Tweet 1 (Hook): 51% of deployed smart contracts are vulnerable to AI-driven exploits.
Not "theoretically." Not "in a lab." In production, right now.
Here's what changed โ and what we built. ๐งต
Tweet 2 (Context): Anthropic's Claude found 22 Firefox vulnerabilities in 2 weeks for $4,000.
OpenAI's EVMbench showed GPT-5.3-Codex exploiting 72.2% of vulnerable contracts autonomously.
AI vulnerability discovery isn't a research paper anymore. It's infrastructure.
Tweet 3 (The Problem): But here's the thing nobody talks about:
AI doesn't just help defenders. It helps attackers.
An autonomous agent can scan thousands of contracts/hour looking for reentrancy, oracle manipulation, access control gaps.
Your contract is being scanned right now. You just don't know by whom.
Tweet 4 (What We Built): We shipped an AI Exploit Vulnerability Scanner.
It scores contracts 0-100 on how exploitable they are by AI agents.
8 detection patterns: reentrancy, access control, oracle manipulation, flash loans, self-destruct, integer ops, external calls, timestamp dependence.
Each weighted by how easily an AI agent can weaponize it.
Tweet 5 (The Math): Access control gaps = 47% of 2025-26 DeFi losses.
Oracle manipulation = 25%.
These are the patterns AI agents target first because they're the most automatable.
Our scanner weights by real-world attack distribution, not academic theory.
Tweet 6 (CTA): DeepThreat now has 15 scanners, 643 tests, and an 82.6% detection rate on EVMbench.
Open source. Built in public.
If you're deploying contracts in 2026, the threat model changed. AI is on both sides now.
github.com/gilchrist-research/deepthreat-core