Conventional monetary establishments are making ready to maneuver trillions of {dollars} of belongings onchain, however the threat of hacks and exploits is placing them off, in keeping with blockchain safety agency CertiK’s CEO Ronghui Gu.
“Proper now, increasingly more establishments try to maneuver belongings onchain,” Gu informed CoinDesk in an interview. “They think about that, for example in 10 years, a number of trillion {dollars} — even tens of trillions of {dollars} — of belongings are going to maneuver onchain.”
The doubtless large migration of economic belongings is hitting a wall as a result of, though bankers and legacy establishments need to seize the effectivity of decentralized ledgers, the present operational actuality continues to be too dangerous for conservative capital allocators.
“After they transfer belongings onchain, they should face all these AI assaults, good contract vulnerabilities, oracle manipulation, and cross-chain bridge hacks,” Gu defined. “So, that is being thought-about as one of many main blockers for all this TradFi to maneuver trillions of {dollars} of belongings onchain.”
Gu stated their considerations are official, noting that CertiK detected hacks almost each day in April, making it the worst month in 4 years, fueled largely by AI-driven assaults, however “April was the worst month in 4 years with solely three days and not using a hack,” Gu stated, including that CertiK believes this sudden rise may solely be doable with AI.
Drift Protocol and Kelp Dao had been hacked by North Korean cybercriminals in April in two exploits that drained almost $600 million from the 2 lending crypto swimming pools. In February 2025, Bybit suffered a $1.46 billion assault, described as the most important hack of all time.
DefiLlama information not too long ago confirmed greater than $1.1 billion had been misplaced to DeFi hacks in a 12 months, exposing how vulnerabilities in cross-chain infrastructure can shortly spill into the broader ecosystem.
Persistent operational failure is the first symptom of what Gu calls an “unfair sport” in favor of malicious actors, as a result of they possess infinite sources.
Deep pockets
Hackers deal with extremely profitable protocols with large complete worth locked (TVL), so they’re economically incentivized to pump immense capital into their exploits.
A single protocol attacker can simply spend $10,000 to $20,000 value of pc tokens to maintain superior engines operating steady vulnerability scans towards a protocol for days or even weeks on finish. Conversely, Gu stated, protocol defenders function beneath strict, localized mission budgetary constraints.
“We’ve got 5,000 purchasers,” Gu defined. “Once we obtain a request from a shopper, there is a price range. We are going to spend tokens plus human specialists inside that price range.” That creates an enormous structural hole: whereas a protection crew is certain by a strict business contract to scan a protocol over a couple of hours, the machines of a hacker or group of hackers by no means cease trying to find a single crack within the code.
Gu stated exploits have elevated in velocity and effectivity with AI and what’s worse is that the nearly-daily development seen in April may proceed by to the tip of this 12 months.
