When hackers use AI "more efficiently," how will the arms race of "spear and shield" in Web3 upgrade?

Jan 18, 2026 23:57:07

Share to

Author: imToken

Looking back at the recently passed year of 2025, if you feel that on-chain scams have become increasingly "understanding of you," it is not an illusion.

With the deep proliferation of LLMs, social engineering attacks initiated by hackers have evolved from bulky mass emails to "precise feeding": AI can analyze your on-chain/off-chain preferences to automatically generate highly enticing customized phishing content, even perfectly mimicking the tone and logic of your friends on social channels like Telegram.

It can be said that on-chain attacks are entering a true industrialization phase. In this context, if the shields we hold still remain in the "manual era," security itself will undoubtedly become the biggest bottleneck for the large-scale adoption of Web3.

1. Web3 Security Stalling: When AI Intervenes in On-Chain Attacks

If in the past decade, Web3 security issues mostly stemmed from code vulnerabilities, a noticeable change after entering 2025 is that attacks are becoming "industrialized," while everyone's security defenses have not been upgraded in sync.

After all, phishing websites can be batch-generated using scripts, and fake airdrops can be automatically and accurately deployed, making social engineering attacks no longer reliant on the hacker's deceitful talent, but rather on model algorithms and data scale.

To understand the severity of this threat, we can break down a simple on-chain swap transaction, and you will find that throughout the entire lifecycle from transaction creation to final confirmation, risks are almost everywhere:

Before Interaction: You may have entered a phishing page disguised as the official website or used a DApp frontend with malicious backdoors;
During Interaction: You may be interacting with a token contract that contains "backdoor logic," or the counterparty itself is a flagged phishing address;
At Authorization: Hackers often induce users to sign seemingly harmless signatures that actually grant them "unlimited withdrawal permissions";
After Submission: Even if everything is correct, in the final step of submitting the transaction, MEV scientists may still be lurking in the memory pool, waiting to exploit your potential profits through sandwich attacks;

This risk extends beyond just swaps; it encompasses all types of interactions, including transfers, staking, minting, etc. In the chain process of transaction creation, validation, broadcasting, on-chain, and final confirmation, risks are omnipresent. Any problem along the path could lead to the failure of a secure on-chain interaction.

It can be said that based on the current account system, no matter how secure the private key protection is, it cannot withstand a single misclick by the user; no matter how rigorous the protocol design is, it can still be bypassed by an authorized signature; and even the most decentralized systems are most easily breached by "human vulnerabilities." This means a fundamental issue has surfaced—if attacks have entered an automated and intelligent phase while defenses remain at the "manual judgment" level, security itself will become a bottleneck (see further reading: “The $3.35 Billion 'Account Tax': What Can AA Bring to Web3 When EOA Becomes a Systemic Cost?”).

Ultimately, ordinary users still lack a one-stop solution that can provide security protection throughout the entire transaction process, while AI is expected to help us build a security solution aimed at C-end users that covers the entire lifecycle of transactions, providing a 7×24 hour defense line to protect user assets.

2. What Can AI × Web3 Do?

So, theoretically, let’s explore how the combination of AI and Web3 can reconstruct a new paradigm of on-chain security in the face of this asymmetrical technological game.

First, for ordinary users, the most intuitive threat is often not protocol vulnerabilities, but social engineering attacks and malicious authorizations. At this level, AI plays the role of a 7×24 hour tireless security assistant.

For example, AI can use natural language processing (NLP) technology to identify communication phrases with a high degree of fraud suspicion in social media or private chat channels:

When you receive a link for a "free airdrop," the AI security assistant will not only check the URL against a blacklist but also analyze the project's social media popularity, domain registration duration, and the flow of funds in the smart contract. If the link is backed by a newly created and unfunded fake contract, the AI will display a huge red cross on your screen.

"Malicious authorization" is currently the primary reason for asset theft, as hackers often induce users to sign seemingly harmless signatures that actually grant them "unlimited withdrawal permissions":

When you click to sign, the AI will first simulate the transaction in the background, clearly informing you: "If you proceed with this action, all your ETH will be transferred to address A." This ability to translate obscure code into intuitive consequences is the strongest barrier against malicious authorization.

Secondly, on the protocol and product side, it can achieve a transition from static auditing to real-time defense. In the past, Web3 security primarily relied on periodic manual audits, which were often static and lagging.

Now, AI is being embedded into real-time security links. Just like the well-known automated audits, compared to traditional audits that require human experts to spend weeks reviewing code, AI-driven automated auditing tools (such as intelligent contract scanners combined with deep learning) can complete logical modeling of thousands of lines of code in seconds.

Based on this logic, current AI can simulate thousands of extreme transaction scenarios, identifying subtle "logical traps" or "reentrancy vulnerabilities" before code deployment. This means that even if developers accidentally leave a backdoor, AI auditors can issue warnings before assets are attacked.

Additionally, security tools like GoPlus can intercept transactions before hackers strike, and GoPlus SecNet allows users to configure on-chain firewalls to check the security of RPC network services in real-time, actively intercepting risky transactions to prevent asset loss. This includes transfer protection, authorization protection, preventing malicious token purchases, MEV protection functions, etc., which can check the transaction address and transaction assets for risks before transfer and trading operations, actively intercepting transactions if risks are detected.

I even agree with GPT-style AI services, such as providing a 7×24 hour on-chain security assistant for most novice users to guide them in resolving various Web3 security issues and quickly providing solutions to sudden security incidents.

The core value of such systems lies not in being "100% correct," but in moving the risk discovery time from "after the fact" to "during" or even "before."

3. What Are the Boundaries of AI × Web3?

Of course, it remains a familiar cautionary optimism. When discussing the new potential that AI × Web3 can bring to security and other fields, we need to exercise restraint.

Because ultimately, AI is just a tool; it should not replace user sovereignty, nor can it manage assets for users, and it cannot automatically "intercept all attacks." Its reasonable positioning leans more towards minimizing the cost of human judgment errors without changing the premise of decentralization.

This means that while AI is powerful, it is not omnipotent. A truly effective security system must be the result of the synergy of AI's technological advantages, users' clear security awareness, and collaborative design among tools, rather than placing all security bets on a single model or system.

Just as Ethereum has always adhered to the value of decentralization, AI should exist as an auxiliary tool. Its goal is not to make decisions for people but to help them make fewer mistakes.

If we look back at the evolution of Web3 security, we can see a clear trend: early security was simply about "keeping the mnemonic phrase safe," the mid-stage was "don't click unknown links, timely revoke invalid authorizations," and today, security is becoming a continuous, dynamic, and intelligent process.

In this process, the introduction of AI has not diminished the significance of decentralization; rather, it has made decentralized systems more suitable for long-term use by ordinary users. It hides complex risk analysis in the background and presents key judgments as intuitive prompts to users, gradually transforming security from an additional burden into a "default capability."

This also echoes my previous repeated assertion: AI and Web3/Crypto are essentially a set of mirrored comparisons between "productive forces" and "production relations" in the new era (see further reading: “When Web3 Meets d/acc: What Can Crypto Do in the Age of Technological Acceleration?”):

If we view AI as an ever-evolving "spear"—it greatly enhances efficiency but can also be used for large-scale wrongdoing; then the decentralized system built by Crypto is a "shield" that must evolve in tandem. From the perspective of d/acc, the goal of this shield is not to create absolute security but to ensure that, in the worst-case scenario, the system remains trustworthy and users retain the space to exit and rescue themselves.

In Conclusion

The ultimate goal of Web3 has never been to make users understand more technology but to protect users with technology without them noticing.

So when attackers have begun using AI, if the defense system refuses to become intelligent, it itself is a risk. Because of this, protecting asset security is an infinite game without an endpoint. In this era, knowing how to use AI to empower users will become the most difficult fortress to breach in this game.

The significance of AI × Web3 may lie here—not in creating absolute security, but in making security a capability that can be scaled and replicated.