Traditional financial institutions are preparing to move billions of dollars of assets onto the chain, but the risk of hacks and exploitation is holding them back, according to Ronghui Gu, CEO of blockchain security firm CertiK.
“Right now, more and more institutions are trying to move assets on-chain,” Gu told CoinDesk in an interview. “They imagine that, say in 10 years, several billion dollars – or even tens of billions of dollars – of assets are going to be transferred onto the chain.”
The potentially massive migration of financial assets is hitting a wall because, even if bankers and traditional institutions want to take advantage of the efficiency of decentralized ledgers, the current operational reality remains too risky for conservative capital allocators.
“When they move assets on-chain, they have to deal with all these AI attacks, smart contract vulnerabilities, oracle manipulations, and cross-chain bridge hacks,” Gu explained. “So that’s seen as one of the main obstacles to this whole TradFi thing of moving billions of dollars of assets on-chain.”
Gu said their concerns are legitimate, noting that CertiK detected hacks almost every day in April, making it the worst month in four years, fueled primarily by AI-based attacks, even though “April was the worst month in four years with only three days without a hack,” Gu said, adding that CertiK believes this sudden increase could only be possible with AI.
Drift Protocol and Kelp Dao were hacked by North Korean cybercriminals in April in two exploits that drained nearly $600 million from the two cryptocurrency lending pools. In February 2025, Bybit suffered a $1.46 billion attack, described as the largest hack of all time.
Data from DefiLlama recently showed that more than $1.1 billion was lost to DeFi hacks in a year, revealing how vulnerabilities in cross-chain infrastructure can quickly ripple through the broader ecosystem.
Persistent operational failure is the main symptom of what Gu calls “foul play” in favor of bad actors because they have infinite resources.
Deep pockets
Hackers focus on highly lucrative protocols with massive total value locked (TVL), so they are economically incentivized to pump immense capital into their exploits.
An attacker using a single protocol can easily spend $10,000 to $20,000 in computer tokens to allow advanced engines to run vulnerability scans continuously on a protocol for days or weeks. Conversely, Gu said, protocol advocates operate under tight, localized project budget constraints.
“We have 5,000 customers,” Gu said. “When we receive a request from a customer, there is a budget. We will spend tokens and human experts within that budget.” This creates a huge structural gap: while a defense team is required by a strict commercial contract to scan a protocol for a few hours, the machines of a hacker or group of hackers constantly search for the slightest crack in the code.
Gu said exploits have increased in speed and efficiency thanks to AI and what’s worse is that the near-daily trend seen in April could continue until the end of this year.
