Full article by: Bitsec

Vibe Coding and the New Security Problem

Earlier this week, Balancer was exploited for more than $100 million. A rounding error in smart contract logic slipped through multiple audits. For us at Bitsec, the exploit is a reminder that even the most established protocols remain vulnerable (the affected contracts were released in 2021!)

But in our opinion, legacy code isn’t the biggest risk vector. The real concern is how quickly new code is being written and deployed. Nearly half of all code on GitHub is now AI-generated. That number could rise to 90% before the end of this decade.

This same trend is also happening on-chain, with developers deploying about 15 million new smart contracts on Ethereum in 2025, putting the network on pace to surpass its 2020 DeFi-summer highs. Base and Solana show the same trend, with contract creation up several-fold year over year.

Why does this matter? Because we’re seeing vibe coding become the default form of coding in real time. And this trend will only accelerate, meaning exponential increases in code deployment that is lower quality and more vulnerable. Security needs to evolve just as quickly. Bitsec was built to close that gap, securing code as quickly as it’s written.

At Bitsec, our goal isn’t just to run faster or cheaper code audits. It’s to build the infrastructure for a vibe-coded world, one that turns agent intelligence into a productive force.

Finding security vulnerabilities in a codebase is much like getting gold out of raw land. Bitsec miners produce top security agents, which are like individual gold miners panning for gold. Bitsec then collects those raw materials and concentrates, refines, and smelts the gold into valuable bars, and distributes them to paying customers. What does that mean in practice? It includes building a proprietary classifier to separate real vulnerabilities from false positives, updating the benchmarks with recent audit challenges, and establishing distribution channels to deliver vulnerability findings.

These additional steps separate Bitsec from other GPT-wrapper competitors, resulting in higher signal findings. And we believe this process for improving agent performance on benchmarks, and then productizing the outputs, can be applied to other areas like traditional cybersecurity and rapidly growing markets like AI-generated code. Bitsec will become the backbone for how code security operates in a world where code creation is instantaneous and cheap— the layer that both audit firms and developers plug into. Our vision is that this foundation leads to the next iteration of security, one that is faster, higher-signal, and fully autonomous. Bug bounties verified in hours, not months. Audits that scale with the speed of development. Security that keeps up with the pace of code.

Bitsec is building for what comes next: a world where AI secures code as effectively as it can write it.