OpenZeppelin CEO Manuel Araoz has issued a stark warning: DeFi as we know it may no longer be safe. In a post on X this week, Araoz said he now considers “all” of decentralized finance unsafe because AI-powered coding agents have become “superhuman” at finding vulnerabilities in smart contracts. The concern arrives at a fragile moment for the sector. DeFi’s total value locked (TVL) has fallen by more than $20 billion since the start of the year, according to DeFiLlama, and the past 365 days have seen more than $1.1 billion lost to hacks. High-profile incidents include April’s $292 million Kelp DAO exploit, which highlighted how weaknesses in cross‑chain infrastructure can ripple across the ecosystem, and a Solana-based $27 million exploit that forced Step Finance to shut down earlier this year. Araoz says the threat is not just bigger, it’s fundamentally different. “Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric: defenders need to fix every bug while attackers need just one exploit to steal funds,” he wrote. The asymmetry is worsened by DeFi’s openness: publicly available smart contract code—once touted as a security strength—could become a liability if machine systems scan, identify, and weaponize flaws far faster than developers can respond. Compounding the worry, AI safety researchers at Anthropic have warned that their restricted Claude Mythos model can autonomously discover software vulnerabilities and even craft working exploits at a level they say outperforms existing automated tools. If such capabilities are generalized or proliferate, the dynamics of on‑chain security could shift dramatically. What this means for DeFi: the industry may need to rethink its security model. Traditional defenses—audits, manual reviews, and reactive patches—face a time‑to‑respond problem against autonomous agents that operate at machine speed. Solutions under discussion include more rigorous formal verification, richer bug-bounty programs, runtime monitoring and fail-safes, and protocols built with exploit-resistant patterns from the ground up. Araoz’s warning is a wake-up call: as AI accelerates the ability to find and weaponize code flaws, DeFi teams, auditors and users will have to evolve security practices quickly or risk further erosion of trust and capital in the space. Read more AI-generated news on: undefined/news