Skip to content
- OpenZeppelin co-founder warned investors against growing decentralized finance security risks.
- DeFi exploit losses climbed sharply as major protocols suffered repeated breaches.
- Manuel Aráoz said attackers now hold major advantages over protocol developers.
As exploits target both large-scale and smaller cryptocurrencies, the risks of decentralized finance (DeFi) are becoming more difficult for the average investor to handle, says co-founder of OpenZeppelin Manuel Aráoz. Based on statements Aráoz shared on X about his personal advice to friends and family members to get out of all forms of DeFi, including those that are historically considered low-risk platforms in the market, he now believes all of DeFi is unsafe.
Aráoz elaborated on the balance of attacker/defender as the industry has drastically changed in the past few months in the wake of advancements in automated coding systems. He mentioned protocols like Aave, MakerDAO, and Compound. Now, Aráoz said, the coding agents can find vulnerabilities in smart contracts faster than security teams can, leaving the protocol developers constantly anxious to close all loopholes before the bad guys can capitalize on them.
Moreover, Aráoz said decentralized finance security is still very unbalanced as “any 1 percent of the attack is enough to drain millions of dollars”, while every attack point in the increasingly complex infrastructure system must be secured by the developers. The warning came during a time when several DeFi projects keep getting mass hacked due to bridges, wallets, and cross-chain infrastructure.His warning came at a time when several DeFi projects keep getting mass hacked, despite still investing in security audits and protocol monitoring.
Also Read: Squid Distances Core Protocol From Multi-Million Safe Module Exploit Case
Rising Exploit Activity Continues Pressuring DeFi Platforms
Compared to the previous month, DeFi protocols suffered the most from exploits in April with $630 million in losses across 27 different security incidents, DeFiLlama data shows, which was its worst hacking month since the $1.5 billion Bybit breach earlier this year. One of the biggest cases in April involved hackers using Drift to exploit the platform via a social engineering attack that allegedly continued for six months, resulting in over $285 million being stolen from the platform.
Plus, hackers exploited a vulnerability in a cross-chain bridge linked to Kelp DAO to extract nearly $293 million, adding to the growing worry about the security of the interconnected blockchain landscape. Repeated attacks throughout the industry further eroded investor trust in DeFi products and services, with both attacks reported to be perpetrated by North Korean state-backed hackers.
Additionally, in the market data side, the T.V.L. of DeFi went down from $172 billion in mid-April to approximately $148 billion in recent weeks with the rise in the number of exploits impacting investor sentiment throughout the market.
It has been May, and the losses have been reported to be smaller, but no less worrisome, with Verus Network reporting a $11.6 million exploit on its Ethereum bridge and Polymarket admitting to an exploit that involved the accidental exposure of a private key in the internal wallet operations. As the total value locked (TVL) numbers begin to fall, concerns about the security of decentralized finance (DeFi) continue to grow as hackers exploit some of the leading protocols.
Also Read: Ancient Bitcoin Whale Sends $203M BTC to Trading Firms, Traders Alarmed
