—the question is who uses it first.
The AI-native audit tool Firepan disclosed that during an independent audit of Curve Finance's new AMM contract in April 2026, it discovered a critical composite vulnerability: looking at any single property, the code appeared normal, but under a specific combination of operations, attackers could bypass the donation protection mechanism and withdraw funds.
Curve had previously undergone multiple rounds of review by six independent audit firms and was considered one of the most heavily audited protocols in DeFi, yet this vulnerability remained hidden in the blind spot of manual audits.
Michael Egorov, founder of Curve Finance, later commented that AI is indeed helpful in smart contract security. However, he also noted that AI's success in detecting vulnerabilities in browsers and the Linux kernel cannot be directly applied to smart contracts—smart contracts typically have only a few thousand lines of code, which both humans and conventional AI can fully reason about. The real risks to be wary of, he said, come more from OpSec-level key leaks and supply chain attacks than from code vulnerabilities themselves.
A similar case appeared in the privacy coin space. Security engineer Taylor Hornby, commissioned by the non-profit organization Shielded Labs, used the Anthropic Opus 4.8 model to audit the Zcash protocol and discovered a critical vulnerability in the Zcash Orchard privacy pool that had gone undetected since 2022. Theoretically, it could allow attackers to infinitely mint counterfeit ZEC that cannot be detected on-chain.
Zcash founder Zooko Wilcox subsequently publicly thanked Anthropic. Hornby also stated that he had added Monero (XMR) to the audit queue and would conduct security reviews on more privacy coin projects in the future.
It is reported that OpenZeppelin has launched its Skills system, providing authoritative knowledge of its audited smart contract library to AI programming agents, moving the defense line forward to the development stage.
This is the new direction traditional audit firms are forced to take—shifting from post-hoc review to full-process embedding, from one-time delivery to continuous monitoring, formal verification, and real-time on-chain risk detection.
Conclusion
Overall, the security audit sector is undergoing a transition from a dividend model to a competitive model. AI accelerates attack efficiency while also driving defensive system upgrades. This process not only affects the business models of audit firms but also requires the entire DeFi ecosystem to rethink its approach to security investment.
For project teams, the era of a one-time audit providing lifelong peace of mind is over. Security is no longer a pre-launch formality but infrastructure requiring continuous investment.
For audit firms, passively following AI is no longer sufficient. Players who can more quickly complete a comprehensive reconstruction from tools to service models are more likely to remain at the table in the next phase.
