Traditional financial institutions are preparing to move trillions of dollars of assets onchain, but the risk of hacks and exploits is proving to be a significant deterrent, according to Ronghui Gu, CEO and co-founder of blockchain security firm CertiK.
"Right now, more and more institutions are trying to move assets onchain," Gu told CoinDesk in an interview. "They imagine that, let's say in 10 years, multiple trillion dollars โ even tens of trillions of dollars โ of assets are going to move onchain."
Market Context
The potentially massive migration of financial assets is hitting a wall because while bankers and legacy institutions want to capture the efficiency gains offered by decentralized ledgers, the current operational reality remains too risky for conservative capital allocators. DeFiLlama data shows more than $1.1 billion was lost to DeFi hacks in a single year, exposing how vulnerabilities in cross-chain infrastructure can quickly spill into the broader ecosystem.
"When they move assets onchain, they need to face all these AI attacks, smart contract vulnerabilities, oracle manipulation, and cross-chain bridge hacks," Gu explained. "So, that's being considered as one of the major blockers for all this TradFi to move trillions of dollars of assets onchain."
Analysis
Gu said April was the worst month for DeFi exploits in four years, with attacks occurring on 27 out of 30 days โ leaving only three days hack-free. CertiK believes this sudden surge in attack frequency could only be possible with AI assistance.
"April was the worst month in four years with only three days without a hack," Gu said, noting that nearly-daily exploits have become the new normal and could persist through the end of the year.
The security chief described an "unfair game" favoring malicious actors who possess what he characterized as infinite resources. Hackers focus on protocols with massive total value locked (TVL), economically incentivized to pump immense capital into their exploits. A single protocol attacker can easily spend $10,000 to $20,000 worth of computer tokens to keep advanced engines running continuous vulnerability scans against a target for days or weeks.
Conversely, Gu said, protocol defenders operate under strict, localized project budgetary constraints. "We have 5,000 clients. When we receive a request from a client, there's a budget. We will spend tokens plus human experts within that budget."
This creates a massive structural imbalance: while defense teams are bound by commercial contracts to scan protocols over limited hours, hacker machines never stop hunting for cracks in the code.
Drift Protocol and Kelp Dao were breached by North Korean cybercriminals in April in two exploits that drained nearly $600 million from the two lending crypto pools. In February 2025, crypto exchange Bybit suffered a $1.46 billion attack โ described as the biggest hack of all time โ further underscoring the scale of vulnerabilities facing the sector.
Key Numbers
- Nearly $600 million drained from Drift Protocol and Kelp Dao in April North Korean cyberattacks
- $1.46 billion lost in February 2025 Bybit exploit, called biggest hack of all time
- More than $1.1 billion lost to DeFi hacks over a one-year period according to DeFiLlama data
- $10,000-$20,000 worth of computer tokens attackers spend on continuous vulnerability scans per target
- Three days without a hack in April โ the worst month for DeFi exploits in four years
What to Watch
Trillions in potential TradFi capital remain sidelined pending security improvements. CertiK's warning that near-daily AI-driven attacks could continue through year-end suggests the structural gap between attacker capabilities and defender resources will remain a critical barrier to institutional adoption of blockchain technology. Gu's framing of this as an "unfair game" underscores calls for industry-wide security standards and potentially new defensive mechanisms to level the playing field.