CertiK on Why AI Is Making Crypto Security More Urgent

For years, crypto treated security as a secondary priority — essential, but often ignored until something failed. Bull markets rewarded speed, while audits, compliance, and operational safeguards were seen as friction.

But as crypto expands deeper into institutional finance and AI-driven systems, the cost of insecure infrastructure is rising fast. At Consensus 2026, conversations around security centered less on isolated exploits and more on AI-generated fraud, deepfakes, and increasingly sophisticated cyberattacks operating at scale.

The shift is forcing the industry to confront a new reality: security is no longer a support function — it is becoming core infrastructure. That transition has strengthened the role of companies like CertiK across Web3.

Loading tweet...
View Tweet

Crypto’s Biggest Vulnerability Is Still Human Behavior

“People aren’t securing their code enough,” Hudson, CertiK’s Head of Ecosystem, told Blockster during an interview at Consensus.

The statement sounds obvious, but it reflects one of the more persistent realities across crypto infrastructure: many exploits still originate from preventable weaknesses rather than highly sophisticated attacks. Teams launch products before completing proper audits. Developers underestimate operational risks. Founders prioritize shipping quickly over stress-testing codebases thoroughly.

That problem becomes significantly harder once financial incentives enter the picture.

Crypto operates inside an environment where vulnerabilities are immediately monetizable. The moment code goes live, it effectively becomes a public target for attackers searching for weaknesses, exploits, or overlooked attack vectors. Unlike traditional startups, where bugs may create inconvenience or downtime, failures in Web3 infrastructure can result in irreversible financial losses within minutes.

Loading tweet...
View Tweet

Hudson described the broader security ecosystem less as a traditional customer community and more as an ongoing educational process. Unlike communities built around tokens or speculative narratives, security-focused ecosystems tend to revolve around operational awareness: teaching best practices, identifying new attack vectors, publishing threat research, and helping users understand how increasingly sophisticated forms of social engineering actually work.

Consensus 2026 · square · article_inline_1

“The security space moves a million miles an hour,” he said. “There’s always things happening and always things developing.”

That pace is accelerating further as AI becomes embedded into both cyber defense and cybercrime simultaneously.

AI Is Making Security More Complicated — Not Less Important

Much of the AI conversation inside crypto still revolves around automation, trading systems, agents, and productivity tooling. Security introduces a less optimistic side of that conversation.

AI systems are dramatically lowering the technical barrier for sophisticated attacks. Phishing campaigns can now be personalized automatically. Voice cloning and deepfake systems are becoming increasingly accessible. Scam infrastructure that once required organized technical teams can increasingly be assembled with consumer-facing AI tools.

At the same time, AI is also becoming deeply integrated into defensive tooling.

Hudson was careful not to frame AI as a replacement for traditional auditing systems, particularly when it comes to smart contract security. Manual audits, he argued, remain essential. But AI is increasingly becoming a useful first layer for identifying vulnerabilities, flagging suspicious patterns, and accelerating the earliest stages of code review.

That philosophy is shaping CertiK’s newest tooling push.

Loading tweet...
View Tweet

The company recently launched a beta version of what it calls an AI Auditor, a system that allows developers to submit GitHub-hosted codebases and receive automated vulnerability analysis capable of categorizing risks by severity. The broader goal appears less about replacing security researchers and more about lowering the barrier to proactive security testing before projects reach formal audit stages.

Importantly, Hudson acknowledged one of the larger concerns surrounding AI-based auditing tools: whether attackers themselves could exploit these systems to identify vulnerabilities more efficiently.

Skip the exchange. Fund your wallet directly.

From card to wallet in under a minute. Available in 160 countries with the lowest fees in the industry.

For now, he argued, the risk appears manageable largely because AI-generated audits alone still lack enough credibility to replace deeper security review processes entirely.

“I really don’t think there’s going to be opportunities where bad actors are using this tool as the only thing,” Hudson said. “Hopefully it’s used more by the good people to find vulnerabilities before the bad people can.”

That distinction matters because crypto’s relationship with AI increasingly mirrors its relationship with decentralization itself: the technology is neither inherently good nor bad. The outcome depends almost entirely on how operational systems are designed around it.

Security Is Becoming Crypto’s Institutional Requirement

One of the more noticeable shifts at Consensus this year was how frequently conversations around security overlapped with institutional adoption.

Earlier crypto cycles often treated security primarily as a technical concern for developers and protocols. Today, it increasingly functions as a prerequisite for institutional credibility. Enterprises entering digital assets are evaluating cybersecurity exposure, operational risk, compliance standards, and internal controls alongside blockchain infrastructure itself.

That transition is expanding the role companies like CertiK play across the industry.

Loading tweet...
View Tweet

Beyond smart contract audits, Hudson described CertiK’s growing focus on enterprise cybersecurity, AML frameworks, KYC infrastructure, and broader institutional security tooling — positioning the company less as a crypto-native auditing firm and more as a full-stack security provider operating across both traditional and decentralized systems.

The broader shift reflects how crypto itself is maturing. As institutional capital, AI systems, and consumer applications move onchain, operational trust is becoming unavoidable. Systems handling billions of dollars can no longer operate with startup-level security assumptions.