{"id":97547,"date":"2026-05-27T12:38:26","date_gmt":"2026-05-27T09:38:26","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=97547"},"modified":"2026-05-27T12:40:12","modified_gmt":"2026-05-27T09:40:12","slug":"openzeppelin-attributes-defi-vulnerability-to-ai-advancements","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/openzeppelin-attributes-defi-vulnerability-to-ai-advancements\/","title":{"rendered":"OpenZeppelin Attributes DeFi Vulnerability to AI Advancements"},"content":{"rendered":"<p>Manuel Ar\u00e1oz, co-founder of the cybersecurity firm OpenZeppelin, has deemed &#8220;the entire DeFi sector&#8221; unsafe. According to him, the rapid development of <a href=\"https:\/\/forklog.com\/en\/news\/what-are-ai-agents-and-how-do-they-make-life-easier-for-web3-users\">AI agents<\/a> has created a critical asymmetry between defenders and attackers.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">PSA: I now consider *all* of DeFi unsafe.<\/p>\n<p>Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric: defenders need to fix every bug while attackers need just one exploit to steal funds.<\/p>\n<p>\u2014 Manuel Ar\u00e1oz (@maraoz) <a href=\"https:\/\/twitter.com\/maraoz\/status\/2059413451265441990?ref_src=twsrc%5Etfw\">May 26, 2026<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Ar\u00e1oz mentioned that he personally advised friends and family to close all positions in DeFi protocols. This warning applies even to well-established platforms like <a href=\"https:\/\/forklog.com\/en\/news\/what-is-aave\">Aave<\/a>, <a href=\"https:\/\/forklog.com\/en\/news\/what-are-makerdao-mkr-and-the-dai-stablecoin\">MakerDAO<\/a>, and <a href=\"https:\/\/forklog.com\/en\/news\/what-is-compound-comp\">Compound<\/a>.<\/p>\n<p>The expert explained his stance by noting that modern neural networks already surpass humans in finding code vulnerabilities. In such a scenario, smart contract security becomes a losing battle: developers must fix every single bug, while a malicious actor using AI needs only to find one.<\/p>\n<p>The statement comes amid growing concerns about the use of artificial intelligence in <a href=\"https:\/\/forklog.com\/en\/news\/what-is-web3\">Web3<\/a>. In March, OpenZeppelin <a href=\"https:\/\/www.openzeppelin.com\/news\/introducing-openzeppelin-skills\">introduced<\/a> OpenZeppelin Skills, a tool for training AI agents to work safely with smart contracts. At the time, the company warned of the risks of incorrect toolchain configuration and errors complicating code auditing and verification.<\/p>\n<p>Increasing risks have also impacted market metrics. The total value locked in the DeFi sector has decreased by 14% since mid-April, from $172 billion to $148 billion.<\/p>\n<p><iframe loading=\"lazy\" width=\"100%\" height=\"420\" frameborder=\"0\" src=\"https:\/\/www.theblock.co\/data\/decentralized-finance\/total-value-locked-tvl\/total-value-locked-by-category\/embed\" title=\"Value Locked by Category\"><\/iframe><\/p>\n<p>Earlier in May, Anthropic <a href=\"https:\/\/forklog.com\/en\/news\/anthropic-reveals-10000-critical-vulnerabilities-in-project-glasswings-initial-report\">published<\/a> the first report on Project Glasswing, a program for finding vulnerabilities using the Claude Mythos model.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Manuel Ar\u00e1oz from OpenZeppelin called &#8220;the entire DeFi sector&#8221; unsafe. He cited rapid AI agent development as creating a critical asymmetry between defenders and attackers.<\/p>\n","protected":false},"author":1,"featured_media":97548,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"Manuel Ar\u00e1oz from OpenZeppelin called \"the entire DeFi sector\" unsafe.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1751,438,1093,1138],"class_list":["post-97547","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-ai-agents","tag-artificial-intelligence","tag-defi","tag-opinions"],"aioseo_notices":[],"amp_enabled":true,"views":"6","promo_type":"1","layout_type":"1","short_excerpt":"Manuel Ar\u00e1oz from OpenZeppelin called \"the entire DeFi sector\" unsafe.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97547","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=97547"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97547\/revisions"}],"predecessor-version":[{"id":97549,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97547\/revisions\/97549"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/97548"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=97547"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=97547"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=97547"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}