The warning did not come from a skeptic. It came from one of the people who helped build DeFi’s security foundation.

Manuel Aráoz, co-founder of OpenZeppelin — the blockchain security firm whose audit clients include Aave, Compound, MakerDAO, Uniswap, and Coinbase — posted on X on May 26, 2026, that he now considers all of DeFi unsafe. Not some protocols. Not poorly audited ones. All of them.

📖 Related ReadingTHORChain Nears Restart: Bounty Live, Stagenet Next After ADR028 Approval →

THORChain’s recovery from a $10.17M exploit inches forward. ADR028 is approved, a hacker bounty is live, and v3.19…

The Argument Behind the Exit Call

The core of Aráoz’s position is structural, not emotional. Smart contract security has always been asymmetric: defenders must find and fix every single vulnerability in a protocol’s code. Attackers only need one.

That asymmetry existed before. What changed is AI.

As Manuel Aráoz posted on X:

“PSA: I now consider all of DeFi unsafe. Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric: defenders need to fix every bug while attackers need just one exploit to steal funds.”

He followed that post with a second, confirming he had already acted on this view privately. As Manuel Aráoz posted on X:

“I’ve been privately advising friends and family to exit all DeFi positions including low-risk ‘blue chips’ like Aave, MakerDAO & Compound.”

The timing is not disconnected from recent events. DeFi protocols lost more than $600 million in April 2026 alone, per data tracked across multiple exploits that month. KelpDAO was hit for $292 million. Drift lost $285 million. Euler saw $197 million drained. Three protocols, one calendar month.

Not Everyone in the Room Agrees

The response from within the DeFi space was fast and divided. Merlin Egalite, co-founder of Morpho, reacted directly to Aráoz’s comments, writing that Morpho would welcome users considering exits from other protocols. Aráoz acknowledged the outreach. He had previously written favorably about Morpho’s design in a late 2024 analysis on his Substack, but said the same conclusion about systemic AI vulnerability risk still applies.

The sharpest pushback came from Paloma Chain’s official account, which pointed at the KelpDAO incident specifically. As Paloma Chain posted on X:

“Come on brother Manuel: KelpDAO was a poisoned RPC attack, not a smart contract hack. Why conflate bad opsec and weak infrastructure security with good smart contract security that you and OpenZeppelin essentially hardened for the entire industry?”

That distinction matters. Aráoz’s critics argue he is collapsing two separate threat categories, infrastructure failures and actual smart contract exploits, into a single warning that may overstate the risk to well-audited protocols.

JasonCoombs, listed as CEO on his X profile, raised a sharper concern entirely. As JasonCoombs posted on X:

“Could be criminal insider trading when you know you will say this publicly later. Hope you and your friends and family don’t get arrested before the statute of limitations expires.”

That is not a minor objection. A public figure with a credible platform advising private contacts to exit positions before going public with a bearish statement sits in legally uncomfortable territory. No regulatory body has commented on the matter at the time of publication.

What the Noise Around It Actually Reveals

A retail holder sitting in Aave or Compound positions right now faces a specific question: does a warning from a former insider who helped build the audit infrastructure mean something, or is this noise?

The debate in the replies cuts both ways. As Preacher posted on X, sarcastically:

“Thank you so much. Down 99%, exit DeFi positions. Sage advice. Probably saved people millions.”

Others raised genuine questions. AdamHurwitz.eth asked on X whether Ethereum liquid staking protocols fall into the same risk category as traditional DeFi or sit in a separate bucket. Aráoz did not respond to that specific question directly.

Wu Blockchain reported that OpenZeppelin’s audit clients span the largest protocols in the sector, which gives Aráoz’s view unusual weight. A co-founder of a firm that helped secure these protocols saying he no longer trusts them is a different signal than outside commentary.

The DeFi security debate this has reopened goes beyond one post. OpenZeppelin published a framework in May 2026 called the “Four Layers of DeFi Risk,” which argues audits alone are no longer sufficient and that continuous monitoring is now essential. That document and Aráoz’s personal warning point in the same direction, even if the firm itself has not echoed his recommendation to exit.

Whether AI-driven exploit tools represent a breaking point or an accelerant of existing risk is still an open question. What is not open is that the person who asked it publicly had more insider context than most.