Top Audit Expert Warns: All DeFi is Unsafe, Withdraw Now!
A leading DeFi security expert has issued a stark warning: all DeFi is now unsafe. Manuel Aráoz, founder of major security audit firm OpenZeppelin, stated on X that he is advising friends and family to withdraw funds from major protocols like Aave, MakerDAO, and Compound.
The core reason for this drastic shift is the rise of AI. Aráoz argues that AI-powered coding agents can now identify and exploit smart contract vulnerabilities at an exponentially faster rate. This turns DeFi's transparency into a liability, providing a vast training dataset for attackers. The fundamental asymmetry of security—where defenders must patch every flaw, but attackers need only find one—is being catastrophically unbalanced by AI.
Recent months provide chilling evidence. April saw massive exploits, including a $280 million loss at Drift Protocol and a $292 million theft from Kelp DAO. The trend continued into May with multiple high-value attacks on protocols like THORChain, Verus, Echo Protocol, and StakeDAO, demonstrating vulnerabilities across both on-chain code and off-chain management.
AI acts as a force multiplier for hackers, enabling near-instantaneous vulnerability scanning, automated exploit script generation, and sophisticated social engineering. The recent development of ultra-powerful AI models like Anthropic's Mythos—so advanced its public release was delayed over security fears—signals even greater threats ahead.
The article concludes that the risk-reward calculus for DeFi participants has fundamentally broken. With yields on many "blue-chip" protocols now in the single digits, users are essentially risking 100% of their principal for minimal returns, with no recourse in case of attack. In this environment, withdrawing funds may be the most rational risk management decision.
marsbit05/28 04:09
