DeFi Hacks Happening Every Day; Institutions Are Still Coming

The panel discussion tackled whether DeFi remains viable for institutional investors amid a wave of high‑profile hacks. Participants highlighted that the majority of recent losses stem from supply‑chain and key‑management breaches rather than fundamental smart‑contract flaws, underscoring a different threat vector than traditionally feared.

Data points revealed $630 million lost in April alone and over $1 billion in the past year, prompting OpenZeppelin co‑founder Manuel Ara to advise exiting DeFi. Yet speakers argued that even the biggest smart‑contract exploit – the LayerZero/Kelp‑DOWO incident – was mitigated through rapid community coordination, demonstrating resilience. They also noted AI’s dual role: attackers leverage advanced code‑generation models, while defenders can use formal verification and AI‑assisted audits to harden protocols.

John Settler of Kraken emphasized the launch of a Bitcoin vault routing assets to Morpho as a concrete example of tighter role‑based controls. Son Ragfati and Anthony Martino stressed that risk management must be continuous, likening static audits to a single lock on a house versus a full security system. The conversation referenced Vitalik Buterin’s optimism about AI‑driven formal verification as a path to rock‑solid Ethereum security.

For institutions, the takeaway is clear: DeFi’s growth hinges on establishing industry‑wide standards for key management, role segregation, and compliance akin to traditional finance. Without such frameworks, the sector risks alienating the very investors it seeks to attract, while AI’s evolution could either amplify vulnerabilities or become the cornerstone of a more secure decentralized financial ecosystem.