AI Agents Exploit Smart Contracts to Steal Millions in Crypto

Researchers from University College London (UCL) and the University of Sydney (USYD) have developed an AI agent system called A1 that autonomously discovers and exploits vulnerabilities in smart contracts, potentially stealing millions in cryptocurrency. The findings, detailed in a preprint paper, highlight a growing threat to decentralized finance (DeFi) platforms.

How A1 Works

• Targets: Ethereum and Binance Smart Chain contracts.
• Process: Given a blockchain, contract address, and block number, A1 analyzes the contract, identifies flaws, and generates executable Solidity exploit code.
• Tools: Uses LLMs from OpenAI, Google, DeepSeek, and Alibaba, alongside specialized tools for code fetching, sanitization, and revenue calculation.

Key Findings

• Success Rate: 62.96% (17 out of 27) on the VERITE benchmark.
• Profitability: Extracted up to $8.59 million per exploit, totaling $9.33 million across 26 successful cases.
• Cost Efficiency: Per-exploit costs ranged from $0.01 to $3.59, with OpenAI’s o3-pro model achieving an 88.5% success rate.

Implications

• Asymmetry: Attackers using AI tools gain a 10x advantage over defenders relying on traditional methods.
• Regulatory Gap: With low enforcement rates (estimated 0.05%), the risk of legal consequences remains minimal.
• Recommendation: Projects should adopt AI-powered scanning to proactively secure their contracts, as bug bounties (often capped at 10% of stolen funds) are insufficient.

Ethical Concerns

The researchers initially planned to open-source A1 but reconsidered due to its potential for misuse. As AI models improve, the threat of autonomous financial crime could escalate, demanding stronger defensive measures.

For more details, read the full paper: AI Agent Smart Contract Exploit Generation.