A cybersecurity company has tested the ability of AI agents to detect and exploit vulnerabilities in smart contracts, which govern a significant part of the crypto ecosystem’s functioning. The results demonstrate the need to take action.
AI agents: a security risk for smart contracts?
Some are concerned about the quantum threat to the future of Bitcoin and cryptocurrencies, but perhaps we should first prepare for the threat posed by AI agents capable of detecting—and exploiting—security vulnerabilities in the protocols and other smart contracts of the crypto ecosystem.
This is particularly important in decentralized finance (DeFi), which is often targeted by exploits of this type, which are often very profitable for their initiators, as in the recent case of Balancer, estimated at $128 million.
This provided an opportunity for researchers at Anthropic to conduct an experiment to determine more precisely “the economic impact of these capabilities.”
Indeed, these specialists believe that AI agents can now “orchestrate complex network intrusions” or even serve the interests of “state-level espionage.” However, no study currently exists that can “quantify the exact financial consequences of AI’s cyber capabilities.”
This difficult estimate requires an alternative approach, turning “to a domain where software vulnerabilities can be directly ‘priced’: smart contracts.” Indeed, their “human-free” operating model makes it possible to measure more accurately the amount stolen when their vulnerabilities are exploited, by executing them in simulated environments.
Compared to arbitrary success rates, measuring capabilities in monetary terms is more useful for assessing and communicating risks to policymakers, engineers, and the general public.
Anthropic
Technically feasible exploits even for zero-day vulnerabilities
In order to conduct this full-scale test, Anthropic specialists developed a dedicated environment (benchmark) consisting of 405 smart contracts that were exploited between 2020 and 2025 on the Ethereum, BNB Chain, and Base blockchains.
The goal of the AI is to detect existing vulnerabilities and propose a functional exploit whose performance is based on the amount involved. With a total of 10 AI agents tested, 51% of smart contracts were successfully exploited, for a total of $550 million.
Once this first phase is complete, the second phase consists of repeating the exercise with exploits carried out after the model’s knowledge deadline, set for March 1, 2025, mainly with Claude Opus 4.5, Sonnet 4.5, and GPT-5. Of the 35 isolated smart contracts, 56% were effectively exploited, for an estimated total of $4.6 million.
The final step was to detect previously unexploited vulnerabilities (zero-day) in a panel of 2,849 recent smart contracts. In this case, the AI agents used (Sonnet 4.5 and GPT-5) updated two vulnerabilities of this type, valued at $3,694. However, with the API GPT-5 cost for the entire scan estimated at $3,476, the results appear to be rather meager, but effective.
The conclusion comes from the researchers at Anthropic:
This demonstrates, as proof of concept, that autonomous and profitable exploitation in real-world conditions is technically feasible—a result that underscores the need to proactively adopt AI for defense.
Anthropic
