TL;DR:
- OpenZeppelin co-founder Manuel Aráoz mentioned he considers “all of DeFi” unsafe after practically $630 million was stolen from protocols in April alone.
- He warned AI-powered coding brokers might widen the hole between attackers and defenders by discovering good contract flaws quicker than groups reply.
- April recorded 27 DeFi exploits, Could added 25 extra, and TVL fell about 14% from $172 billion to $148 billion amid rising safety fears throughout customers.
OpenZeppelin co-founder Manuel Aráoz has turned a DeFi anxiousness right into a blunt business alarm. After practically $630 million was stolen from decentralized finance protocols in April alone, he mentioned he now considers “all of DeFi” unsafe and has personally suggested family and friends to exit positions, even in blue-chip names reminiscent of Aave, MakerDAO and Compound. The warning lands as a result of it assaults DeFi’s consolation zone, not simply obscure protocols, suggesting that the safety mannequin underpinning the sector could also be shedding floor towards extra succesful attackers and automatic exploit discovery throughout reside markets.
PSA: I now think about *all* of DeFi unsafe.
Coding brokers are superhuman at discovering vulnerabilities, and good contract safety is simply too uneven: defenders want to repair each bug whereas attackers want only one exploit to steal funds.
— Manuel Aráoz (@maraoz) Could 26, 2026
AI-powered attackers widen DeFi’s safety hole
Aráoz’s concern facilities on an uneven contest between builders and hackers. In his view, defenders should safe each potential weak spot in a protocol, whereas attackers want to search out just one flaw to empty thousands and thousands. The rise of AI-powered coding brokers makes that imbalance extra harmful, as a result of instruments that may uncover good contract vulnerabilities could compress the time between code publication and exploitation. The menace is not solely human persistence however machine-assisted scale, turning DeFi’s open-source transparency into a bigger assault floor when defensive groups can not assessment, patch and coordinate as rapidly as adversaries can probe.
April confirmed how expensive that imbalance can change into. The month was the worst for DeFi hacks because the $1.5 billion Bybit exploit in February 2025, with losses pushed largely by two main incidents. Drift suffered a $285 million exploit reportedly tied to a classy six-month social engineering marketing campaign, whereas Kelp DAO misplaced roughly $293 million after hackers exploited vulnerabilities linked to cross-chain bridge infrastructure. These assaults made April’s injury really feel systemic slightly than episodic, particularly as safety researchers and blockchain analysts attributed each incidents to North Korean state-backed hacking teams focusing on crypto for illicit funding.
The stress has not light. DefiLlama recorded 27 DeFi exploit incidents in April, adopted by one other 25 instances reported up to now in Could, though Could’s losses have been smaller. Investor confidence additionally seems to be reacting, with whole worth locked throughout DeFi falling about 14% since mid-April, from roughly $172 billion to $148 billion. The market is pricing safety as a reside adoption danger, whereas incidents together with Verus Community’s $11.6 million Ethereum bridge exploit and Polymarket’s $573,200 breach maintain reinforcing that protocol security is not a back-office challenge.
