Opinion by: Jesus Rodriguez, co-founder of Sentora
AI for coding has achieved product-market fit. Web3 is no exception. Among the domains AI will permanently change, smart contract audits are especially ripe for disruption.
Today’s audits are episodic, point-in-time snapshots that struggle in a composable, adversarial market and often miss economic failure modes.
The center of gravity is shifting from artisanal PDFs to continuous, tool-grounded assurance: models paired with solvers, fuzzers, simulation and live telemetry. Teams that adopt this will ship faster with broader coverage; teams that don’t risk becoming unlistable and uninsurable.
Audits are not as common as you think
Audits became Web3’s de facto due diligence ritual — visible proof that someone tried to break your system before the market does. The ceremony, however, is an artifact of a pre-DevOps era.
Traditional software folded assurance into the pipeline: tests, continuous integration/continuous deployment gates, static and dynamic analysis, canaries, feature flags and deep observability. Security acts like micro-audits on every merge. Web3 revived the explicit milestone because immutability and adversarial economics remove the rollback escape hatch. The obvious next step is to integrate platform practices with AI, ensuring assurance is always on, not a one-time event.
Smart contract audit limitations
Audits buy time and information. They force teams to articulate invariants (conservation of value, access control, sequencing), test assumptions (oracle integrity, upgrade authority) and pressure-test failure boundaries before capital lands. Good audits leave assets behind: threat models that persist across versions, executable properties that become regression tests and runbooks that make incidents boring. The space must evolve.
Related: Forget The Terminator: SingularityNET’s Janet Adams is building AGI with heart
The limits are structural. An audit freezes a living, composable machine. Upstream changes, liquidity shifts, maximal extractable value (MEV) tactics and governance actions can render yesterday’s assurances invalid. Scope is bounded by time and budget, biasing effort toward known bug classes while emergent behaviors (bridges, reflexive incentives and cross-decentralized autonomous organization interactions) hide in the tail. Reports can create a false sense of closure as launch dates compress the triage process. The most damaging failures are often economic, rather than syntactic, and thus demand simulation, agent modeling and runtime telemetry.
AI is not yet great at smart contract coding
Modern AI thrives in environments where data and feedback are abundant. Compilers give token-level guidance, and models now scaffold projects, translate languages and refactor code. Smart contract engineering is tougher. Correctness is temporal and adversarial. In Solidity, safety depends on execution order, as well as the presence of attackers (such as reentrancy, MEV and frontrunning), upgrade paths (including proxy layout and delegatecall context) and gas/refund dynamics.
Many invariants span transactions and protocols. On Solana, the accounts model and parallel runtime add constraints (PDA derivations, CPI graphs, compute budgets, rent-exempt balances and serialization layouts). These properties are scarce in training data and hard to capture with unit tests alone. Current models fall short here, but the gap is engineerable with better data, stronger labels and tool-grounded feedback.
The practical path toward the AI auditor
A pragmatic build path consists of three key ingredients.
Firstly, audit models, which hybridize large language models with symbolic and simulation backends. Let models extract intent, propose invariants and generalize from idioms; let solvers/model-checkers provide guarantees via proofs or counterexamples. Retrieval should ground suggestions in audited patterns. Output artifacts should be proof-carrying specifications and reproducible exploit traces — not persuasive prose.
Next, agentic processes orchestrate specialized agents: a property miner; a dependency crawler that builds risk graphs across bridges/oracles/vaults; a mempool-aware red team searching for minimal-capital exploits; an economics agent that stresses incentives; an upgrade director rehearsing canaries, timelocks and kill-switch drills; plus a summarizer that produces governance-ready briefings. The system behaves like a nervous system — continuously sensing, reasoning and acting.
Lastly, evaluations, as we measure what matters. Beyond unit tests, track property coverage, counterexample yield, state-space novelty, time-to-discover economic failures, minimal exploit capital and runtime alert precision. Public, incident-derived benchmarks should score families of bugs (reentrancy, proxy drift, oracle skew, CPI abuses) and the quality of triage, not just detection. Assurance becomes a service with explicit Service Level Agreements and artifacts that insurers,…
cointelegraph.com