Manuel Aráoz cites superhuman coding agents that outpace defender response times
Manuel Aráoz, co-founder and former CTO of OpenZeppelin, publicly advised investors to exit DeFi positions on May 27, arguing that AI coding agents have fundamentally tilted the security balance against defenders.
“Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric,” Aráoz said. “Defenders need to fix every bug while attackers need just one exploit to steal funds.”
The warning arrives as DeFi experiences sustained outflows. Total value locked in the sector has fallen to $148 billion from a mid-April peak of $172 billion over five consecutive weeks. April alone saw $635 million in losses across 28 reported hacks, contributing to $1.1 billion in total DeFi losses over the past year.
Aráoz did not specify which protocols beyond Aave, MakerDAO, and Compound warrant exit, nor did he clarify whether his warning extends to all DeFi positions. His statement reflects a widening debate within the sector about whether automation has rendered traditional defenses obsolete.
The AI vulnerability arms race
Recent research from a16z found that AI agents consistently identified core vulnerabilities present in historical DeFi exploits, even when those agents failed to complete full exploit chains. Anthropic, the AI research company, restricted public access to its unreleased Claude Mythos model due to its capacity to autonomously discover and weaponize software flaws.
Drift Protocol’s $285 million loss in a six-month social engineering campaign attributed to North Korea’s Lazarus Group illustrates how attackers exploit non-technical vectors. OpenZeppelin, the blockchain security firm, has argued that recent security incidents stemmed from operational failures rather than flaws in audited contract code, pointing to stolen private keys, bridge spoofing, social engineering, and access control issues as primary attack vectors.
This framing creates a factual divide. Deddy Lavid, CEO of Cyvers, contends that static audits are insufficient against AI-driven discovery. Stani Kulechov, founder of Aave, and Hayden Adams, founder of Uniswap, counter that DeFi infrastructure has become more resilient and that recent losses stem primarily from operational failures, not smart contract flaws.
Defense mechanisms in motion
Protocols are adopting circuit breakers, transaction monitoring, multisig controls, and runtime protections as defensive measures. OpenZeppelin recently introduced tooling to help AI agents generate smart contracts using audited security libraries, suggesting the firm views AI integration as part of the solution rather than purely a threat vector. Uniswap launched an AI-integrated developer platform to facilitate secure deployments.
Whether these operational and technical safeguards can outpace autonomous vulnerability discovery remains the central question. Aráoz’s warning signals that at least one prominent security architect believes the asymmetry has become irreversible.
