A co-founder of OpenZeppelin said he’s urging friends to exit blue chip DeFi. Isaac Patka and Mike Silagadze explain what he got right, what he got wrong, and what needs to change.
========================================================
Thank you to our sponsor!
Coinbase One: Get 20% off the first year of your Coinbase One annual plan at coinbase.com/unchained.
========================================================
A co-founder of OpenZeppelin set off a firestorm on Crypto Twitter this week by declaring that he now considers all of DeFi unsafe, citing superhuman AI coding agents and the asymmetry between attackers and defenders.
Isaac Patka, certifications lead at Security Alliance, and Mike Silagadze, CEO of Ether.Fi, join Laura Shin to push back on that framing — and to make the case that the real problem isn’t AI finding sophisticated zero-days, it’s that 90% of hacks are still embarrassing opsec failures.
They cover the full threat taxonomy: opsec and parameter mistakes, contagion from bridge failures, AI-enabled social engineering, and the decentralization theater that leaves protocols unable to protect their own users.
Mike makes a pointed argument for why every serious DeFi protocol needs a hard pause button and a blacklist mechanism, while Isaac explains the three-multisig architecture that should be the minimum standard. Plus, both lay out the practical question every user should ask before putting money into any protocol.
Host:
Laura Shin, Host / Unchained
Guests:
Isaac Patka (@isaacpatka) — Certifications Lead at Security Alliance & Co-founder of Shield3
Mike Silagadze (@MikeSilagadze) — CEO of Ether.Fi
Timestamps
💥 00:00 Is all of DeFi unsafe? Responding to the OpenZeppelin co-founder’s viral tweet
💙 07:35 Coinbase: Get 20% off the first year of your Coinbase One annual plan at https://coinbase.com/unchained.
🛡️ 9:21 The real DeFi risk taxonomy: opsec, contagion, and bridge failure vs. code bugs
🎭 13:29 Why Mike says fake decentralization makes users less safe
🔐 16:54 The three-multisig architecture every DeFi protocol needs
🔴 20:57 Mike: not having a pause button is irresponsible
🤖 22:44 The AI threat: arms race or advantage for defenders?
🎯 26:45 Social engineering: humans are the weak link, so design around them
⚖️ 33:20 Code is not law — and why Arbitrum got it right
🌉 36:15 Bridge risk: rate limits, monitoring, and why one-of-one bridges should never be allowed as collateral
📦 42:04 Aave vs. Morpho: isolated markets, contagion, and the Kelp attack fallout
📋 48:50 Tips for users + why SEAL certifications matter more than audits alone
Learn more about your ad choices. Visit megaphone.fm/adchoices
