DeFi frequently gets hacked; how should we prevent hacker attacks in the AI era?

Writing: systs

OpenBuild Introduction:

In April 2026, DeFi faced its darkest hour, with the total amount stolen in a single month surpassing $625 million, setting a new record. Just two attacks—Drift and KelpDAO—consumed nearly $580 million. The explosion of AI has completely reversed the attack-defense landscape; protocols that once took weeks of manual effort to audit vulnerabilities can now be done in hours by large models. Attack costs plummet, attack surfaces expand, and more protocols become targets.

Well-resourced, long-term strategic professional attackers are watching every protocol gap, while ordinary teams are distracted and defensively weak. Only by maintaining extreme paranoia, building comprehensive defenses in advance, strictly controlling losses, and preparing contingency plans can they survive this AI-led cyber warfare. The following is the original content, compiled and organized by OpenBuild.

After developing the @openforage project and researching numerous historical attack incidents on DeFi protocols, I have become wary of state-level attackers. These opponents are experienced, resource-rich, and excel at long-term planning; like top villains, they thoroughly audit every crack in your protocol and infrastructure to find exploitable vulnerabilities. Ordinary protocol teams are often spread thin, managing operations while also trying to secure their systems, making full defense impossible. I don’t claim to be a security expert, but I have led teams in high-risk environments (including military experience and managing large funds at major financial institutions), giving me mature practical experience in risk contingency and emergency planning. I firmly believe: only the paranoid can survive. No team starts out with a “perfunctory” attitude toward security, yet hacking incidents still happen frequently. We must do better.

/ 01 AI Era: Everything Has Changed

Cyberattacks have always been common, but recent frequency has surged sharply. In the first quarter of 2026, DeFi set a record for the number of hacker attacks in history, and as the second quarter begins, it looks poised to break that record.

My core view is: AI has drastically lowered the costs of vulnerability scanning and discovery, while greatly expanding attack surfaces. Manually auditing hundreds of protocols for configuration flaws takes weeks; the latest large models can do it in just hours. This fundamentally rewrites the logic of protocol security defense and emergency response. Older protocols, built before AI’s rise and relying on traditional security methods, now face a huge risk of being precisely exploited.

/ 02 Thinking from Attack Surface and Layered Defense

Practically, there are only three core attack vectors in DeFi hacking:

Protocol operation teams

Smart contracts and underlying infrastructure

User trust boundaries (domains, social media, etc.)

After clarifying the attack surface, a five-layer defense system can be built:

Prevention: Implement standardized processes and strict enforcement to minimize breach probability.

Loss mitigation: When prevention fails, quickly control the extent of losses.

Emergency shutdown: Under high pressure, no one can make optimal decisions. Immediately activate emergency shutdown switches upon attack detection, freeze assets to prevent further loss, and buy time for the team to analyze calmly.

Control back: If malicious modules or compromised components are out of control, directly detach and replace them.

Post-incident recovery: Recover stolen assets. Pre-establish cooperation with institutions to freeze funds, rollback transactions, and assist in tracing the attack.

/ 03 Core Principles

The following principles guide the implementation of the layered defense system.

Boldly leverage AI for defense

Fully utilize cutting-edge large models to scan codebases and configuration files for vulnerabilities, conducting red-blue team penetration tests across broad attack surfaces: actively discover frontend flaws and verify if they can be used to penetrate backend systems. Attackers will do the same; defenses can detect vulnerabilities that attackers’ scans can find. Tools like pashov, nemesis, and AI security platforms such as Cantina (Apex) and Zellic (V12) can be used to quickly pre-screen code before formal audits.

Time and process friction are themselves defenses

All potentially risky operations should be designed with multi-step processes and time locks. Once anomalies are detected, leave ample room for manual intervention and asset freezing. Industry resistance to time locks and multi-step permissions was mainly due to process complexity and operational inefficiency. But now, AI can automatically bypass such manual friction in the background, rendering simple protocols pointless.

Invariant design

Smart contracts can defend by defining core invariants that cannot be violated: if a rule is broken, the entire protocol logic is invalidated. @openforage’s core invariant revolves around solvency: assets in the vault plus deployed assets ≥ outstanding claims. Protocols should set only a few key invariants; avoid hardcoding multiple checks for every function, which makes code bulky and hard to maintain.

Power balancing

Many attacks stem from wallet private key leaks or multi-signature breaches. Reasonable permission configurations should ensure that even if multi-sig is compromised, losses can be quickly contained, and the protocol can be shifted to a governance-controlled stable state. Focus on two key restrictions:

Governance permissions: control all core decisions of the protocol.

Emergency rescue permissions: responsible for restoring stability but cannot override or replace the original governance system.

Pre-accept that breaches will happen

Establish a baseline understanding: no matter how professional the team, attacks are inevitable. Smart contracts or dependent components may fail; social engineering attacks may target the team; upgrades may introduce unknown vulnerabilities. With this mindset, risk controls like rate limiting and circuit breakers become essential: limit single-incident losses to 5–10%, freeze assets, and calmly formulate responses. In crises, avoid rash decisions.

Early contingency planning

The best time to prepare for attacks is before they happen. Systematize and document emergency procedures, rehearse repeatedly to prevent chaos during crises. In the AI era, tools and algorithms must be in place to gather all information instantly, generate concise summaries and detailed reports, and deliver them to decision-makers simultaneously.

Survival is the ultimate goal

No system is perfectly secure from launch; only through continuous review, iteration, and learning from lessons can it become resilient. Not being hacked doesn’t mean inherent safety; complacency is often the highest risk. The safest moment is often the most complacent.

/ 04 Prevention System

Smart Contract Design

After defining core invariants, embed them into runtime verification logic, carefully selecting only necessary rules