The person who helped build the security standards protecting billions of dollars in DeFi today just said something that should make every investor stop and think. Manuel Aráoz, former CTO and co-founder of OpenZeppelin, announced on May 26 that he now considers all of DeFi unsafe. His reason: AI coding agents have become superhuman at finding vulnerabilities in smart contracts, and the defenders cannot keep up.
By Priya Sharma | 2026-06-20
The Incident/Update
On May 26, 2026, Manuel Aráoz posted a message on X that sent shockwaves through the crypto security world. He wrote: “I now consider *all* of DeFi unsafe. Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric: defenders need to fix every bug while attackers need just one exploit to steal funds.”
Why does this matter? Aráoz co-founded OpenZeppelin, the company that audits smart contracts for the biggest protocols in crypto. Think of OpenZeppelin like building inspectors who check that the electrical wiring in a skyscraper will not catch fire. When the person who wrote the inspection manual says the whole building is unsafe, people listen.
OpenZeppelin quickly pushed back. A company spokesperson said Aráoz’s views do not represent their current position. Co-founder and CEO Demian Brener reaffirmed OpenZeppelin’s commitment to securing onchain finance and argued that the answer to AI-driven risk is continuous AI-augmented security — using AI defenders to fight AI attackers, rather than abandoning the field entirely.
Technical Post-Mortem
To understand the warning, you need to understand how DeFi security works. A smart contract is like a vending machine sitting on the internet. You put money in, select what you want, and the machine gives it to you automatically. The code that runs the machine is public — anyone can read it. That transparency has always been marketed as a strength. But Aráoz pointed out that transparency becomes a liability when machines can scan code faster than humans can fix it.
Here is the core problem Aráoz identified — the security asymmetry. A defender must find and fix every single bug in a smart contract to keep it safe. An attacker only needs to find one unpatched bug to steal everything. For years, human auditors working at firms like OpenZeppelin could find most bugs before attackers did. But AI coding agents have changed the speed of the game.
Anthropic, one of the leading AI companies, recently warned that its restricted Claude Mythos model can autonomously discover software vulnerabilities and develop working exploits that surpass existing automated tools. In plain English: the AI can find loopholes in code and write attack tools to exploit them — faster and better than any previous automated system. When that capability points at publicly available smart contract code, every DeFi protocol becomes a potential target.
Imagine a world where every lock on every door is published online, and a robot can test all of them simultaneously to find the weakest one. That is the situation DeFi now faces.
Governance Impact
The warning has sparked intense debate inside protocol governance forums. Teams that run major DeFi platforms are now discussing whether to require AI red-team testing before every protocol upgrade — essentially using AI attackers to stress-test code before deploying it. Some communities are exploring insurance funds that would automatically compensate users if an AI-discovered exploit drains funds.
Others are questioning whether the traditional audit model — pay a human firm to review code once, then trust it for years — still makes sense. OpenZeppelin’s argument for continuous AI-augmented security suggests a shift toward always-on monitoring, where AI systems watch code 24 hours a day for new vulnerabilities. That would require protocols to spend significantly more on security than they do today.
For regular investors, these governance debates matter because they determine how safe your money is when you deposit it into a DeFi protocol. If governance votes fail to fund better security, users bear the risk.
TVL Shifts
TVL — Total Value Locked — measures how much money users have deposited in DeFi protocols. Think of it as the total deposit base of an online banking system. The numbers tell a troubling story. DeFi’s TVL has dropped by more than $20 billion since the start of 2026, according to DeFiLlama. Some of that decline reflects falling crypto prices (as BTC trades at $63,879, ETH at $1,729.16, and SOL at $71.47, the value of locked assets naturally shrinks). But a significant portion reflects users pulling funds out of fear.
Over the past 365 days, more than $1.1 billion has been lost to DeFi hacks. The $292 million Kelp DAO exploit in April 2026 showed how a single vulnerability in cross-chain infrastructure can cascade across the entire ecosystem. Earlier in January, Solana-based Step Finance shut down entirely after a $27 million exploit left the project unable to recover. Each hack erodes trust, and Aráoz’s warning amplifies that erosion by suggesting the problem will get worse, not better.
Long-Term Prognosis
For everyday investors, Aráoz’s warning raises a practical question: should you pull your money out of DeFi entirely? The answer depends on your risk tolerance and how much you rely on DeFi for yield. The old mindset — audit once, feel safe forever — is probably dead. But OpenZeppelin’s counterargument has merit: if defenders also use AI, the arms race may reach a new equilibrium rather than a total collapse.
What is clear is that risk premiums in DeFi should be higher. If you are earning 5 percent yield in a protocol that has not updated its security in six months, that yield may not compensate you for the new AI-driven risk level. Protocols that invest in continuous AI monitoring and frequent audits will likely attract more capital over time, while those that rely on outdated security will bleed users.
The broader lesson for investors is to treat every DeFi position as carrying extra risk until the industry proves it can defend against AI-powered attacks. Diversify across protocols, avoid keeping all your funds in a single platform, and pay attention to whether your protocol of choice has updated its security practices since Aráoz’s warning. The crypto market has always been risky — but the risk profile just changed in a way that nobody can ignore.
The cryptocurrency market remains highly volatile. This article is for informational purposes only and does not constitute financial advice.
arazoz literally wrote the book on smart contract security and now hes saying burn the whole library down. thats not a drill, thats a warning from someone who knows
bro worked on OpenZeppelin contracts that protect like half of defi and now says none of it is safe. id be pulling funds rn if i had any serious tvl exposed
araz built the framework everyone uses and now hes saying throw it all out. thats not FUD thats the guy who wrote the inspection manual telling you the wiring is faulty
the asymmetry argument is the real issue here. one bug = drained treasury. 100 bugs fixed = still one away from disaster. AI just made the math worse for defenders
^ exactly. brener saying AI augmented security fixes it is cope. you still need 100% coverage, attacker needs 0.01%
the asymmetry argument is the real issue here. defenders patching 1000 vulnerabilities while attackers only need 1 unpatched. AI just made that gap exponentially worse