Conventional monetary establishments are making ready to maneuver trillions of {dollars} of property onchain, however the threat of hacks and exploits is placing them off, in response to blockchain safety agency CertiK’s CEO Ronghui Gu.
“Proper now, increasingly more establishments are attempting to maneuver property onchain,” Gu instructed CoinDesk in an interview. “They think about that, for example in 10 years, a number of trillion {dollars} — even tens of trillions of {dollars} — of property are going to maneuver onchain.”
The doubtless huge migration of economic property is hitting a wall as a result of, though bankers and legacy establishments need to seize the effectivity of decentralized ledgers, the present operational actuality continues to be too dangerous for conservative capital allocators.
“Once they transfer property onchain, they should face all these AI assaults, good contract vulnerabilities, oracle manipulation, and cross-chain bridge hacks,” Gu defined. “So, that is being thought of as one of many main blockers for all this TradFi to maneuver trillions of {dollars} of property onchain.”
Gu stated their considerations are official, noting that CertiK detected hacks practically on daily basis in April, making it the worst month in 4 years, fueled largely by AI-driven assaults, however “April was the worst month in 4 years with solely three days with no hack,” Gu stated, including that CertiK believes this sudden rise may solely be potential with AI.
Drift Protocol and Kelp Dao have been hacked by North Korean cybercriminals in April in two exploits that drained nearly $600 million from the 2 lending crypto swimming pools. In February 2025, Bybit suffered a $1.46 billion attackdescribed as the largest hack of all time.
DefiLlama knowledge recently showed more than $1.1 billion had been misplaced to DeFi hacks in a yr, exposing how vulnerabilities in cross-chain infrastructure can shortly spill into the broader ecosystem.
Persistent operational failure is the first symptom of what Gu calls an “unfair sport” in favor of malicious actors, as a result of they possess infinite assets.
Deep pockets
Hackers concentrate on extremely profitable protocols with huge complete worth locked (TVL), so they’re economically incentivized to pump immense capital into their exploits.
A single protocol attacker can simply spend $10,000 to $20,000 price of pc tokens to maintain superior engines operating steady vulnerability scans towards a protocol for days or even weeks on finish. Conversely, Gu stated, protocol defenders function beneath strict, localized venture budgetary constraints.
“Now we have 5,000 shoppers,” Gu defined. “After we obtain a request from a consumer, there is a price range. We’ll spend tokens plus human specialists inside that price range.” That creates a large structural hole: whereas a protection workforce is certain by a strict industrial contract to scan a protocol over a number of hours, the machines of a hacker or group of hackers by no means cease trying to find a single crack within the code.
Gu stated exploits have elevated in velocity and effectivity with AI and what’s worse is that the nearly-daily development seen in April may proceed by way of to the top of this yr.
