OpenAI’s new cybersecurity push has a lesson for crypto: stop waiting for the hack

A notable development has hit the crypto markets. OpenAI introduced a new cybersecurity initiative, Daybreak, on May 11, designed to find, validate, and help fix software vulnerabilities before attackers can exploit them. The firm describes the approach as making software “resilient by design,” moving security earlier into the build cycle through AI-assisted code review, threat modeling, patch validation, and dependency analysis. For crypto, where a software failure can result in an immediate capital loss within a single block, the urgency is clear.

The standard pattern in the crypto industry is reactive, going through a pre-launch audit, post-deployment monitoring, response when funds move, a post-mortem on the method, vulnerability patching, reimbursement negotiation, and governance debate. That model has the weakness that the bug comes to light only once the capital has already moved. The window between deployment and exploit is when risk runs highest, and defenses run thinnest.

Market Dynamics

TRM Labs' 2026 Crypto Crime Report showed that illicit actors stole $2. 87 billion across nearly 150 hacks and exploits in 2025. Infrastructure attacks via compromised keys, wallet infrastructure, privileged access, front-end surfaces, and control planes drove $2.

2 billion of that total. Code exploits, the category most audits directly address, accounted for $350 million, or 12. Hacken's data for the first quarter reinforces that audit-centric security has real limits, since Web3 lost $482 million across 44 incidents in a single quarter.

Six of those incidents involved audited protocols, including one that had received 18 separate audits. A $282 million theft involved no code exploit, with the attacker bypassing the contract layer entirely and compromising the operational and social infrastructure around it. CertiK's most recent wrench-attack report noted that 34 verified physical coercion incidents occurred globally between January and April 2026, up 41% from the same period in 2025, with estimated losses of approximately $101 million over those four months.

Market Impact

At that trajectory, CertiK estimates 2026 could close with around 130 incidents. The attack vector is now the person holding the key, the signer in the multisig, and the engineer with cloud console access. The three datasets together describe a threat that has migrated well above the smart contract.

Infrastructure attacks drove $2. 2 billion in crypto losses in 2025, outpacing code exploits at $0. 35 billion by a ratio of more than six to one.

What “resilient by design” requires in crypto Daybreak's logic, applied to crypto, points toward a security posture that runs continuously through the protocol lifecycle. OpenAI describes AI that can reason across entire codebases, identify subtle vulnerabilities, validate that fixes actually resolve the underlying issue, and bring that capability into the everyday build-and-deploy workflow as an ongoing function. For crypto, that translates into specific operational requirements across the full stack where losses are now concentrated.

Crypto markets are watching this development closely as investors weigh its potential impact on prices.