Recent research conducted by Anthropic and the MATS organization has demonstrated that artificial intelligence agents are capable of developing smart contract exploits autonomously and profitably. The report, released this Monday by the company’s red team, confirms that advanced commercial models such as Claude Opus 4.5 and GPT-5 managed to identify critical vulnerabilities after analyzing data post-March 2025.
During controlled tests, the AI models generated successful attacks collectively valued at 4.6 million dollars, using only information available up to their last training update. Researchers applied these systems to a base of 2,849 recently deployed contracts considered safe, where both Sonnet 4.5 and GPT-5 discovered two zero-day vulnerabilities not previously detected. Most alarming for the sector is that the computational cost to find these flaws was merely 3,476 dollars, making the attack financially profitable for the agents.
Are we facing the end of traditional security in the AI era?
To validate these findings, the team developed the SCONE benchmark, which compiles 405 real contracts breached between 2020 and 2025. When subjecting these codes to ten different models, artificial intelligence managed to replicate attacks on 207 of them, simulating a total loss of 550.1 million dollars in assets. This technical milestone demonstrates that the barrier to entry for executing complex cyberattacks on the blockchain is dropping drastically, as token generation costs for these purposes have fallen by 70.2% in the latest model generations.
The ability of these agents to act autonomously suggests a paradigm shift in digital security, where attack speed will soon outpace manual defense methods. The study highlights that, in just one year, the AI success rate for exploiting vulnerabilities jumped from 2% to 55.88%, an exponential growth that threatens the integrity of financial protocols. This implies that developers will have increasingly shorter time windows to patch errors before they are detected and massively exploited by low-cost automated systems.
As operational costs descend and model cognitive capabilities increase, the industry will need to adopt AI-based defenses to counter this new threat. Experts anticipate that offensive and defensive cybersecurity will enter an algorithmic arms race, forcing a complete restructuring of current code audits. Only those protocols that integrate real-time automated surveillance will be able to withstand the next wave of synthetic attacks, redefining protection standards for the global digital ecosystem.
