CertiK CEO: AI Is Turning DeFi Defense into an "Unfair Game"

Odaily Odaily reports that Ronghui Gu, co-founder and CEO of CertiK, stated that AI tools are exacerbating the imbalance between attack and defense in DeFi security, making it easier for attackers to discover vulnerabilities and replicate attack paths across different protocols.

He pointed out that the DeFi security situation was particularly severe in April of this year, with only 3 days that month free from hacker attacks, resulting in cumulative losses exceeding $690 million for DeFi protocols. Excluding the Bybit attack in February 2025, April has become the month with the highest losses from DeFi hacks since March 2022.

Ronghui Gu believes that attackers can concentrate significant computing power to repeatedly test a single protocol, whereas security companies need to serve multiple clients simultaneously with dispersed resources, putting the defense side at a natural disadvantage. Meanwhile, the focus of recent attacks is also shifting from smart contract vulnerabilities to operational security and weak points in the supply chain.

He emphasized that even if AI fails to find vulnerabilities over an extended period, it does not prove the code is completely secure; under current technical conditions, formal verification remains a more reliable method for ensuring security.