Webacy faces criticism over public vulnerability reports
Developers and parts of the crypto community criticized Webacy, an AI-powered blockchain security platform, after it emerged the service discovered vulnerabilities in public feeds.
A discussion on X (formerly Twitter) drew attention to the fact that Webacy’s automated scans not only find issues in smart contracts but also aggregate them into public feeds. According to critics, this may make it easier for bad actors to exploit bugs.
The practice was first pointed out by the EthDaily account.
Lefteris Karapetsas, creator of the Rotki portfolio tool, then joined the criticism. He noted that disclosing vulnerabilities without first notifying code authors goes against the basic principles of responsible disclosure. And if Webacy’s data is visible to developers and auditors, it is equally visible to attackers.
Webacy responded by effectively confirming the approach. The company said its systems “scan thousands of smart contracts” every day and “highlight thousands of potential issues in deployed code”. In Webacy’s view, this is a strength rather than a weakness.
Webacy is an infrastructure layer for risk analytics and decentralized decision‑making across the on‑chain stack. The platform uses a set of AI models and hundreds of detectors to assess the safety of addresses and contracts in real time. It can monitor wallets, simulate transactions and detect complex threats such as “address poisoning”.
In 2025, Webacy introduced a Risk Engine and an API suite under the DD brand that integrates with wallets, DEXs and other applications to deliver real‑time risk assessment and alerts. Unlike traditional point‑in‑time audits, Webacy focuses on continuous on‑chain monitoring and machine‑driven pattern detection, promising millisecond‑level responses and broad coverage of blockchain networks.
The company was founded in 2021 and has publicly developed consumer and B2B security tools since 2022, positioning them as a standard for comprehensive blockchain checks.
Amid the current debate over publicizing vulnerabilities, Webacy says it will continue to “make the ecosystem safer”, while critics insist on agreed, private procedures for disclosing bugs.
Author
Deeply understands DeFi protocols, Web3 innovations, and their impact on emerging markets. Often writes about new decentralised finance models and how blockchain is transforming the economic landscape in Asian and African countries.
Recommended