Smart Contract Developers Believe AI Coding Enhances Crypto Security Despite Concerns

Smart-contract developers and auditors have expressed optimism that AI-assisted programming is strengthening security in the crypto space, despite earlier reports warning about potential risks of AI-generated code. A November 2024 report by the Center for Security and Emerging Technology (CSET) cautioned that AI-assisted programming might introduce cybersecurity vulnerabilities. The report highlighted that AI models often generate insecure code and are themselves susceptible to attacks and manipulation. It also warned about a negative feedback loop where AI-generated code, containing bugs, could be incorporated into future AI training datasets. According to the report, nearly half of the code snippets produced by five different AI models contained bugs. A separate July 2024 study developed a 180-task benchmark covering 44 vulnerability types and found that state-of-the-art AI models had a median secure-code pass rate below 35%. Despite these findings, smart contract developers and auditors remain confident that AI-assisted coding will ultimately improve the crypto ecosystem's security.

AI Augments, But Does Not Replace Developers

Developers interviewed emphasized that AI tools serve as supplements rather than replacements for human programmers. 0xAw, the pseudonymous lead developer at the Base decentralized exchange Alien Base, shared that he uses AI mainly for quick reference checks and generating "cookie-cutter" code. He noted that recent AI models are now reliable for basic sanity checks. Anton Holovchenko, senior blockchain developer at Hacken, uses AI-integrated development environments like Cursor for auto-completions and templating. However, he stresses that programmers must adjust AI-generated code and fix errors themselves. Holovchenko clarified that he uses AI for templating rather than "vibe coding," a term describing minimal human oversight of AI-generated code. Shantanu Sontakke, security engineer at web3 security firm Zokyo, uses AI primarily for prototyping blockchain and AI side projects rather than for complete smart contract development.

AI Is Common in Smart Contract Programming

0xAw mentioned that most developers he knows use AI to some extent, mostly as an assistant tool. He pointed out that while AI saves time for senior programmers, it is generally too imprecise to handle entire coding tasks independently. Mike Tiutin, blockchain architect and CTO at crypto forensics company AMLBot, noted that AI usage among developers is "quite high." Holovchenko agreed, saying almost every developer he knows uses AI tools like ChatGPT and Cursor. Sontakke added that AI-assisted programming environments are becoming popular, boosting productivity and allowing auditors to focus on exploring attack surfaces and complex bugs.

AI Expected to Improve Web3 Security

Holovchenko believes AI-assisted programming will lead to higher-quality code when paired with competent developers:

"If you’re just vibe coding or delegating too much to AI, you will just see in the end of AI answer ‘Your code is safe now,’ and you will believe it because you don’t know how to code and your code can be actually not safe. In my opinion AI can increase the code quality but only in pair with a human who understands the coding."

Sontakke highlighted that AI tools have made producing documentation and code commenting easier, leading to more precise and informative project documentation. 0xAw observed a trend where junior developers rely heavily on AI, often with poor results. However, he believes AI use in Web3 programming is acceptable since smart contract development involves extensive testing and refinement, which helps catch bugs before deployment. He expressed concern that excessive AI reliance might hinder junior developers' growth to senior roles. Tiutin expects AI tools to result in protocols with stronger baseline security by reducing careless mistakes. He also anticipates cost optimization in smart contract auditing firms without affecting audit prices, as audits are more about sharing responsibility than guaranteeing contract security.

Frequently Asked Questions

How does AI-assisted programming improve crypto security?

AI tools can analyze patterns, identify potential vulnerabilities, and assist developers in writing more secure code, ultimately strengthening the crypto ecosystem.

Can AI replace human developers in programming?

No, AI serves as a supplement to human programmers. It assists in automating repetitive tasks and providing quick references, but human oversight is necessary for error correction and adapting AI-generated code.

What are the risks of AI-generated code in smart contracts?

AI-generated code can contain bugs and vulnerabilities and may contribute to a negative feedback loop where flawed code is used in AI training datasets, leading to further security issues.

Are AI-assisted tools widely used in crypto programming?

Yes, many developers use AI tools for efficiency and productivity. These tools are becoming increasingly common, especially for tasks like auto-completion and templating.

Crypto Market's Take

AI-powered solutions are fundamental to enhancing crypto security, aligning with our platform's mission where AI tools like our AI-powered crypto trading bots and AI Analysts for market analysis play a crucial role. These technologies elevate trading strategies and ensure safe, informed decisions in real-time, instrumental in navigating the evolving crypto landscape.

Smart contract devs think AI code will make crypto safer despite vibe coding fears