The co-founder of crypto’s most trusted security library has declared the entire DeFi ecosystem unsafe — and he’s telling his own family to pull their money out. If Manuel Aráoz is running for the exits, should you?
On 26 May, Manuel Aráoz — co-founder of OpenZeppelin, the smart contract framework underpinning billions of dollars in decentralised finance — posted five words that sent shockwaves through Crypto Twitter: “I now consider all of DeFi unsafe.”
He wasn’t talking about some obscure fork-of-a-fork on an L3 nobody uses. He was talking about Aave. MakerDAO. Compound. The so-called blue chips. The protocols your favourite fund manager calls “institutional grade.”
The Man Behind the Warning
Aráoz isn’t some random anon farming engagement. He co-founded OpenZeppelin in 2015 alongside Demian Brener, building the open-source smart contract library that became the backbone of DeFi security. His audit frameworks are deployed across hundreds of protocols managing tens of billions in total value locked. When this man says DeFi is broken, the industry should listen.
His argument is brutally simple: smart contract security has always been asymmetric. Defenders must find and patch every single vulnerability. Attackers only need to find one. That asymmetry has always existed — but artificial intelligence, Aráoz argues, has now tipped the scales irreversibly in the attackers’ favour.
“Coding agents are superhuman at finding vulnerabilities,” he wrote. “I’ve been privately advising friends and family to exit all DeFi positions, including low-risk ‘blue chips’ like Aave, MakerDAO & Compound.”
The Numbers Don’t Lie
The timing of Aráoz’s declaration is no coincidence. April 2026 was an absolute bloodbath. KelpDAO lost $292 million in a LayerZero bridge exploit. Drift Protocol haemorrhaged $285 million through a smart contract vulnerability. Euler Finance was drained of $197 million via flash loan manipulation. That’s $774 million in a single month — and according to DefiLlama, it accounted for roughly 70% of all DeFi exploit losses in 2026 so far.
The full-year tally is even grimmer. Over the past 12 months, more than $1.1 billion has been lost to DeFi-related exploits. And that figure only includes confirmed on-chain losses — it doesn’t account for the billions more wiped from token valuations as confidence evaporated.
OpenZeppelin itself appears to recognise the shifting threat landscape. On 12 May, the firm published a new framework called the “Four Layers of DeFi Risk,” explicitly warning that audits alone are no longer sufficient. Continuous monitoring, bug bounty programmes, and formal verification of critical code paths are now the bare minimum — and even those may not be enough.
The Aave Fallout Proves the Point
If you want a case study in what happens when DeFi security fails, look no further than Aave — the protocol Aráoz specifically named.
After the KelpDAO exploit in April, attackers used stolen rsETH as collateral inside Aave, borrowed against it, and left the lending protocol holding $292 million in bad debt. The fallout was swift and devastating. Aave’s total value locked cratered from $26.4 billion to approximately $14.6 billion — a 45% collapse in weeks. Weekly active addresses spiked briefly as users scrambled to unwind positions, then plummeted to their lowest level since 2024.
Borrow demand has evaporated. Traders aren’t reopening leveraged positions; they’re leaving. The protocol that was supposed to be the safest harbour in DeFi turned out to be precisely where the damage concentrated.
“What a Moronic Thing to Say”
Not everyone agrees with Aráoz’s apocalyptic assessment. Marc Zeller, founder of the Aave Chan Initiative and one of the protocol’s most prominent contributors, responded with characteristic diplomacy: “What a moronic thing to say.”
Zeller’s counter-argument is that fewer than 10% of DeFi incidents over the past year were caused by codebase vulnerabilities. The real culprits, he claims, are “bad parameter configuration, collateral blow up and poor opsec.” In other words: human incompetence, not AI-supercharged hackers.
“First: calm down, kid,” Aráoz fired back, clarifying that his concerns extend well beyond code. “I never said the problem was smart contract code, but security — which includes parameter configuration, mechanism design and opsec.”
It’s an important distinction. Aráoz isn’t merely saying AI will find bugs in Solidity. He’s arguing that the entire security surface — from governance parameters to operational procedures to bridge architectures — is now vulnerable to machine-speed analysis and exploitation.
The AI Arms Race Nobody Is Winning
Here’s the uncomfortable truth that neither side of this debate wants to fully confront: we are entering an AI arms race in DeFi security, and the defenders are losing.
In April, a16z published research demonstrating that AI agents could successfully exploit DeFi protocols at a 70% success rate. Google’s Threat Intelligence Group confirmed the first known AI-generated zero-day exploit used in the wild. Anthropic’s Mythos model reportedly discovered over 2,000 previously unknown vulnerabilities in just seven weeks.
The defenders have the same tools, of course. AI can be used to audit contracts, simulate attacks, and monitor on-chain activity. But the asymmetry remains: a defensive AI needs to be right every time. An offensive AI only needs to be right once.
DeFi was designed for a world where human hackers spent weeks manually reviewing code for exploitable patterns. That world is gone. The question is no longer whether AI will break DeFi security — it’s whether the industry can rebuild its security model before the next $774 million month.
Zeller may be right that most current failures stem from incompetence rather than AI. But that’s precisely the point. If DeFi can’t even defend itself against human stupidity, what chance does it have against superhuman intelligence?
This is a developing story. Bullish Times will continue to track the fallout from Aráoz’s declaration and its impact on institutional DeFi adoption.
