Are AI Agents Putting $148B of DeFi at Risk?

Short version: panic button or overcooked drama?

If you’ve been scrolling crypto feeds with one eye open, you’ve probably noticed two things: DeFi lost a bunch of money recently, and someone on the internet said robots might be making that easier. The loudest alarm came when Manuel Aráoz — an early smart-contract security figure — warned people to consider stepping back from DeFi positions, calling out big-name lending platforms by example.

Numbers make noise: the sector has seen over a billion dollars drained in the last year, a massive chunk of that in a particularly brutal April, and total value locked dropped from roughly $172 billion to about $148 billion during a rough stretch. Those are real hits that help explain why people are suddenly thinking about AI like it’s a cyber-shark circling the pool.

Why people are freaking out

The worry is simple and a little sci-fi: autonomous AI coding agents can scan public smart contract code, stitch together interactions, and highlight weak spots much faster than a human crawling through lines of Solidity over coffee. That lowers the skill floor for attackers — tools can point out promising entry points and even suggest exploit strategies — so you don’t necessarily need a villainous genius to cause trouble anymore.

Research and internal testing from several industry groups shows these agents can often reach the same weak points real attackers used in past hacks, even if they don’t always complete an exploit on their own. Combine that with the fact that many DeFi systems are open, composable, and financially liquid, and you get a recipe where scanning and weaponizing integrations becomes cheaper and faster.

On the flip side, some folks argue the sky isn’t falling. Several security teams and founders point out that a lot of recent losses weren’t due to freshly discovered contract bugs but operational slip-ups — stolen keys, social engineering campaigns, bridge problems, and poor access controls. In other words, attackers often targeted the folks and infrastructure around the code, not some mysterious new category of bug introduced by AI.

Defense, damage control, and what you should do

The response from the ecosystem looks like an arms race where AI is on both sides. Teams are starting to use AI to hunt for flaws before attackers do, build safer contract templates, and integrate automated checks into deployment flows. At the same time, defenders are doubling down on tried-and-true operational hygiene: multisigs, better key custody, circuit breakers, monitoring, and conservative limits on privileged roles.

Security pros now argue that point-in-time audits aren’t enough for pools holding serious capital. Continuous monitoring, realtime transaction simulations, automated pause mechanisms, and smaller blast radii are becoming part of the playbook. Think less “find every bug” and more “make sure one mistake can’t blow up the whole system.”

Practical user advice? Don’t freak and dump everything, but do be picky. Many experienced devs suggest avoiding brand-new, complex, hype-driven projects and favoring protocols with longer track records, simpler designs, clear controls, and active monitoring. Consider exposure limits, diversify, and treat keys and approvals like the nuclear codes they resemble.

Bottom line: AI makes finding problems faster, but it also gives defenders new tools. DeFi isn’t suddenly doomed — it’s just being stress-tested at machine speed. If you’re in the pool, wear your flotation device: prefer mature protocols, watch for operational signals, and accept that this next stretch will be about reducing damage as much as preventing flaws outright.