‘All DeFi unsafe’ claim sparks AI security debate after April hack surge

Warnings that artificial intelligence is reshaping decentralized finance (DeFi) security are dividing the crypto community over whether DeFi is becoming fundamentally unsafe or entering a new phase of defensive adaptation.

Manuel Aráoz, founder of the blockchain security platform OpenZeppelin, took to X late Tuesday to say he considers “all of DeFi unsafe,” citing the growing ability of AI coding agents to identify smart contract vulnerabilities.

The claim has sparked debate within the crypto community, with some arguing that smart contract flaws are not the primary driver of DeFi hacks, while others say protocols must use AI to strengthen defenses and stay ahead of attackers.

The discussion follows a wave of DeFi security incidents in April, which contributed to the highest monthly crypto losses since February 2025, with some security analysts linking the surge to the rise of agentic AI.

SlowMist founder warns of AI-powered “dual threat” to DeFi

Yu Xian, founder of blockchain security firm SlowMist, responded to Aráoz’s claim by highlighting a “dual threat” from AI-empowered attackers, including black-hat hackers using AI tools and organized groups skilled in social engineering.

He said DeFi project teams should urgently adopt advanced AI tools to detect security risks in live code and DevOps processes, while also running regular checks covering both onchain and offchain attack paths.

Source: Yu Xian

Yu also argued that DeFi teams must become “more diligent and ruthless than black hats” as automated attack capabilities continue to evolve.

Is DeFi uniquely vulnerable to AI?

While some security analysts link the rise in DeFi attacks to AI, there is still limited public forensic proof that AI directly executes such exploits, according to Meir Dolev, co-founder and chief technology officer of blockchain security platform Cyvers.

“What is verified is the broader trend,” Dolev told Cointelegraph, pointing to reports on AI-enabled crypto scams from Chainalysis and the Federal Bureau of Investigation.

Source: Cyvers

Still, Dolev said DeFi remains uniquely exposed because its code is public, funds move instantly, contracts are composable, and attackers “only need one mistake to succeed.”

“The most exposed areas are smart-contract logic, admin keys, DevOps, front ends, signer workflows, and human-layer social engineering. AI makes each of these attack surfaces easier to probe and scale,” the exec said.

Related: Squid and Safe Labs say third-party module behind $3.2M exploit

Despite growing concerns, Dolev says abandoning DeFi is not the practical answer. He urged that the focus should shift away from periodic audits toward continuous, real-time security. He also outlined measures such as AI-assisted code review, regular red-team exercises, DevOps hardening, stronger key management, real-time transaction simulation and pre-signing risk scoring.

“DeFi is still fixable, but only if security becomes an always-on execution-layer control, not a pre-launch checkbox,” Dolev said.

Magazine: Agent wastes 14 hours of scammers’ time, LLMs ‘poisoned’ by Iran: AI Eye