Back to Insights
TechnicalDeFi SecuritySmart Contract AuditingFormal Verification

Audited and Still Broken: A Modern Security Doctrine for DeFi and Tokenised Assets

M

MMXX Team

Security Practice · 4 May 2026 · 15 min read

Audited and Still Broken: A Modern Security Doctrine for DeFi and Tokenised Assets

Introduction: why audited code keeps getting drained

DeFi protocols lost more than £600 million to hacks and exploits between January and mid-April 2026, already on track to exceed every full year since 2023. Two attacks accounted for £460 million of that figure: the £230 million Kelp DAO LayerZero bridge drain on 19 April 2026, and the £230 million Drift Protocol exploit on 1 April 2026, in which a North Korean hacking group spent six months socially engineering its way into the Solana-based DEX. Earlier in the year, GMX lost £34 million to a vulnerability that lived not in any single component but in the boundaries between oracles, margin logic and liquidation systems. Yearn Finance suffered two related exploits in December 2025, both targeting legacy infrastructure that remained on-chain after protocol upgrades.

The pattern Halborn flagged in its Top 100 DeFi Hacks 2025 report holds: 80.5% of stolen funds in 2024 came from off-chain attack vectors; compromised accounts accounted for 55.6% of all incidents; only 19% of hacked protocols used multi-sig wallets and just 2.4% used cold storage. Private key compromise drove 88% of stolen funds in Q1 2025 and the trend continued into 2026. Most of these protocols had been audited, sometimes multiple times.

The hard truth: audits are point-in-time snapshots, and the attack surface has moved. A security doctrine for 2026 has to look very different from the 2022 audit-and-deploy norm.

Where the attacks actually live now

Five categories dominate 2025 to 2026 losses:

  1. Cross-chain bridge architecture. Kelp DAO/LayerZero, Ronin (2022, £500m), Wormhole (2022, £260m), Nomad (2022, £150m). Every cycle's largest single-day losses come from bridges. The technology changes; the failure mode (validator-set or signature compromise) repeats with brutal consistency.
  2. Operator and key compromise. Drift's £230 million loss came from social engineering, not contract code. Multi-month, state-backed targeting of developers, signers and infrastructure operators is now the dominant attack vector for high-value protocols.
  3. Cross-component interaction bugs. GMX-style exploits that emerge between oracles, AMM math, liquidation logic and bridge calls. No single component is broken; the composition is.
  4. Economic invariant violations. Yearn's December 2025 exploit on legacy yETH stableswap pools drained the contract through a flaw in share-calculation logic that allowed near-infinite minting. Mathematical precision errors in AMM formulas remain a recurring class.
  5. Restaking and LRT cascades. EigenLayer's slashing went live in April 2025 and the system performed as designed. But liquid restaking tokens introduced correlated risk. An LRT oracle break, forced liquidations, depegging across LRTs that share underlying assets, and a 7-day EigenLayer withdrawal queue is a scenario serious institutional treasurers now war-game explicitly.

The doctrine: defence in depth, not defence in audit

A 2026-grade security architecture for any protocol or enterprise integration handling material on-chain value rests on six layers, in this order of importance.

Layer 1: formal verification of economic invariants, not just code paths. Static analysers (Slither, MythX) catch around 92% of known simple vulnerability classes, per controlled-test data. They do not catch the Yearn share-minting class. Formal verification (Certora, Halmos, K-Framework) applied to economic invariants ("total shares must equal sum of user shares for any sequence of operations") is the only reliable defence against this class. We would not audit a new AMM, lending market or LRT in 2026 without formal proofs of core economic invariants.

Layer 2: AI-assisted continuous review, not one-shot audit. Modern audit pipelines now use AI agents to run regression tests instantly after each fix, and to surface anomalous interactions across PRs. Solana's STRIDE programme (announced after the Drift exploit) institutionalises this with real-time monitoring, automated incident response and the Solana Incident Response Network (SIRN). Human auditors focus on cross-component reasoning that AI still cannot match. Treating AI tooling as a replacement for human audit is irresponsible; treating it as a force multiplier is now standard practice.

Layer 3: real-time monitoring with automated circuit breakers. Audits do not protect against future interactions. Forta, Hypernative, Olympix and equivalent monitoring platforms watching for anomalous transactions, with automated pause functions invoked by multi-sig oracles, prevented over £80 million in losses in 2023 by industry estimates. The 2026 best-practice is to assume the contract will be attacked and design for graceful pause.

Layer 4: institutional-grade key management. MPC custody (Fireblocks, Copper, BitGo), HSM-backed signers, hardware-isolated multi-sig with geographic and organisational separation of signers. Cold-wallet usage for governance and treasury keys. The Ronin lesson, namely five of nine validator keys compromised through a single phishing chain, has still not been internalised by the majority of protocols. Multi-sig is necessary but not sufficient; the threat model must include state-backed attackers.

Layer 5: bug-bounty as continuous defence. Immunefi-class programmes with payouts scaled to TVL at risk. The Yearn bounty alone has paid over £1.2 million; Aave, Compound, MakerDAO/Sky and Uniswap each maintain bounties of £1.6 million to £8 million for critical vulnerabilities. Anything less is a misallocation of risk budget.

Layer 6: assume-breach incident response. A pre-rehearsed playbook with predefined roles (legal, comms, technical, regulator-facing), pre-deployed pause guardians, blocklist coordination with major exchanges, and an established relationship with on-chain forensics (Chainalysis, TRM Labs, Elliptic). The protocols that recovered fastest from 2024 to 2025 exploits were those with playbooks; the protocols that died were those that improvised.

Specific 2026 risk classes we are watching

Account abstraction expansion. ERC-4337 and EIP-7702 introduce new attack surface: paymaster compromise, malicious delegation contracts, signature replay across chains, storage collisions when delegate contracts swap. We expect AA-related exploit classes to dominate 2026 to 2027 disclosures.

Restaking and AVS slashing. As more AVS go live with real slashing, correlated-slashing scenarios (one operator running services for multiple AVS, simultaneous misbehaviour event) become real. EigenLayer's intersubjective slashing framework attempts to address ambiguous off-chain misbehaviour, but the system is largely untested at scale.

Intent and solver networks. ERC-7683 solvers hold delegated authority to fill orders on a user's behalf. A compromised solver, or a solver with a malicious refund path, is a new and underexplored attack class.

Tokenised RWA collateral. As BUIDL, USDY and other tokenised treasuries are integrated as DeFi collateral, the question of redemption-window mismatches between off-chain T-bill custody and on-chain liquidation becomes load-bearing. Ondo's 24/7 redemption is a deliberate response; protocols using slower-redemption RWAs as collateral need explicit liquidation models that account for the gap.

What practical buyers should demand

For an enterprise commissioning or relying on a Web3 integration in 2026, the security checklist has expanded. We now expect:

  • A current audit by at least one Tier-1 firm, plus formal verification of stated economic invariants.
  • A continuous-monitoring SLA, with documented automated pause thresholds.
  • Multi-sig with geographic and organisational signer separation, or MPC custody with formal accreditation (SOC 2 Type II, ISO 27001).
  • A live bug bounty scaled to TVL.
  • A documented incident-response playbook tested in the last 12 months.
  • For bridges: a clear validator-set design, a published slashing or insurance scheme, and a public roadmap to a fraud-proof or ZK-proof model where applicable.

If a counterparty cannot supply these on request, the procurement decision is already made.

Conclusion: the audit is necessary, not sufficient

The 2024 doctrine was "audit, then deploy". The 2026 doctrine is "audit, formally verify, monitor continuously, harden key management, run a live bounty, rehearse incident response, and assume the system will be attacked". Every protocol drained in 2025 to 2026 had skipped at least three of those layers. The protocols that have not been drained, and the institutions building on them, have implemented all six. There is no security shortcut left. There is only the doctrine.

Need expert security review for your protocol? Our security team applies the full doctrine. Get a security assessment.

Share this article
Twitter LinkedIn Facebook
M
MMXX Team

Security Practice

Expert in blockchain technology and decentralised systems at MMXX Dynamics.

More Insights

Continue reading our latest articles

Industry Insights
The 2026 Enterprise Web3 Reality Check: What FTSE 100 and Fortune 500 Buyers Are Actually Shipping

Two years after the Web3 enterprise wave was meant to crest, the real story is messier, narrower and

Read More
Technical
The L2 Endgame: Why Most Rollups Are Already Dead, and What Comes After

Three rollups now command 83% of Ethereum L2 TVL. Vitalik has publicly questioned whether the rollup

Read More
Industry Insights
Tokenised Real-World Assets at £24 Billion: Past the Hype, Into the Plumbing

Tokenised real-world assets crossed £21 to £24 billion in March 2026, driven by tokenised Treasuries

Read More

Need Expert Help with Your Project?

Our team can help you implement these concepts in your Web3 project.

Get in Touch