Conventional monetary establishments are getting ready to maneuver trillions of {dollars} of belongings onchain, however the danger of hacks and exploits is placing them off, in accordance with blockchain safety agency CertiK’s CEO Ronghui Gu.
“Proper now, increasingly establishments try to maneuver belongings onchain,” Gu instructed CoinDesk in an interview. “They think about that, for example in 10 years, a number of trillion {dollars} — even tens of trillions of {dollars} — of belongings are going to maneuver onchain.”
The possibly huge migration of monetary belongings is hitting a wall as a result of, though bankers and legacy establishments need to seize the effectivity of decentralized ledgers, the present operational actuality continues to be too dangerous for conservative capital allocators.
“After they transfer belongings onchain, they should face all these AI assaults, good contract vulnerabilities, oracle manipulation, and cross-chain bridge hacks,” Gu defined. “So, that is being thought of as one of many main blockers for all this TradFi to maneuver trillions of {dollars} of belongings onchain.”
Gu stated their considerations are legit, noting that CertiK detected hacks almost every single day in April, making it the worst month in 4 years, fueled largely by AI-driven assaults, however “April was the worst month in 4 years with solely three days with out a hack,” Gu stated, including that CertiK believes this sudden rise may solely be potential with AI.
Drift Protocol and Kelp Dao have been hacked by North Korean cybercriminals in April in two exploits that drained almost $600 million from the 2 lending crypto swimming pools. In February 2025, Bybit suffered a $1.46 billion assault, described as the most important hack of all time.
DefiLlama information just lately confirmed greater than $1.1 billion had been misplaced to DeFi hacks in a 12 months, exposing how vulnerabilities in cross-chain infrastructure can shortly spill into the broader ecosystem.
Persistent operational failure is the first symptom of what Gu calls an “unfair recreation” in favor of malicious actors, as a result of they possess infinite assets.
Deep pockets
Hackers concentrate on extremely profitable protocols with huge complete worth locked (TVL), so they’re economically incentivized to pump immense capital into their exploits.
A single protocol attacker can simply spend $10,000 to $20,000 value of pc tokens to maintain superior engines working steady vulnerability scans towards a protocol for days or even weeks on finish. Conversely, Gu stated, protocol defenders function underneath strict, localized mission budgetary constraints.
“Now we have 5,000 purchasers,” Gu defined. “Once we obtain a request from a consumer, there is a finances. We are going to spend tokens plus human consultants inside that finances.” That creates a large structural hole: whereas a protection crew is sure by a strict industrial contract to scan a protocol over a couple of hours, the machines of a hacker or group of hackers by no means cease trying to find a single crack within the code.
Gu stated exploits have elevated in pace and effectivity with AI and what’s worse is that the nearly-daily development seen in April may proceed via to the top of this 12 months.