Security

AI Agents Autonomously Exploit Smart Contracts Discovering Zero-Days

Frontier AI models, including GPT-5 and Claude, now demonstrate human-level capability to autonomously discover and exploit zero-day smart contract vulnerabilities, accelerating the threat landscape.
December 3, 20253 min

A close-up shot displays a highly detailed, silver-toned mechanical device nestled within a textured, deep blue material. The device features multiple intricate components, including a circular sensor and various ports, suggesting advanced functionality
A highly detailed, abstract visualization showcases a spherical object with luminous blue internal components and external white casing. The sphere is set against a backdrop of intricate, glowing blue digital circuit patterns, suggesting a network of data flow

Briefing

A new research disclosure confirms that frontier Artificial Intelligence models, specifically GPT-5 and Claude, can autonomously identify and exploit vulnerabilities in live smart contracts, fundamentally shifting the threat model for the DeFi ecosystem. The study, utilizing a benchmark of real-world exploits, showed AI agents recreating attacks worth $4.6 million in simulated stolen funds, confirming the economic viability of AI-driven cyberattacks. Crucially, the models also uncovered two novel zero-day vulnerabilities in recently deployed contracts, demonstrating a capability to proactively find and monetize unknown flaws.

A complex, spherical mechanical object with a white segmented exterior and a transparent blue internal structure is prominently displayed against a light gray background. Intricate components, including circular elements and rectangular blocks, are visible, highlighting its sophisticated modular design and precision engineering

Context

The prevailing security posture has historically relied on human-led auditing and formal verification to secure deterministic smart contract logic. This new vector introduces an autonomous, low-cost threat where exploit capabilities are observed to double every 1.3 months, dramatically outpacing traditional human-centric defense cycles. The cost to run these AI-driven attacks has simultaneously dropped by 70% in six months, lowering the barrier to entry for sophisticated exploitation.

Intricate metallic components in shades of blue and black form a complex, layered structure reminiscent of advanced technological systems. This abstract representation visualizes the sophisticated architecture of decentralized networks, where interlocking parts symbolize the consensus algorithms and smart contract execution essential for blockchain operations

Analysis

The attack vector centers on the AI’s advanced control-flow reasoning and boundary analysis, enabling it to translate code-level flaws into profitable on-chain transactions. In one simulated case, the AI agent repeatedly called a mistakenly writable token calculator function to inflate its token balance and drain assets. Another vulnerability involved the AI exploiting a logic flaw to withdraw funds by submitting a fake beneficiary address, showcasing its ability to manipulate internal contract state and access controls. This ability to autonomously identify, test, and execute complex, multi-step exploits without human guidance marks a critical evolution in the threat landscape.

A modern, elongated device features a sleek silver top and dark base, with a transparent blue section showcasing intricate internal clockwork mechanisms, including visible gears and ruby jewels. Side details include a tactile button and ventilation grilles, suggesting active functionality

Parameters

  • Simulated Loss Value → $4.6 Million (Total simulated funds stolen by AI models from contracts exploited after March 2025)
  • Novel Vulnerabilities Found → Two (Zero-day flaws discovered by GPT-5 and Claude in contracts with no known issues)
  • Capability Doubling Rate → Every 1.3 Months (The rate at which AI exploit capabilities increased throughout 2025)
  • Cost Reduction → 70% (The drop in cost to run these AI-driven attacks over a six-month period)

An arctic scene showcases striking blue and clear crystalline formations rising from snow-covered terrain, reflected in the calm water below. In the background, snow-capped mountains complete the serene, icy landscape

Outlook

The immediate imperative for all protocols is to integrate AI-powered defense mechanisms and accelerate the adoption of formal verification tools that can match the speed of autonomous exploit discovery. This research will establish a new baseline for security best practices, shifting focus from preventing known flaws to preemptively defending against AI-generated zero-day attacks. Protocols must also implement new internal controls that assume adversarial AI is actively probing their entire attack surface, leading to a necessary investment in proactive security research and red-teaming.

The autonomous capability of frontier AI to discover and exploit zero-day vulnerabilities is the single most significant threat multiplier to the smart contract ecosystem in the coming year.

autonomous exploitation, artificial intelligence threat, smart contract zero-day, frontier AI models, code vulnerability discovery, simulated financial loss, blockchain security research, AI-driven cyberattack, SCONE-bench benchmark, control-flow reasoning, autonomous threat actor, decentralized finance risk, automated exploit generation, vulnerability doubling rate, smart contract audit, on-chain forensic analysis, ethical hacking research, AI model capability, token calculator function, access control flaw Signal Acquired from → beincrypto.com

Micro Crypto News Feeds

zero-day vulnerabilities

Definition ∞ Zero-day vulnerabilities are newly discovered software flaws for which no patch or public fix exists.

formal verification

Definition ∞ Formal verification is a mathematical technique used to prove the correctness of software or hardware systems.

control-flow reasoning

Definition ∞ Control-flow reasoning involves analyzing the sequence of operations and execution paths within a program or smart contract.

funds

Definition ∞ Funds, in the context of digital assets, refer to pools of capital pooled together for investment in cryptocurrencies, tokens, or other digital ventures.

zero-day

Definition ∞ Zero-Day refers to a previously unknown vulnerability in software or hardware for which no patch or fix is currently available.

exploit

Definition ∞ An exploit refers to the malicious utilization of a security flaw or vulnerability within a protocol, smart contract, or application to gain unauthorized access, steal assets, or disrupt operations.

attacks

Definition ∞ 'Attacks' are malicious actions designed to disrupt or compromise digital systems.

security research

Definition ∞ Security Research in the digital asset domain involves the systematic investigation and analysis of potential vulnerabilities within blockchain protocols, smart contracts, and cryptographic systems.

Tags:

Tags: