Traditional financial institutions are preparing to move trillions of dollars of assets on-chain, but the risk of attacks and exploits is putting them off, according to blockchain security firm CertiK CEO Ronghui Gu.
“Right now, more and more institutions are trying to move assets on-chain,” Gu told CoinDesk in an interview. “They imagine that, say, in 10 years, several trillion dollars (even tens of trillions of dollars) of assets will move up the chain.”
The potentially massive migration of financial assets is hitting a wall because, while bankers and legacy institutions want to capture the efficiencies of decentralized ledgers, the current operational reality remains too risky for conservative capital allocators.
“When they move assets on-chain, they need to deal with all these AI attacks, smart contract vulnerabilities, oracle manipulation, and cross-chain bridging attacks,” Gu explained. “Therefore, it is considered one of the main obstacles for all this TradFi to move trillions of dollars of assets on chain.”
Gu said his concerns are legitimate, noting that CertiK detected attacks almost every day in April, making it the worst month in four years, driven primarily by AI-powered attacks, even though “April was the worst month in four years with only three days without an attack,” Gu said, adding that CertiK believes this surge could only be possible with AI.
Drift Protocol and Kelp Dao were hacked by North Korean cybercriminals in April in two exploits that drained nearly $600 million from the two crypto lending pools. In February 2025, Bybit suffered a $1.46 billion attack, described as the largest hack of all time.
Data from DefiLlama recently showed that more than $1.1 billion had been lost to DeFi hacks in one year, exposing how vulnerabilities in cross-chain infrastructure can quickly spread to the broader ecosystem.
Persistent operational failures are the main symptom of what Gu calls an “unfair game” in favor of malicious actors, because they possess infinite resources.
deep pockets
Hackers focus on highly lucrative protocols with massive total value locked (TVL), so they are financially incentivized to pump immense capital into their exploits.
A single protocol attacker can easily spend $10,000 to $20,000 in computing tokens to maintain advanced engines running continuous vulnerability scans on a protocol for days or weeks. By contrast, Gu said, proponents of the protocol operate under strict and localized project budget constraints.
“We have 5,000 customers,” Gu explained. “When we receive a request from a customer, there is a budget. We will spend tokens plus human experts within that budget.” That creates a huge structural gap: while a defense team is obligated by a strict commercial contract to scan a protocol for a few hours, the machines of a hacker or a group of hackers never stop searching for a single crack in the code.
Gu said exploits have increased in speed and efficiency with AI and the worst part is that the almost daily trend seen in April could continue until the end of this year.
