Mitchell Amador, CEO of Immunefi, explains what security firms are racing to prevent the next billion-dollar exploit in stablecoins.
Summary
- As stablecoin adoption explodes, security infrastructure is struggling to keep pace
- Over 90% of audited projects had critical vulnerabilities, says Immunefy CEO
- The vast majority of projects don’t use key security features like firewalls
As crypto marches toward mainstream adoption, stablecoins are becoming the financial backbone of the on-chain economy. But while capital continues to flood in, the security infrastructure underpinning these systems remains dangerously underdeveloped.
Mitchell Amador, CEO of the Web3 security firm Immunefi, believes we’re in a “race against time”. In this interview, he lays out the real risks hiding inside stablecoin systems, why most institutions aren’t ready for the next billion-dollar exploit.
Crypto.news: What can you tell me about the current state of security when it comes to stablecoins?
Mitchell Amador: We’re in a kind of brave new world. We’re only now beginning to find out whether the security measures we’ve used over the past few years have really worked.
On one hand, we haven’t seen a major stablecoin hack in quite a while. You can look back at incidents like the early DeFi hacks, or issues like the depegging of USDC during the Silicon Valley Bank collapse — those were serious events, but we haven’t had anything of that size since.
So people are feeling pretty good about stablecoin security. But the truth is: we don’t really know if things are secure. To give you a comparison, think about how long it took to feel confident in something like MakerDAO, Aave, or Compound. It’s taken years for users to build that trust. Stablecoins, especially decentralized ones, are still less mature than those protocols.
We’re about to add another trillion dollars in stablecoin liquidity to the system in the next few years. The real question is: are we ready to absorb that much value without a catastrophic failure? I don’t think we know the answer to that yet — and we may find out the hard way.
CN: What about hacking risks specifically?
MA: That’s the one risk I’m most concerned about. We’ve seen financial destabilization events — depeggings, leverage unwinds, even bailouts — and we know how to manage those. But with hacks, there’s always a black swan factor.
A massive hack targeting stablecoins could delegitimize all of crypto. Imagine a smart contract vulnerability affecting several hundred billion dollars — or a bug in a core stablecoin asset that powers other protocols. That’s not science fiction. It’s possible.
From Immunefi’s perspective, over 90% of projects we audit have critical vulnerabilities — including stablecoin systems. The good news is that we’ve made a lot of progress. A few years ago, nearly every project we worked with would experience a breach within a few years. Today, that’s less than half — still high, but an improvement.
Still, we’re essentially betting the entire ecosystem on code that may not be ready. And we won’t really know until it’s tested under pressure. I think of it like a countdown clock. From the moment a stablecoin like USDC or USDT is deployed, the risk of a critical exploit begins ticking down.
As the contract becomes more complex and gains more features, the risk increases. Meanwhile, on the other side of the clock, we’re racing to improve security infrastructure — bug bounties, firewalls, AI-based vulnerability scanners, blacklisting tools. These are helping to “add time” to that countdown.
The race is: can we secure these systems fast enough before a catastrophic hack occurs?
Right now, we’re in the middle of that race — and we might make it. There’s a chance we get secure enough that a massive failure never happens. But we’re not sure yet. The next two years will be critical.
CN: What are the biggest sources of smart contract vulnerabilities in stablecoins?
MA: The risks are similar to most DeFi apps — with a few differences. Most stablecoins aren’t decentralized, so you don’t usually have governance-related issues. But you do have two major vulnerability classes:
Code risk — Smart contracts can be written in ways that leave them open to manipulation. We’ve seen math errors, flawed redemption logic, oracles being misused — all of which can lead to large exploits. This is how some of the early stablecoin hacks occurred.
Access control — Many stablecoins are centralized, which means there are privileged functions — like minting or redeeming — that are controlled by the issuer. If someone compromises those controls, the whole system could collapse. You might remember the PayPal issue where someone accidentally minted $300 trillion in PYUSD. That was a harmless fat finger — but it shows what’s possible.
Financial risk is real. We saw it with Circle during the SVB crisis — not because of bad collateral, but because of liquidity pressure. A flood of redemptions can create a “run on the bank” scenario, even if the assets are technically there.
Legal risk is also increasing. Governments can and will intervene. But these aren’t really “security” issues in the smart contract sense — they’re broader safety concerns. You need a whole different toolset to manage those.
CN: Do you think institutions and banks understand the risks you’re describing?
Amador: Not really. They understand financial and legal risks — that’s their world. But when it comes to code risk, they’re mostly just afraid.
They know they’re out of their depth. They’re trying to learn, they’re hiring crypto-native teams, they’re buying infrastructure startups like Privy and Bridge. But most still don’t feel safe. They see smart contract exploits as a foreign problem they’re not equipped to solve — and they’re right.
They’re more comfortable with key management and access control — that fits their legacy processes. But once you go deeper into the crypto stack, it becomes alien territory for them.
CN: What would convince them to move faster?
MA: FOMO. That’s it. They need a business case — a major opportunity they don’t want to miss. Then they’ll invest in understanding the risks. That’s where we come in at Immunefi: helping these institutions figure out how to secure themselves.
CN: What should crypto projects actually be doing today to manage smart contract risk?
MA: We need to aim for “safe by default”. That’s the goal. We have powerful tools now — fuzzing, formal verification, AI-powered static analysis — many of which we’ve pioneered at Immunefi. But adoption is still too low. Most teams still treat audits and bug bounties as one-and-done checklists. That’s not enough.
Here’s what every serious project should be doing:
AI vulnerability detection (PR reviews): Automated + human scanning of every line of new code before it’s merged.
Audits: Both traditional audits and audit competitions with dozens or hundreds of hackers reviewing code.
Bug bounties: With meaningful rewards tied to how much money is at risk.
Monitoring solutions: Real-time threat detection post-deployment.
Firewalls: Contract-level “bouncers” that block malicious transactions before they execute.
If you run this full stack, you give yourself five distinct chances to catch exploits before they cause damage. Yet, less than 1% of projects use firewalls, and under 10% use AI vulnerability tools. That’s a massive gap — and a solvable one.
CN: Are there other factors — like language design or architecture — that make contracts more secure?
MA: Yes, but it depends on the app. Simpler contracts are always safer. That’s why ERC-20 contracts almost never get hacked — they’re small, tight, and well-tested. The more complex your logic, the more risk you take on.
Upgradability is another big factor. It adds UX flexibility, but it introduces a backdoor. Ideally, only you use it — but we’ve seen many cases where it’s abused. Still, most projects today choose upgradability because the tradeoff is worth it for adoption.
CN: Final thoughts — what’s one important issue no one’s talking about enough?
MA: Definitely. One of the biggest blind spots is around protocol liability. As more money flows into on-chain systems, the legal landscape is going to shift fast. At some point, someone’s going to ask: Who’s responsible when something breaks? We don’t have a clear answer to that yet — but it’s coming, and it’s going to reshape how protocols are built and governed.
Another thing I think about is how much the culture of crypto is changing. It’s becoming finance. You can feel it. The early builders were ideologues — true believers in decentralization and open systems. Now we’re seeing a wave of finance professionals who approach this space very differently. That’s not necessarily bad, but it is changing the ethos, and we don’t yet know what the long-term consequences of that shift will be.
And then there’s the question of reversibility. As institutions move on-chain they’ll start demanding features that don’t currently exist on most public chains. One of those is the ability to reverse transactions.
I think we’re going to see more chains, maybe even major ones, start offering that capability, especially in permissioned or semi-permissioned environments. That creates a new class of blockchain infrastructure that behaves more like traditional finance — walled gardens with bridges into the open world.
All of this ties into something I think people are missing: crypto security is about to have its moment. It’s still underappreciated today, but it’s becoming clear that every major player — from funds to DAOs to banks — will eventually rely on on-chain rails.
And that means they’ll all need serious protection. I think we’re just at the beginning of a major explosion in security infrastructure, and no one’s really ready for what that will look like.
Source: https://crypto.news/interview-stablecoin-security-is-a-race-against-time-immunefy-ceo/
