DeFi Security in the Age of AI: From Vulnerability Defense to Out-of-Control Management

📝 Hey everyone, I'm 𝟏𝟎. To be honest, I'm pretty scared. It's not about the tech itself, but about how we're still using outdated defense strategies against a new opponent armed with AI.
The data speaks for itself: in Q1 2026, DeFi attacks hit an all-time high; and we're only in Q2 and already nearing peak levels. I used to think state-level attacks were a bit exaggerated, but from KelpDAO to Step Finance and WazirX, this risk is becoming increasingly real.
KelpDAO is a classic example. The issue isn't a code vulnerability, but rather its inheritance. They stuck with LayerZero's default settings, which allows a single validator to confirm cross-chain messages and isn't under audit scrutiny. The result? A whopping $292 million vanished in no time.
The risks now aren’t just about whether the code is wrong; it’s that you might not even know what risks you’ve inherited.
👇👇👇
1. Since AI came along, the offense and defense are no longer equal.
In the past, I thought that as long as audits were thorough, multi-sig setups were secure, and time locks were in place, everything would be stable and I’d feel at ease.
However, things are a bit different now; humans might take weeks to thoroughly check the configurations of hundreds of protocols, while AI can do similar work in just a few hours. And with something like Anthropic's Mythos AI, it can even turn a known vulnerability into a ready-to-use attack tool within 24 hours for less than $50.
This actually brings about two very real changes:
1. Those vulnerabilities you think few can find, AI can now help people discover them in bulk.
Second, while you’re still trying to guard against all vulnerabilities, attackers are already using AI for large-scale scanning.
So I’m increasingly leaning towards a more practical mindset: instead of assuming the system is secure, it’s better to default to the idea that it might get attacked eventually. Thinking ahead about how to quickly cut losses and control damage when something goes wrong is actually more important.
In simple terms: rather than desperately sealing every door, it’s better to plan for what to do if a door does get opened to minimize losses.
2. The biggest fear isn’t contract vulnerabilities, but human vulnerabilities.
This isn’t just my opinion; it’s what the data tells us. By Q1 2026, losses in the industry from phishing and social engineering attacks will account for over 65%, amounting to about $306 million.
Take the WazirX incident with $230 million; the issue wasn’t with the smart contract itself, but with the admin private key of the multi-sig wallet being stolen. Once the attacker gained access, they directly modified the wallet logic.
In other words: the contract is secure, the processes are designed well, but if someone with access gets scammed or compromised, everything falls apart.
Don’t rely solely on a multi-signature wallet; manage funds for different purposes separately, using different multi-signature structures to control risk. Also, a crucial point: don't mix keys with daily-use devices.
If your computer or phone goes online, receives emails, uses Slack, or clicks on unknown links, those devices can no longer be considered secure.
To put it simply: as long as it's connected to the internet, assume it’s at risk. It might sound exaggerated, even overly cautious, but at this stage, being careful is actually the normal level of safety.
3. A kill switch isn’t just for show; it’s your last safety net.
Many people think a kill switch is only for when things go really wrong, but it should actually be something you design from the start.
To put it bluntly: the larger your exit strategy, the larger your loss limit. A minting function without a cap on the blockchain is like giving a blank check for unlimited minting vulnerabilities.
Additionally, the kill switch shouldn't just be on the UI. You need a script that can freeze all value movements with one click, executed atomically. And ideally, before hitting that button, you should already have a warning system running, with off-chain monitors continuously watching your invariants. If any are broken, it should immediately escalate to a human.
The emphasis on humans is crucial because AI can detect, but the final decision still has to be made by a person. No one wants an algorithm deciding whether to freeze hundreds of thousands or millions of dollars.
4. A technical concept I particularly like: invariants.
A variable is a rule you define in system design that must always hold true, no matter what happens. For example: Total Deposits ≤ Total Liabilities.
You can code these rules into the system, making it automatically check after every critical function execution. If it finds that the rule has been broken, the system stops running or throws an error, halting further trading.
Many DeFi attacks (like flash loans or oracle manipulation) fundamentally stem from attackers tampering with the function execution process, causing the system to enter a wrong state for a brief period.
But if you enforce invariant checks in the final state, even if it was altered in between, it must revert to a valid state at the end, or it fails outright. You can let them in, but you can't let them out with erroneous results.
Of course, having more invariants isn’t always better. If you impose too many restrictions, the system becomes rigid, unable to perform normal operations.
A better practice is to focus on the two or three core rules that matter most, such as fund safety and asset balance, as priority protection targets.
Then combine it with formal verification or state fuzz testing to validate them; this generally covers most risks.
5. The essence of security is to leave room for loss of control.
I’m increasingly convinced that security isn’t something you can fix with a single audit or report. It’s more like a process that needs to run daily, staying vigilant every day.
There’s a saying that goes well: just because there’s no evidence of being hacked doesn’t mean you won’t get hacked. The greatest danger often isn’t the vulnerability itself, but the moment you think everything is fine.
So my current mindset is: accept that you will get hacked, but never allow it to take everything in one go. Plan ahead, run drills, set up the guardian wallet, and outline the negotiation and tracking processes in advance. It’s not about perfection; it’s about being ready when that day really comes.
It’s not about avoiding issues altogether, but rather about being stable when they do arise.