DeFi Exploits Total $36.7M Over Six Months as Humanity Protocol Loses $36M; CLARITY Act Stalls
Attackers drained at least $36.7 million from decentralized finance protocols running unverified smart contracts over the past six months, with on-chain data pointing to a sharp rise in AI-assisted exploits. Humanity Protocol absorbed the dominant share of those losses, suffering a $36 million breach. Separately, the CLARITY Act, a Senate bill addressing crypto market structure, failed to advance.
Attackers drained at least $36.7 million from decentralized finance protocols running unverified smart contracts over the past six months, with on-chain data pointing to a sharp rise in AI-assisted exploits. Humanity Protocol absorbed the dominant share of those losses, suffering a $36 million breach. Separately, the CLARITY Act, a Senate bill addressing crypto market structure, failed to advance.
Humanity Protocol Loss Defines the Period
The $36 million Humanity Protocol incident accounts for nearly the entire six-month tally, leaving a narrow remainder spread across other DeFi protocols. The on-chain record indicates unverified smart contracts as the common thread in the exploits logged during the period. Unverified contracts — code deployed to a blockchain without publicly confirmed source matching the bytecode — give attackers a structural advantage: auditors and users cannot inspect the logic before funds are committed.
On-Chain Data Flags AI-Assisted Attacks
The more notable signal from the six-month window is what the on-chain data suggests about attacker tooling. According to the source data, the period showed a sharp rise in AI-assisted exploit activity. The pattern matters beyond the dollar figure: if AI tooling is compressing the time or skill threshold needed to identify and hit vulnerable contracts, the attack surface across unaudited DeFi deployments widens regardless of how large any single protocol is.
CLARITY Act Loses Senate Momentum
On the legislative side, the CLARITY Act stalled in the Senate. The bill had been positioned as a framework for crypto market structure, though the source does not detail the specific provisions or the procedural obstacle that halted progress. The timing is notable: a string of nine-figure-plus DeFi losses in a compressed window historically sharpens congressional interest in crypto oversight, but the stall indicates that interest has not yet translated into floor movement.
The convergence of a concentrated loss event, a data-supported shift in exploit sophistication, and a legislative standstill leaves the DeFi sector without a near-term regulatory backstop as unverified contract deployments continue.