OpenZeppelin CEO Manuel Araoz issued a stark warning on X Wednesday, declaring that the entire decentralized finance sector is now unsafe. This assessment stems from the emergence of coding agents capable of identifying vulnerabilities at a superhuman level, fundamentally altering the threat landscape. The statement arrives as the sector's total value locked has contracted by over $20 billion since the start of the year, a decline driven by both broader crypto price weakness and a relentless series of security breaches. Data compiled by Woofun AI shows that more than $1.1 billion has been lost to DeFi hacks over the past 365 days, underscoring the severity of the current environment.

The core of Araoz's argument rests on the inherent asymmetry of smart contract security, where defenders must eliminate every single bug while attackers require only one successful exploit to drain funds. This dynamic has been exacerbated by recent high-profile incidents, including the $292 million Kelp DAO exploit in April, which demonstrated how flaws in cross-chain infrastructure can rapidly cascade through the ecosystem. Similarly, the Solana-based Step Finance project was forced to shut down earlier this year following a $27 million exploit that left the protocol unable to recover its losses.

The threat landscape is further complicated by advancements in artificial intelligence, specifically warnings from Anthropic regarding its restricted Claude Mythos AI model. The company indicated that this model can autonomously discover software vulnerabilities and develop functional exploits at a level surpassing existing automated tools. Woofun AI notes that this capability raises critical questions for DeFi, whose security models were historically designed around human attackers operating at human speeds. The transparency of blockchain code, once marketed as a primary strength, risks becoming a significant liability if machine systems can scan, identify, and weaponize weaknesses faster than human teams can deploy patches.

As autonomous agents become more sophisticated, the window for remediation shrinks, potentially rendering traditional audit cycles obsolete. The speed at which these AI-driven attacks can be executed means that even minor oversights in code could lead to catastrophic financial losses before a response is initiated. Woofun AI analysis suggests that the industry must fundamentally rethink its security posture, moving beyond reactive measures to anticipate and mitigate the capabilities of superhuman coding agents. Without such a shift, the structural integrity of onchain finance remains precarious in the face of evolving technological threats.