In the previous article, we explained the exploit that affected Denaria during the Mainnet Beta and how the smart contracts are being patched.
This second article focuses on another part of Denaria’s security rebuild: how the team is using AI tools to improve internal smart contract reviews.
AI is becoming a double-edged sword for crypto security.
On one side, advanced models can help attackers analyze public codebases, identify weak assumptions, and automate parts of the vulnerability research process.
But on the other side, AI can also make security teams stronger. LLMs can help review code, reason through edge cases, generate tests, and identify possible vulnerabilities before they reach production.
Denaria is not a simple DeFi application. It is a fully onchain perpetual DEX, where trading logic, liquidity accounting, collateral flows, and risk controls all interact directly onchain.
That complexity requires a deeper security process.
Denaria’s smart contracts are fully onchain. This means that anyone can inspect the logic, verify how the system works, and analyze the contracts directly.
This transparency is one of the biggest advantages of building onchain, but again, this is a double-edged sword for security.
Good actors or whitehat can review the code, reproduce edge cases, and help identify improvements faster and with AI tools, this becomes even more powerful. Since the contracts and protocol logic are public, LLMs can be used to analyze the system, reason through possible failure states, and generate additional review paths.
At the same time, bad actors or hackers can study the same code and look for weaknesses, making the overall protocol at risk.
In the AI era, where both whitehats and attackers have access to increasingly powerful tools for smart contract analysis, full transparency can amplify both sides: faster security improvements, but also faster vulnerability discovery.
Today, security teams can use increasingly powerful models, or general-purpose models enhanced with more vertical context around smart contract vulnerabilities, known exploit patterns, and possible attack vectors.
This matters because some bugs or inefficiencies are extremely hard to identify through manual review alone.
In complex onchain systems, vulnerabilities can emerge from subtle interactions between accounting logic, liquidity flows, user balances, price updates, and edge-case state transitions.
For this reason, using AI as part of the internal security process has become more important than ever.
The goal is not to blindly trust AI or replace human auditors. The goal is to use AI to expand the internal security workflow.
The process Denaria is using starts by giving the models deep context about the protocol. This context matters because Denaria’s risk does not come only from isolated functions. It comes from how different parts of the system interact together.
This is where invariant testing becomes important.
An invariant is a rule of the system that must always remain true, even when the system changes.
In other words, invariants are conditions that should never be violated during the protocol’s execution.
For Denaria, this means identifying the core rules that must always hold across trading, liquidity changes, collateral movements, PnL realization, and vault accounting.
For example: “The sum of all user collateral claims should never be greater than the collateral actually held by the system.”
Once these invariants are mapped, AI tools can help generate tests around them. The models are used to reason through possible edge cases, write test scenarios, and stress the protocol under different conditions.
These tests can include normal user behavior, but also more adversarial scenarios, such as one-sided liquidity actions, rounding edge cases, abnormal balances, repeated interactions, and multiple actors operating in the same transaction.
The goal is to check whether the protocol can enter a state where one of these rules is violated.
If an invariant breaks, that becomes a signal that a specific part of the logic needs to be reviewed, patched, or redesigned.
AI helps generate more review paths and test cases, but the human engineering team checks the outputs, verifies the results, and decides what needs to be changed.
This invariant work also introduces the next step of Denaria’s security research: formal verification.
Formal verification uses invariants to create mathematical proofs around critical parts of the protocol logic. Instead of only testing many scenarios, formal verification aims to prove that certain rules always hold.
This will be covered in more detail in the next articles.
This process is part of Denaria’s broader security rebuild.
AI helps the team review more paths, map invariants, generate tests, and identify edge cases earlier.
At the same time, others security tools now combine AI-assisted analysis with review from independent security teams, adding another layer of validation around the findings and potential bugs and inefficiencies discovered during the process.
This is important because AI alone is not enough. The value comes from combining AI-generated review paths with human verification, engineering judgment, and external security expertise.
The goal, right now, is to bring Denaria back with a stronger, more defensive, and more mature security architecture.