$440M lost to smart contract bugs in 2025. The patterns are known.

Crypto lost over $3.4 billion to hacks in 2025 (Chainalysis). That headline number is dominated by infrastructure attacks: Bybit's $1.5 billion key compromise accounted for 44% of the total alone.

Strip out the private key leaks, social engineering, and supply chain attacks, and genuine smart contract exploits account for roughly $440-500 million (SlowMist, CertiK). Still hundreds of millions. Still mostly preventable.

The exploits

Cetus Protocol, $223M (Cyfrin analysis). The largest DEX on Sui. An integer overflow in a third-party math library's overflow-check function: checked_shlw compared against 0xFFFFFFFFFFFFFFFF << 192 instead of 0x1 << 192. The attacker minted enormous liquidity positions for 1 token unit each.

Balancer V2, $128M (Trail of Bits analysis). A rounding asymmetry in _upscaleArray compounded through 65+ chained micro-swaps in a single transaction. Six chains affected. The exploit contract contained console.log instructions.

GMX V1, $42M (Sherlock analysis). Reentrancy in executeDecreaseOrder() caused AUM desynchronization. The attacker re-entered during an ETH refund to open positions that bypassed ShortsTracker updates. The vulnerability came from a 2022 code change that was never re-audited.

Abracadabra, $13M. Logic flaw in cauldron liquidation incentives. The attacker manipulated self-liquidated positions to profit from improperly calculated incentives. This was the protocol's second major exploit in 18 months.

Cork Protocol, $12M (Dedaub analysis). A Uniswap V4 hook with missing authorization checks, combined with permissionless fake market creation and a rollover pricing flaw. The hook used a pre-patch V4 periphery version.

Why these keep happening

None of these are novel attack classes. Integer overflows, reentrancy, rounding errors, access control gaps. They've been in every security checklist since 2018. The patterns repeat: overflow leads to minting, reentrancy leads to desynchronization, rounding errors lead to drains. Different protocols, same root causes.

The pattern repeats because the gap isn't knowledge, it's coverage.

Cross-contract composition. Protocols don't exist in isolation. Cork's vulnerability required understanding the interaction between a custom hook, Uniswap V4's callback system, and a market creation flow. Each component was reasonable in isolation.

Third-party dependencies. Cetus's bug wasn't in their code. It was in integer-mate, a math library. The overflow check was wrong at the library level, invisible to anyone reviewing only the protocol's own contracts.

State changes over time. GMX's vulnerability was introduced in a 2022 code change and sat dormant for three years. The original audit was clean. The incremental change was never audited.

These patterns are hard to catch with static analysis alone. They require reasoning about economic impact, cross-contract state, and whether a theoretical attack path is actually profitable.

What we've learned about what counts

Building an automated auditing system taught us that finding bugs is only half the problem. The other half is knowing which bugs matter.

A few principles we've built into our validation pipeline:

The attacker must be able to harm others. A user who can brick their own wallet isn't a vulnerability. The question is always: can someone who isn't the victim trigger the loss?

Oracle returning wrong data isn't the same as oracle manipulation. External dependency failure is out of scope. A same-block manipulation that an attacker can trigger and profit from is in scope.

A working PoC needs real parameters. An oracle sandwich that works at 1% price movement per update but breaks at the real 0.01% movement isn't a finding. The redemption fee alone might exceed maximum possible profit. Mechanism correctness is not economic viability.

Admin trust is a design decision. If the admin is a trusted multisig, reporting what a trusted admin could do is not a vulnerability finding. The line is at unauthorized access, not authorized misconfiguration.

Timing matters. The window between "vulnerability exists" and "vulnerability is exploited" is shrinking. Balancer V2's rounding error sat in production code for years. When it was found, six chains were drained in a single transaction.

How we approach it

We built webrainsec to close the coverage gap. Instead of scanning for known patterns, the system generates targeted vulnerability hypotheses for each codebase: "Can this parameter change retroactively affect existing positions?" "Does this callback allow re-entry before the state update?" "Is this overflow check correct for all input ranges?"

121 hypothesis passes across Solidity, Vyper, Solana, and Move. Each one targets a specific vulnerability class. Every candidate goes through four precision stages before it ships. Every surviving finding gets a compiled Foundry PoC that runs against the actual contracts.

That last part matters more than it sounds. Traditional security audits describe vulnerabilities and recommend fixes, but rarely ship working exploit code. Bug bounty platforms like Immunefi and Code4rena require it for high-severity submissions. We hold every finding to bounty-grade proof: if we can't compile and run the exploit, we don't ship it.

We measure against real contest results from Code4rena, Sherlock, and Cantina. The same codebases that make up EVMBench, the OpenAI/Paradigm benchmark for AI security agents. Zero prior knowledge, automated end-to-end:

92% average recall. 104 out of 113 High and Medium findings caught. Under 20 minutes per codebase.

Beyond benchmarks, we compete in live audit contests. Currently ranked #32 on Cyfrin CodeHawks First Flights with 43 valid submissions across Solidity, Vyper, and Solana codebases. These aren't replayed findings, they're real-time competition against human auditors with the same deadlines and the same unknowns.

Every miss feeds back into the system. The Cetus-style overflow check is now a dedicated hypothesis pass. The Balancer-style rounding asymmetry has its own detection strategy. The system compounds because every exploit it studies becomes a permanent improvement.

$440 million in smart contract losses in 2025. The patterns are known. The coverage gap is closeable.

If you want to see the system in action on your codebase, book a call.