Azimuth caught 70% of real DeFi exploits worth $1.12 billion—including Euler's $197M hack. AI doesn't replace auditors. But you can't ignore it anymore.
We ran Azimuth against 54 real DeFi exploits.
These are not theoretical vulnerabilities, these are actual production hacks that drained $1.12 billion from protocols between 2020 and 2026.
The result: Azimuth identified 70% of these exploits. In 43% of cases, it pinpointed the exact vulnerability that caused the hack.
That includes Euler Finance's $197M exploit. Penpie's $27M reentrancy. Lendf.me's $25M ERC777 attack. And 20 others.
If you're still debating whether AI has a role in smart contract security, these numbers should end that conversation.
The $197M Test: Could AI Have Stopped Euler?
March 2023. Euler Finance gets drained for $197 million in one of the largest DeFi hacks ever.
The vulnerability? A subtle bypass in the donateToReserves() function that let attackers manipulate donation accounting to skip solvency checks.
Euler had been audited. Multiple times. By reputable firms. The bug still shipped to production.
We pointed Azimuth at Euler's contracts.
It caught it. Two separate hypotheses, both pointing directly at the donateToReserves bypass mechanism. Surgical precision on a vulnerability that cost $197 million.
This wasn't a lucky guess. Azimuth identified 23 exact matches across 54 exploits—the precise vulnerability that caused each hack.
What "70% Hit Rate" Actually Means
When we say Azimuth caught 70% of exploits, here's what that looks like in practice:
43% Exact Matches — Azimuth identified the specific vulnerability that caused the exploit. Not "there might be a reentrancy issue somewhere." More like "this callback in line 347 bypasses the solvency check and here's how to exploit it."
28% Partial Matches — Azimuth got within the right code surface but missed the specific bug implementation. Think: "there's an issue with this oracle pricing" when the actual bug was a subtle rounding error in how that oracle gets called.
30% Missed — Azimuth analyzed the contract but didn't flag the vulnerability. These cluster around unverified proxy implementations, transient storage bugs, and post-incident bricked contracts.
The 70% isn't "better than nothing." It's "better than most manual audits" on the specific vulnerability classes where AI excels.
The Exploits AI Catches (And The Ones It Doesn't)
Where Azimuth Dominates
Oracle Manipulation
Azimuth caught 75% of oracle-based attacks. Short TWAP windows, spot price manipulation, self-referential oracle updates—patterns that slip through manual review because they're tedious to verify but easy for AI to model behaviorally.
- WOOFi ($8.75M): Self-swap oracle manipulation
- Rodeo Finance ($880K): 4-sample TWAP window
- InfinitySix ($273K): Stale TWAP in withdraw()
Reentrancy Patterns
71% hit rate on reentrancy exploits, including the canonical patterns everyone thinks they've eliminated:
- Lendf.me ($25M): ERC777 tokensReceived reentrancy — the textbook 2020 exploit
- Penpie ($27M): Malicious receipt token bypassing share verification
- Sushi RouteProcessor2 ($3.3M): Callback data injection
Donation/Inflation Attacks
83% hit rate on Compound-fork donation attacks and exchange rate manipulation:
- Sonne Finance ($20M): Donation attack on soVELO
- Lodestar Finance ($6.5M): PPS inflation on plvGLP
- Hundred Finance ($7.4M): Empty-market exchange rate inflation
These are the high-frequency vulnerability classes that auditors miss not because they're incompetent, but because manual verification of hundreds of similar patterns is mind-numbing work.
Where Azimuth Struggles
Unverified Implementations
If the smart contract source isn't verified on block explorers, Azimuth can't analyze it. Obvious limitation, but worth stating.
Novel Logic Flaws
First-time exploit patterns without historical precedent are hard for AI. When Beanstalk got hit with a flash-loan governance attack via BIP-18, Azimuth flagged the malicious-facet-via-governance surface but didn't connect the flash loan piece.
Bytecode-Level Bugs
Transient storage collisions (TSTORE/TLOAD) and other EVM opcode subtleties are challenging for behavioral analysis. SIR.trading's $355K exploit via TSTORE slot reuse? Missed it.
Cross-System Complexity
When exploits span multiple protocols or subsystems, Azimuth sometimes focuses on the wrong layer. UsualMoney's $43K exploit was in the sync vault subsystem, but Azimuth analyzed the bond/redemption logic.
Why "AI Doesn't Replace Auditors" Isn't Just a Talking Point
The 30% miss rate tells you something important: human expertise isn't optional.
But here's the thing—the 70% hit rate also tells you something: AI isn't optional either.
Think about it this way:
- Azimuth catches 83% of donation attacks (manual auditors: exhausted after the first dozen edge cases)
- Azimuth catches 75% of oracle manipulation (manual auditors: "this TWAP window looks fine")
- Azimuth catches 71% of reentrancy patterns (manual auditors: "we've checked for reentrancy")
The ideal workflow isn't "AI or human." It's:
- Azimuth scans catch the high-frequency patterns (oracle issues, reentrancy, donation attacks)
- Human auditors focus on novel logic, cross-protocol interactions, and domain-specific business logic
- Both together achieve coverage neither can reach alone
When you let AI handle the 70% of pattern-based vulnerabilities, your auditors can actually focus on the 30% that requires judgment, domain expertise, and creative thinking.
What This Actually Means for Web3 Security
We're past the point where "AI can't audit smart contracts" is a defensible position.
When AI catches Euler's $197M bug with surgical precision, the question isn't "can AI do security?" It's "how fast can we integrate it?"
This doesn't mean:
- Fire your auditors
- Trust AI blindly
- Stop manual code review
This means:
- Run Azimuth alongside your audits
- Let AI catch the pattern-based bugs
- Let humans focus on the novel/complex stuff
- Achieve coverage neither can reach alone
The protocols that got hacked in our test? They were audited. By good firms. The bugs still shipped.
The question every protocol should ask: "If Azimuth had flagged this pre-deployment, would we have caught it in time?"
For 70% of the $1.12 billion in losses we tested, the answer is yes.
Interested in this topic? Read more here.