Top Audit Expert Warns: All DeFi is Unsafe, Withdraw Now!

marsbit2026-05-28 tarihinde yayınlandı2026-05-28 tarihinde güncellendi

Özet

A leading DeFi security expert has issued a stark warning: all DeFi is now unsafe. Manuel Aráoz, founder of major security audit firm OpenZeppelin, stated on X that he is advising friends and family to withdraw funds from major protocols like Aave, MakerDAO, and Compound. The core reason for this drastic shift is the rise of AI. Aráoz argues that AI-powered coding agents can now identify and exploit smart contract vulnerabilities at an exponentially faster rate. This turns DeFi's transparency into a liability, providing a vast training dataset for attackers. The fundamental asymmetry of security—where defenders must patch every flaw, but attackers need only find one—is being catastrophically unbalanced by AI. Recent months provide chilling evidence. April saw massive exploits, including a $280 million loss at Drift Protocol and a $292 million theft from Kelp DAO. The trend continued into May with multiple high-value attacks on protocols like THORChain, Verus, Echo Protocol, and StakeDAO, demonstrating vulnerabilities across both on-chain code and off-chain management. AI acts as a force multiplier for hackers, enabling near-instantaneous vulnerability scanning, automated exploit script generation, and sophisticated social engineering. The recent development of ultra-powerful AI models like Anthropic's Mythos—so advanced its public release was delayed over security fears—signals even greater threats ahead. The article concludes that the risk-reward calculus for DeFi partic...

Original | Odaily Planet Daily(@OdailyChina)

Author | Azuma(@azuma_eth)

“I believe all DeFi is now unsafe.”

This assertion left by OpenZeppelin founder Manuel Aráoz on X yesterday, like a depth charge, once again rocked the already stagnant DeFi market.

Manuel even stated that he has started advising friends and family to withdraw funds from major DeFi protocols, including blue-chip protocols like Aave, MakerDAO, and Compound, which were once considered low-risk.

This is not alarmism from an outsider. On the contrary, Manuel himself is one of the core builders of the DeFi security system, and OpenZeppelin is one of the industry's most mainstream security auditing firms. Its contract libraries, security standards, and audit frameworks have permeated nearly the entire DeFi world.

The reason for Manuel's complete shift in attitude lies in AI. Manuel pessimistically believes that the ability of AI Coding Agents to identify and exploit smart contract vulnerabilities is increasing exponentially.

This means that issues which previously required top-tier white-hat teams weeks to discover might now be scanned by AI in minutes; where hackers once needed long-term study of protocol logic, attack paths can now be analyzed automatically by AI; the "open and transparent" nature of DeFi, once an advantage, has now become the best training corpus for attackers.

Manuel also raised a more fatal problem: Smart contract security is essentially an extremely asymmetric game — the defense must patch all vulnerabilities, while the attacker only needs to find one to steal funds. As AI begins to exponentially enhance attack efficiency, this asymmetry is rapidly becoming unbalanced.

The Cold Reality: DeFi Has Become a Cash Cow for Hackers

Looking back at DeFi security incidents over the past few months, you'll find that Manuel's concerns are not exaggerated.

April was almost the worst month in DeFi's history.

On April 1st, April Fool's Day, Drift Protocol lost $280 million due to manager privilege hijacking and multi-signature execution vulnerabilities (details in "An April Fool's Joke? Drift Protocol Hacked for Over $280M, Potentially Becoming Solana Ecosystem's Second-Largest DeFi Heist").
Subsequently, on April 19th, Kelp DAO lost $292 million due to a bridge protocol breach (details in "DeFi Hacked Again for $292M, Is Even Aave Unsafe Now?"). The hacker later escaped via lending protocols like Aave, casting the shadow of bad debt and its cascading effects over the entire DeFi sector.

Entering May, incidents not only didn't decrease but further proliferated.

On May 15th, THORChain was attacked. A newly joined node operator exploited a vulnerability in the GG20 Threshold Signature Scheme (TSS), reconstructed the vault private key, and directly executed outbound transactions, causing over $10 million in losses.
On May 18th, Verus's bridge protocol was attacked. The attacker forged cross-chain import payloads, bypassed verification to extract assets from the Ethereum reserve, stealing approximately $11.58 million.
On May 19th, Echo Protocol on Monad was attacked due to a private key leak. The attacker minted 1,000 eBTC (worth $76.7 million) and extracted funds via Curvance using a previously tested attack path.
On May 24th, StablR, a compliant stablecoin issuer under the MiCA regulatory framework, was attacked. The hacker profited over $2.8 million by minting EURR and USDR, causing EURR and USDR to depeg.
On May 25th, the SquidRouter module was attacked, resulting in approximately $3 million in assets stolen from 86 Gnosis Safe wallets.
On May 27th, the StakeDAO deployer private key was leaked on Arbitrum. The attacker minted about 5.45 trillion vsdCRV and exchanged part of it for 43.7 ETH to escape.

The frequently occurring security incidents have sounded the alarm. DeFi seems to be collapsing across the board, from on-chain code to off-chain management.

AI Has Become the Hackers' Nuclear Weapon

Why has the DeFi offense-defense dynamic suddenly accelerated towards collapse this summer? Beyond the evolution of traditional hacking techniques, the rapid advancement of AI large language models is becoming the ultimate factor tipping the balance.

In the past, finding a complex smart contract vulnerability (especially those involving cross-chain, multi-layer nesting, or extremely hidden reentrancy logic) required top hackers weeks or even months of code review. However, with the maturity of AI agents possessing ultra-long context, strong logical reasoning, and autonomous tool-calling capabilities, this has changed fundamentally.

Second-Level Scanning and Global "Zero-Day" Vulnerability Mining: Attackers only need to feed the open-source codebase to the new generation of AI reasoning models. The AI can, within seconds, deduce hundreds of extreme interaction scenarios like a seasoned security expert, accurately pinpointing edge cases missed by human auditors during fatigue.
Automated Attack Script Generation: AI can not only discover vulnerabilities but also automatically write, test, and deploy the "hacker smart contracts" used to extract funds.
Perfect Orchestration of Off-Chain DevOps and Social Engineering: AI can impersonate perfect developers for phishing or monitor DeFi teams' GitHub commit logs around the clock. Once a team uploads code containing sensitive information or unverified fixes, the AI will launch an attack within seconds—far faster than any human security team's response time.

In this security warfare augmented by AI, hackers, armed with AI, possess nearly infinite ammunition and second-level attack speed. DeFi, however, is constrained by slow-paced governance voting, multi-signature confirmations, and lagging security audits, making it difficult to mount a corresponding defensive response.

Last month, Anthropic, the AI development company behind Claude, officially announced its next-generation model, Mythos (details in "Anthropic Creates the Most Powerful AI Model Ever, But Dares Not Release It..."). This is the first model in human history to break the hundred-trillion parameter threshold (in contrast, mainstream models currently range from hundreds of billions to one trillion parameters), with a staggering training cost of $10 billion.

However, due to Mythos's specialized capabilities in cybersecurity (Anthropic disclosed that using Mythos, they identified thousands of zero-day vulnerabilities in just a few weeks), Anthropic even dares not publicly release the model directly, for fear of malicious use by hacking groups. Instead, they plan to first allow leading large companies to test and preemptively patch potential vulnerabilities through a "Glasswing" initiative.

With the DeFi security situation already so severe at this stage, it's hard to imagine what new threats the industry's security defenses will face once Mythos is publicly released.

The Biggest Problem: Risk-Reward Ratio Has Long Been Unbalanced

For ordinary DeFi participants, liquidity providers (LPs), and whales, the most important question now is to sit down and calculate.

For a long time, the reason users chose to deposit funds into DeFi was to pursue annualized yields several times higher than those in traditional finance. During bull markets or the frenzy of liquidity mining, yields of 10%, 20%, or even higher were enough to cover people's psychological expectations for "potential technical risks."

But today, this underlying logic has long been shaken and even overturned. The risk-reward ratio of DeFi is already unbalanced. On the reward side, as the market enters a game of limited players and safety margins thicken, the real yields of most mainstream, relatively reliable DeFi protocols have fallen back to single-digit ranges. On the risk side, users' principal is exposed to a black box that could be breached by AI at any moment and emptied by a flash loan in an instant. Once a protocol is hacked, token prices plummeting to zero and liquidity pools being drained often happen within minutes, with no legal recourse, insurance, or central bank to provide coverage.

The risk of losing 100% of principal to chase roughly 5% annualized yield is clearly not a good deal.

Manuel's words may be somewhat absolute, but they tear off DeFi's last fig leaf. In the face of the reality where hackers have made AI a conventional weapon and security incidents continue to erupt in the industry, if you are not prepared for the psychological expectation of losing 100% of your principal for a certain yield, then "withdrawing funds as soon as possible and realizing profits" might be the most rational and risk-control-principled choice in the current market cycle.

İlgili Sorular

QAccording to the article, what is the main reason Manuel Aráoz gives for his statement that all DeFi is unsafe?

AThe main reason is the exponential enhancement of AI Coding Agents in identifying and exploiting vulnerabilities in smart contracts, making it easier and faster for attackers to find and exploit flaws.

QWhat does the article highlight as the fundamental asymmetry in smart contract security?

AThe fundamental asymmetry is that defenders must fix all vulnerabilities to be secure, while attackers only need to find a single vulnerability to steal funds.

QWhy is the AI model 'Mythos' from Anthropic mentioned as a particular concern in the context of DeFi security?

AMythos is a concern because it has demonstrated a powerful specialization in cybersecurity, being able to identify thousands of zero-day vulnerabilities in a short time, which could be weaponized by hackers if publicly released.

QWhat is the article's conclusion about the risk-reward ratio for users participating in DeFi protocols currently?

AThe article concludes that the risk-reward ratio is imbalanced. The potential risk of losing 100% of principal now outweighs the relatively low single-digit percentage annual yields offered by many protocols.

QWhich two major DeFi protocols were specifically mentioned as examples from which Manuel Aráoz is advising friends and family to withdraw funds?

AAave and Compound were specifically mentioned as examples of previously considered low-risk blue-chip protocols from which he advises withdrawal.

İlgili Okumalar

Bloomberg Uncovered: How Do China's Wealthy Circumvent the Annual $50,000 Limit to Transfer Assets?

**Summary: How Wealthy Chinese Circumvent $50,000 Annual Foreign Exchange Limits** Despite China's strict capital controls, including an annual $50,000 per person foreign exchange quota, an estimated $150 billion in funds still leaves the country annually via various gray and underground channels. This report outlines the evolution of China's "capital wall" and the methods used to bypass it. **The Evolving Capital Controls:** * **Foundation (1994):** The system of "current account convertibility with strict capital account controls" was established. * **Quota Set (2007):** The $50,000 individual annual forex purchase limit was formalized. * **Crackdown Begins (2015-2017):** Following market volatility, enforcement tightened. Banks were required to scrutinize transactions, and channels like using UnionPay cards for Hong Kong insurance premiums or buying overseas property were blocked. * **Digital & Legal Upgrades (2024-2026):** Enhanced algorithms now flag suspicious patterns (e.g., "smurfing"). The Common Reporting Standard (CRS) provides Chinese tax authorities with data on citizens' offshore accounts. Unlicensed cross-border brokers have been targeted. **Five Primary Methods for Moving Capital:** 1. **Underground Banking / "Hawala" (Duiqiao):** The largest-scale method. No money crosses borders. Clients pay RMB to a domestic account; an overseas associate deposits equivalent foreign currency into the client's offshore account. Risks include high fees, account freezes, and legal penalties. 2. **"Smurfing" or "Ant Moving":** Using multiple individuals' $50,000 quotas to pool funds for one offshore recipient. Increasingly detected by anti-money laundering algorithms. 3. **Trade Invoice Manipulation:** Businesses over-invoice imports or under-invoice exports via offshore shell companies, creating a pretext to transfer excess funds abroad under the guise of trade. 4. **Channel Migration:** After a crackdown on internet brokers, funds flow toward more compliant but costly channels like major banks' cross-border wealth management services or Qualified Domestic Institutional Investor (QDII) quotas. 5. **Structural Arrangements:** High-net-worth individuals use complex, high-cost legal structures involving offshore trusts, insurance, and investment migration programs to transfer asset ownership. **Regulatory Response: Focusing on People, Not Just Money** The current strategy extends oversight from enterprises to **individual residents**. Tools like CRS allow retroactive visibility into offshore assets. Cryptocurrencies, once seen as a potential loophole, are now actively monitored and prosecuted as an illegal channel. The underlying driver remains: with significant wealth concentrated among millions of affluent households seeking diversification amid domestic economic shifts, the incentive to move assets offshore persists despite regulatory barriers.

marsbit5 dk önce

Bloomberg Uncovered: How Do China's Wealthy Circumvent the Annual $50,000 Limit to Transfer Assets?

marsbit5 dk önce

Ethereum's Ballmer Moment: As Everyone Is Bearish, the Circulating Supply Is Disappearing

"Ethereum's Ballmer Moment: Circulation Shrinks Amid Bearish Sentiment" Amid widespread bearish sentiment, with prominent figures like Bankless founder David Hoffman selling ETH and young developers flocking to Solana, some argue Ethereum is entering its "Ballmer era"—akin to Microsoft's perceived stagnation under Steve Ballmer. While surface-level criticisms about slow protocol development, cautious leadership, and competitive pressure are valid, underlying fundamentals tell a different story. Approximately 30% of ETH is staked, major holders like BitMine are accumulating, and spot ETFs continue to absorb supply. Regulatory clarity, including the SEC/CFTC's March ruling on staking rewards and the potential passage of the CLARITY Act, is transforming crypto from a regulatory threat into a legitimized framework. This institutionalization, alongside a shrinking circulating supply (with net issuance around 0.23% annually), creates significant buy-side pressure independent of fee-based value capture. The broader crypto total addressable market is expanding through regulated stablecoins, tokenized assets, and institutional adoption. While public chains face competition from permissioned alternatives, the winning model appears to be permissioned assets settling on public chains like Ethereum and Solana. The author advocates a non-maximalist, barbell strategy: holding ETH for its institutional role and supply squeeze, SOL for consumer/throughput trends, BTC as a macro hedge, and a basket of next-gen L1s. Key bullish drivers for ETH include rapid circulation shrinkage, potential Q2 staked ETF approvals, regulatory tailwinds solidifying its role as a default settlement layer, and the optionality of an eventual "Satya moment" leadership shift. Despite bearish consensus, the current setup—where crypto is "not hot" and regulatory groundwork is being laid—presents a compelling investment opportunity. The crypto cycle's focus may have shifted to AI, but blockchain infrastructure is gaining a legal and institutional foothold precisely while attention is elsewhere.

marsbit5 dk önce

Ethereum's Ballmer Moment: As Everyone Is Bearish, the Circulating Supply Is Disappearing

marsbit5 dk önce

Claude Code Introduces Dynamic Workflows: Enabling AI to Form Teams and Collaborate

Claude Code introduces dynamic workflows, enabling AI to coordinate teams of specialized agents for complex tasks. This transforms Claude from a code assistant into a programmable workbench. Workflows address key limitations of single-agent systems: agentic laziness (premature task completion), self-preferential bias (favoring own outputs), and goal drift (losing sight of original objectives). The system allows Claude to dynamically create execution frameworks using JavaScript. It can split tasks, dispatch parallel agents for isolated work (e.g., in separate worktrees), implement adversarial validation, run tournaments, and synthesize results. This multi-agent approach is valuable for tasks requiring deep research, factual verification, code migration, root cause analysis, large-scale triage, and qualitative sorting. Key patterns include: classify-and-route, fan-out-and-synthesize, adversarial verification, generate-and-filter, tournaments, and loop-until-done. While token usage is higher, workflows excel where tasks resemble programming—needing problem decomposition, isolated context, hypothesis testing, and handling many details. They extend Claude Code's utility beyond technical work to areas like business plan review, resume screening, and naming brainstorm. The feature is not a universal solution but points to a future where AI tool competitiveness depends on organizing reliable, reusable, and auditable execution flows for complex goals.

marsbit46 dk önce

Claude Code Introduces Dynamic Workflows: Enabling AI to Form Teams and Collaborate

marsbit46 dk önce

Hyperliquid, Wall Street's 24/7 Trading Convenience Store

Hyperliquid: The 24/7 Trading "Convenience Store" for Wall Street Hyperliquid, a decentralized cryptocurrency exchange, has become a go-to platform for Wall Street traders seeking to trade around the clock, especially during traditional market closures. Founded by Jeff Yan, a former quantitative trader, after the FTX collapse, the platform emphasizes user self-custody of assets. It offers a wide range of perpetual contracts—leveraged derivatives with no expiry—on assets from Bitcoin and crude oil to the S&P 500 and even pre-IPO companies like SpaceX. A notable example involves a hedge fund trader who capitalized on geopolitical news over a weekend, securing a 243% return on oil derivatives before markets reopened. The platform, run by just 11 employees, generated approximately $800 million in revenue last year, and its native token HYPE has seen significant growth. Its rise highlights the merging of traditional finance and crypto. While U.S. users are currently restricted, recent CFTC rule changes could open access. The platform is known for its transparency, having processed $10 billion in liquidations during a market crash while competitors faltered. Regulators warn of the high risks and complexity of perpetual contracts for retail investors. Key to its appeal is a strong community culture, direct engagement with founders, and a simple interface. Despite rules against VPN use, it attracts global users with its permissionless approach. Hyperliquid plans to expand into prediction markets and options, aiming to eventually host all financial activity.

marsbit47 dk önce

Hyperliquid, Wall Street's 24/7 Trading Convenience Store

marsbit47 dk önce

Strategy Sells 32 Bitcoins: A True Turn of Direction?

Strategy, a public company known for its massive Bitcoin holdings, recently disclosed selling 32 BTC for approximately $2.5 million to cover obligations for its Series C Preferred Stock (STRC). This marked the first time the company reported a net decrease in Bitcoin in a standalone 8-K filing, initially causing market concern and a brief dip in BTC price below $72,000. However, analysts argue this sale is a strategic capital structure maneuver, not a loss of faith in Bitcoin. The sold amount represents a negligible 0.004% of Strategy's total holdings of 843,706 BTC. The primary intent is seen as a signal to credit rating agencies and analysts: Strategy is willing and able to monetize a tiny portion of its Bitcoin reserve to uphold its commitments to priority financing instruments like the STRC. This action follows S&P Global's earlier warnings about potential "debt wall" risks from Strategy's convertible notes. By proactively managing liabilities and demonstrating commitment to its preferred stock, Strategy aims to strengthen the credit quality of its financing tools. This, in turn, is designed to facilitate future fundraising, ultimately allowing the company to accumulate more Bitcoin. As founder Michael Saylor suggested, the strategy is to potentially "sell one Bitcoin to buy back 10 or 20 more."

marsbit1 saat önce

Strategy Sells 32 Bitcoins: A True Turn of Direction?

marsbit1 saat önce

İşlemler

Spot

Futures