Recent research from the Anthropic Fellows program is drawing attention to a shift in how decentralised finance systems may be targeted in the future.
The findings show that frontier AI agents are no longer limited to spotting basic coding issues.
They can now perform deeper reasoning, build transaction sequences, and create complete exploit scripts on their own.
This marks an important development for DeFi because automated analysis tools are beginning to look similar to automated attack systems.
The study was carried out through the ML Alignment & Theory Scholars Program and the Anthropic Fellows program using SCONE-bench, a dataset of 405 exploited contracts.
Models including GPT-5, Claude Opus 4.5, and Sonnet 4.5 were evaluated on contracts that had been hacked after their knowledge cutoffs.
Across the dataset, the agents generated $4.6 million in simulated exploit gains by identifying weaknesses, draining liquidity, and performing multi-step actions that previously relied on human expertise.
New flaws found
Researchers also wanted to see whether the agents could uncover vulnerabilities that had not yet been exploited in the real world.
To test this, they scanned 2,849 recently deployed BNB Chain contracts that showed no signs of earlier compromise.
GPT-5 and Sonnet 4.5 discovered two zero-day flaws with simulated gains of $3,694.
One issue came from a missing view modifier in a public function, which allowed the agent to inflate its token balance.
Another let a caller redirect fee withdrawals by entering any beneficiary address.
The agents generated executable scripts for each case, converting the vulnerabilities into profit without additional guidance.
Although the profit amounts were modest, the importance of the findings lies in the demonstration of autonomous exploitation.
The systems handled both vulnerability detection and the full attack processes, showing that manual intervention is no longer required for certain types of DeFi exploits.
Automation costs
The economic aspect of the research highlights how accessible this approach can become.
Running the agent across the entire contract set cost $3,476, and the average run cost was just $1.22.
As model prices fall and reasoning strength improves, automated scanning becomes cheaper and more frequent.
This reduces the barriers that once protected new contracts, making it more practical for attackers to run constant sweeps across large networks.
This trend could shorten the time between contract deployment and exploitation.
DeFi systems are especially exposed because they rely on public code and transparent liquidity.
Once an AI model identifies a profitable path, it can generate the steps needed to act on it immediately.
That makes the traditional period of safety after deployment significantly smaller.
Another recent study reported what may be the first large-scale cyberattack carried out largely by AI agents, underscoring how quickly these capabilities are progressing.
Expanding risks
Although the study focused on DeFi environments, the reasoning skills demonstrated by the agents are not limited to blockchain ecosystems.
The methods used to inflate a token balance or reroute fee withdrawals can apply to closed-source software, infrastructure that manages digital assets, or other services where logic errors create financial risk.
As scanning becomes cheaper to run, the technology may expand into areas where earlier attack attempts were limited by time, cost, or technical complexity.
The authors of the research describe the findings as a warning for developers.
The results show that tasks once carried out by trained security professionals can now be performed by autonomous systems.
For teams building in the crypto sector, the main challenge is how quickly defensive tools can adapt.
With DeFi platforms evolving rapidly, the arrival of AI-driven reasoning adds a new layer of complexity to smart contract security.
The post What new research reveals about AI-driven risks in DeFi systems appeared first on Invezz
