AI Agents Put $148 Billion DeFi Sector Under Serious Attack Risk

DeFi is in trouble. On May 27, Manuel Aráoz, co-founder and former CTO of OpenZeppelin, told investors to pull their money from major DeFi platforms — Aave, MakerDAO, Compound — warning that AI coding agents have made it dramatically easier for attackers to find exploitable weaknesses in smart contracts. The threat isn’t theoretical anymore.

The numbers are bad. Over the past year, exploits have drained more than $1.1 billion from the DeFi sector. April alone was brutal — $635 million lost across 28 separate hacks. That kind of sustained bleeding has pushed the sector’s total value locked down from $172 billion in mid-April to $148 billion now. And with Bitcoin hovering near $72,000 and market sentiment already shaky, the combination of financial pressure and rising attack sophistication is hitting DeFi from two directions at once.

AI is basically the new skeleton key.

Why AI Makes Attacks Cheaper and Faster

Venture capital firm a16z has pointed to how AI agents can identify critical weaknesses in DeFi code — the same kinds of weaknesses that powered past major exploits. What used to require deep technical expertise now takes a lot less. That’s the core problem. Attackers who couldn’t previously reverse-engineer smart contract vulnerabilities can now lean on AI tools to do the heavy lifting. The barrier to entry for launching a serious attack has dropped, probably significantly.

Aráoz’s warning wasn’t vague. He specifically named Aave, MakerDAO, and Compound — three of the most established, most audited protocols in the space. If he’s worried about those, it’s hard to argue smaller or newer protocols are safe. His position is pretty much a flare gun fired into the industry.

But not everyone agrees the right response is to walk away.

Aave founder Stani Kulechov pushed back, pointing to improved infrastructure across the sector — better risk engines, more rigorous audits, stronger monitoring systems. OpenZeppelin, the security firm Aráoz co-founded, has its own read on recent failures: most breaches aren’t happening because of flaws in smart contract code itself. They’re happening through private key theft, social engineering, and access control failures. Operational failures, not code failures. That’s a meaningful distinction, even if it doesn’t make the losses hurt less.

More context: Stablecoins Hit $322 Billion as Payments and DeFi Demand Surges

DeFi’s AI Defense Playbook

Some protocols aren’t waiting around. Uniswap has rolled out an AI-integrated developer platform designed to make secure deployments easier from the start. OpenZeppelin has introduced new tools that help AI agents generate smart contracts using updated security libraries — the goal being to cut reliance on outdated training data that might produce vulnerable code. Both moves are pretty direct acknowledgments that AI-driven development is here whether the sector likes it or not.

Cyvers CEO Deddy Lavid put it plainly: the environment is shifting toward AI versus AI. Attackers use AI to find vulnerabilities. Defenders use AI to spot and stop them. Nansen, the AI-driven trading platform, noted that major protocols are leaning into AI tools for defense rather than pulling back from open-source development entirely.

On the operational side, the industry is adding circuit breakers, transaction monitoring, and multisig controls. These aren’t glamorous, but they’re practical. A circuit breaker can pause or slow suspicious activity long enough for a security team to assess what’s happening before real damage compounds. Multisig controls add human checkpoints to what are otherwise automated systems. There’s an irony there — introducing more human discretion into systems built specifically to remove it — but the alternative seems worse.

Richard Liu, co-founder of Huma Finance, frames the challenge differently. He draws a comparison to the early days of digital commerce, when fraud was rampant and the industry didn’t eliminate it so much as build systems to manage and contain it. His focus is on minimizing damage from failures that will probably happen anyway — real-time detection, transaction limits, robust key management. Not prevention as a total solution. Containment.

See also: Crypto Card Monthly Volume Hits $7.8 Billion, Up 230% Since 2025

Yearn Finance developer Banteg is more cautious still, recommending users stick to mature protocols with long, proven security records. New protocols, however promising, carry more unknown risk right now.

And that tension — between the openness and permissionlessness that define DeFi and the controls needed to keep it from bleeding out — isn’t going away. Circuit breakers work. Multisig works. But they also mean someone, somewhere, has a kill switch. That’s a hard thing to square with the founding logic of decentralized finance.

OpenZeppelin’s new smart contract security libraries are available to developers building on major DeFi protocols.

Hub: AAVE price, news, and analysis