Disclaimer: I am not a security professional or smart contract auditor — I am a community member and $LDO holder who tracks frontier AI developments. I’m opening this thread to hear from our experts about how we can stay ahead of the curve.
Context: The Mythos Announcement
On April 7, 2026, Anthropic announced Claude Mythos Preview — a general-purpose frontier model with exceptional cybersecurity capabilities. Unlike previous releases, Anthropic has explicitly stated that this model will not be made generally available due to its offensive potential. Instead, it is being deployed exclusively through Project Glasswing, a coordinated defensive security initiative with 12 founding partners — including Amazon, Apple, Microsoft, CrowdStrike, Cisco, and Palo Alto Networks — and access extended to roughly 40 organizations in total. Anthropic has backed the initiative with over $100M in usage credits.
What makes this meaningful for DeFi: Mythos Preview has autonomously discovered thousands of zero-day vulnerabilities across every major operating system and browser — including a 27-year-old flaw in OpenBSD. The gap between Mythos and the previous best public model (Claude Opus 4.6) is described as substantial across security benchmarks. As CrowdStrike’s 2026 Global Threat Report noted, AI-assisted attacks are up 89% year-over-year. The window between discovery and exploitation has collapsed.
Why This Matters for Lido
As the protocol holding the largest share of staked ETH, Lido’s attack surface is uniquely valuable. The same capabilities being used for defense by Glasswing partners will inevitably be explored by adversaries — or replicated by competing labs with less restrictive release policies. The question is not whether AI-level vulnerability discovery will be applied to DeFi smart contracts, but when, and who gets there first.
Proposals for Discussion
Proposal 1
Leverage Glasswing partners rather than direct model access
Direct access to Mythos Preview is restricted to ~40 vetted organizations and is unlikely to extend to DAOs in the near term. However, several Glasswing founding members — notably CrowdStrike and Palo Alto Networks — are established smart contract security partners for DeFi protocols. Should the Security LEGO team explore a formal engagement with one of these partners to apply Mythos-level tooling to Lido’s core staking contracts within their controlled environment?
Proposal 2
Autonomous red teaming via frontier AI models
Frontier models can now simulate complex, multi-step attack chains at machine speed. I propose exploring whether this approach can be applied to Lido’s smart contracts — either through Glasswing-affiliated partners, or through other frontier models with strong code reasoning capabilities. The goal is to find “Mythos-level” vulnerabilities before adversaries do.
Caveat: Mythos was primarily benchmarked on OS and browser vulnerabilities. Its effectiveness on Solidity/Vyper smart contract code — with its unique exploit patterns — is an open question. Would love input from our protocol engineers on this.
Proposal 3
From point-in-time audits to AI-integrated CI/CD
Standard audits are snapshots. I suggest exploring integration of high-reasoning models into our development pipeline as a continuous auditing layer for every new update or integration. This raises important governance questions that the DAO should address: Who controls the model used? How are findings disclosed? And how do we ensure this process remains transparent and consistent with our decentralized values?
Questions for the DAO
-
Has the Security LEGO team already begun evaluating frontier models (Mythos-tier or otherwise) for protocol defense? If not, what would be needed to start?
-
Does the DAO consider AI-assisted exploit discovery a top-tier threat for 2026, given $200B+ locked in DeFi?
-
Are there existing relationships with Glasswing partners (CrowdStrike, Palo Alto Networks, etc.) that could be activated for this purpose?
-
How should the DAO govern the use of autonomous AI security tools — oversight structure, disclosure policies, and audit trail requirements?
Conclusion
The leap from Claude Opus 4.6 to Mythos Preview represents a genuine inflection point in what automated systems can do to software. Lido shouldn’t just be “secure” — it should be the most proactive protocol in thinking through what AI-driven attack and defense means for liquid staking infrastructure. I’m not proposing we have all the answers today. I’m proposing we start the conversation now, before someone else forces it.
Looking forward to hearing from protocol engineers, security contributors, and anyone tracking this space. What are we missing?