Security

AI Agents Autonomously Exploit Smart Contracts Discovering Zero-Days

Frontier AI models, including GPT-5 and Claude, now demonstrate human-level capability to autonomously discover and exploit zero-day smart contract vulnerabilities, accelerating the threat landscape.
December 3, 20253 min

A white ring frames a vibrant cluster of blue crystalline structures, suggesting fragmented data or energy. A transparent cube is positioned above, alluding to complex processing or encryption
An intensely detailed, metallic blue mechanical assembly dominates the frame, showcasing a complex arrangement of modular components, precision-engineered surfaces, and visible connection points. The structure exhibits a high degree of technical sophistication, with various textures ranging from smooth to finely granulated, and subtle reflections highlighting its robust construction

Briefing

A new research disclosure confirms that frontier Artificial Intelligence models, specifically GPT-5 and Claude, can autonomously identify and exploit vulnerabilities in live smart contracts, fundamentally shifting the threat model for the DeFi ecosystem. The study, utilizing a benchmark of real-world exploits, showed AI agents recreating attacks worth $4.6 million in simulated stolen funds, confirming the economic viability of AI-driven cyberattacks. Crucially, the models also uncovered two novel zero-day vulnerabilities in recently deployed contracts, demonstrating a capability to proactively find and monetize unknown flaws.

The image presents a striking visual of a transparent cubic structure, resembling a quantum processor or qubit, embedded within a complex, crystalline formation of electric blue. This formation is intricately detailed with circuit board pathways, indicative of advanced digital infrastructure

Context

The prevailing security posture has historically relied on human-led auditing and formal verification to secure deterministic smart contract logic. This new vector introduces an autonomous, low-cost threat where exploit capabilities are observed to double every 1.3 months, dramatically outpacing traditional human-centric defense cycles. The cost to run these AI-driven attacks has simultaneously dropped by 70% in six months, lowering the barrier to entry for sophisticated exploitation.

A luminous, multifaceted diamond is positioned atop intricate blue and silver circuitry, suggesting a fusion of physical value with digital innovation. This striking composition evokes the concept of tokenizing high-value assets, like diamonds, into digital tokens on a blockchain, enabling fractional ownership and enhanced liquidity

Analysis

The attack vector centers on the AI’s advanced control-flow reasoning and boundary analysis, enabling it to translate code-level flaws into profitable on-chain transactions. In one simulated case, the AI agent repeatedly called a mistakenly writable token calculator function to inflate its token balance and drain assets. Another vulnerability involved the AI exploiting a logic flaw to withdraw funds by submitting a fake beneficiary address, showcasing its ability to manipulate internal contract state and access controls. This ability to autonomously identify, test, and execute complex, multi-step exploits without human guidance marks a critical evolution in the threat landscape.

A translucent cubic element, symbolizing a quantum bit qubit, is centrally positioned within a metallic ring assembly, all situated on a complex circuit board featuring illuminated blue data traces. This abstract representation delves into the synergistic potential between quantum computation and blockchain architecture

Parameters

  • Simulated Loss Value → $4.6 Million (Total simulated funds stolen by AI models from contracts exploited after March 2025)
  • Novel Vulnerabilities Found → Two (Zero-day flaws discovered by GPT-5 and Claude in contracts with no known issues)
  • Capability Doubling Rate → Every 1.3 Months (The rate at which AI exploit capabilities increased throughout 2025)
  • Cost Reduction → 70% (The drop in cost to run these AI-driven attacks over a six-month period)

A transparent, blue-tinted cylindrical component, filled with numerous small, distinct bubbles, is prominently featured, partially obscuring a complex mechanical structure in the background. The clear blue material suggests a fluid or gel, contained within a sophisticated apparatus of metallic and dark grey elements

Outlook

The immediate imperative for all protocols is to integrate AI-powered defense mechanisms and accelerate the adoption of formal verification tools that can match the speed of autonomous exploit discovery. This research will establish a new baseline for security best practices, shifting focus from preventing known flaws to preemptively defending against AI-generated zero-day attacks. Protocols must also implement new internal controls that assume adversarial AI is actively probing their entire attack surface, leading to a necessary investment in proactive security research and red-teaming.

The autonomous capability of frontier AI to discover and exploit zero-day vulnerabilities is the single most significant threat multiplier to the smart contract ecosystem in the coming year.

autonomous exploitation, artificial intelligence threat, smart contract zero-day, frontier AI models, code vulnerability discovery, simulated financial loss, blockchain security research, AI-driven cyberattack, SCONE-bench benchmark, control-flow reasoning, autonomous threat actor, decentralized finance risk, automated exploit generation, vulnerability doubling rate, smart contract audit, on-chain forensic analysis, ethical hacking research, AI model capability, token calculator function, access control flaw Signal Acquired from → beincrypto.com

Micro Crypto News Feeds

zero-day vulnerabilities

Definition ∞ Zero-day vulnerabilities are newly discovered software flaws for which no patch or public fix exists.

formal verification

Definition ∞ Formal verification is a mathematical technique used to prove the correctness of software or hardware systems.

control-flow reasoning

Definition ∞ Control-flow reasoning involves analyzing the sequence of operations and execution paths within a program or smart contract.

funds

Definition ∞ Funds, in the context of digital assets, refer to pools of capital pooled together for investment in cryptocurrencies, tokens, or other digital ventures.

zero-day

Definition ∞ Zero-Day refers to a previously unknown vulnerability in software or hardware for which no patch or fix is currently available.

exploit

Definition ∞ An exploit refers to the malicious utilization of a security flaw or vulnerability within a protocol, smart contract, or application to gain unauthorized access, steal assets, or disrupt operations.

attacks

Definition ∞ 'Attacks' are malicious actions designed to disrupt or compromise digital systems.

security research

Definition ∞ Security Research in the digital asset domain involves the systematic investigation and analysis of potential vulnerabilities within blockchain protocols, smart contracts, and cryptographic systems.

Tags:

Tags: