AI Emerges as a Real Threat to Smart-Contract Security

A new report from Anthropic suggests that modern AI models have already reached the point where they can autonomously carry out profitable attacks on vulnerable smart contracts.

In controlled simulations, the company’s advanced agents – including Claude Opus 4.5 and Sonnet 4.5 – not only identified weaknesses but successfully executed exploits worth millions in mock funds.

In one test series, the agents were placed inside a sandboxed blockchain environment and asked to interact with contracts that had been exploited in real life after March 2025. They managed to compromise 17 of 34 targets, extracting the equivalent of $4.5 million. A broader benchmark covering 405 contracts deployed across Ethereum, BNB Smart Chain, and Base showed the same pattern: 207 successful AI-driven exploits, totaling $550 million in simulated value.

Zero-Day Discoveries Raise the Stakes Further

Anthropic then pushed the experiment further by examining nearly 2,850 newly deployed contracts believed to have no known vulnerabilities. Even there, Sonnet 4.5 and GPT-5 uncovered two zero-day flaws, small bugs with the potential to enable unauthorized withdrawals or token-supply manipulation. Although the monetary impact in simulation was modest – just under $4,000 – the discovery demonstrated that AI can now find novel attack paths without prior examples.

Read More:

The company warns that more than half of the real-world exploits seen in 2025 could have been executed by current AI systems alone, and the simulated “revenue” from these attacks has doubled every 1.3 months. Falling compute costs, Anthropic says, will make autonomous offensive tools even more accessible, allowing attackers to systematically probe obscure libraries, dormant APIs, and forgotten services.

Still, the report emphasizes that AI is a defensive tool as much as a threat. Anthropic plans to open-source its SCONE-bench dataset so developers can test and harden their contracts against AI-driven attack strategies. The company’s message is clear: the offensive frontier has already shifted, and defenders need to adopt AI at the same pace.