Manuel Aráoz, co founder of smart contract security firm OpenZeppelin, issued a stark warning on May 26, urging users to withdraw from decentralized finance platforms entirely, including the industry’s largest protocols.
According to Aráoz, the rapid advancement of AI powered coding agents has shifted the balance of power heavily in favor of attackers, making it increasingly difficult for DeFi projects to guarantee the safety of user funds.
Aráoz Says No DeFi Platform Can Be Fully Trusted
In a post shared on X, the software engineer stated:
“PSA: I now consider all of DeFi unsafe.”
He revealed that he has already advised close friends and family members to exit their DeFi positions, specifically mentioning protocols such as Aave, MakerDAO, and Compound as platforms he no longer believes are secure enough to hold funds.
Aráoz argued that security in crypto has always involved an imbalance where defenders must identify and fix every vulnerability, while attackers only need to find a single weakness to cause significant damage.
He believes AI coding agents have dramatically worsened that imbalance because they can scan smart contracts more quickly and efficiently than human security teams.
Crypto Hacks Continue to Rise
Ironically, OpenZeppelin recently reported that crypto companies lost more than $3.4 billion to hacks in 2025. However, the company noted that most of the losses were caused by compromised credentials, operational mistakes, and code changes introduced after audits rather than flaws within smart contracts themselves.
The crypto industry has faced a wave of attacks this year, with more than $650 million stolen in April alone.
Among the largest incidents were a $292 million exploit involving KelpDAO and another $285 million reportedly drained from Drift Protocol following months of alleged social engineering activity.
Industry Figures Push Back Against the Claims
Aráoz’s comments sparked immediate criticism across the crypto community.
One of the most vocal responses came from Mark Zeller, who rejected the idea that AI driven code exploits are the primary threat facing DeFi today.
Zeller argued that fewer than 10% of DeFi incidents over the past year were caused by smart contract vulnerabilities. According to him, the majority of failures resulted from poor risk management, collateral handling issues, and weak operational security practices rather than AI assisted attacks.
Others in the industry shared similar opinions.
Sam McPherson stated that the smart contracts behind major DeFi protocols are generally very secure today and suggested that operational security failures remain the biggest source of recent hacks.
Meanwhile, Polaris Finance developer Robert claimed that genuine smart contract exploits have become increasingly rare. He explained that most modern breaches involve centralized components controlled by humans instead of immutable blockchain code.
Vitalik Buterin Sees AI as a Security Advantage
Vitalik Buterin has expressed a more optimistic outlook regarding AI and crypto security.
Earlier this month, Buterin suggested that AI assisted formal verification could eventually strengthen blockchain security systems rather than weaken them.
According to him, developers could use AI tools not only to write code but also to generate mathematical proofs verifying that the code functions correctly and securely.#crypto#cryptonewshttps://coinsignals.net https://t.me/coinsignalpublic
