Ethereum Foundation Set AI Agents Loose on Its Code: Here’s What They Actually Found

1 hour ago

The Ethereum Foundation’s protocol information squad ran coordinated artificial quality (AI) agents against the codification Ethereum depends on, surfacing astatine slightest 1 remotely exploitable bug on with a flood of convincing mendacious positives that humans had to untangle.

Key Takeaways

  • Ethereum Foundation AI agents uncovered CVE-2026-34219, a remotely-triggerable bug successful libp2p’s gossipsub.
  • One cause produced astir 1,000 campaigner findings, with 86% of top-tier picks surviving adept review.
  • The instauration said July 9 that triage, not bug-finding, is the bottleneck; quality validation stays essential.

A Lot of Misdiagnosis

The experimentation was elaborate successful a blog station published July 9 by Nikos Baxevanis of the foundation’s protocol information team, nether a rubric that doubled arsenic the firm’s thesis, i.e. “The triage is the product.” The findings drew wide attraction arsenic the astir flagged issues turned retired to beryllium mendacious positives (even though determination were existent bugs successful the mix).

Ethereum Foundation blog detailing the mendacious  positives from its caller    tests.Ethereum Foundation blog detailing the mendacious positives encountered from its caller tests.

The header find is existent enough, arsenic the agents helped aboveground a remotely-triggerable panic successful gossipsub, portion of the libp2p peer-to-peer networking furniture that Ethereum statement clients tally on. The flaw was fixed and disclosed arsenic CVE-2026-34219 (the benignant of bug that, if recovered archetypal by an attacker, could person been utilized to disrupt nodes crossed the network).

Finding Bugs Was the Easy Part

The surprise, the instauration wrote, was not that AI agents could find bugs but “how small of the enactment went into uncovering them, and however overmuch went into telling the existent bugs from the ones that conscionable looked real.”

The squad catalogued the recurring shapes of those imposters, à la crashes that lone hap successful debug builds and ne'er successful production, reproducers that trust connected unreachable interior values nary attacker could really supply, and formal-verification proofs that are technically existent but truthful unconstrained they show nothing.

The foundation’s reply was a hard evidentiary modular it summarized arsenic “reproducible oregon it didn’t happen.” To elaborate, each campaigner uncovering is henceforth required to vessel with a self-contained artifact that reproduces the nonaccomplishment against the existent code, autarkic of however assured the reporting cause claims to be.

Agents, successful this context, tin beryllium viewed arsenic proposal generators (search tools, not decision-makers) organized into recon, hunting, gap-filling, and validation stages, with humans making the last call.

The Numbers Behind the Hype

The station besides offered a uncommon benchmark for however good the existent procreation of tools performs. A property-based investigating cause generated astir 1,000 campaigner findings, and aft adept review, astir 86% of its top-tier recommendations survived scrutiny (strong for a machine, but a complaint that inactive demands a quality filter earlier thing touches accumulation code).

The tools are intelligibly uncovering existent vulnerabilities successful captious infrastructure, thereby undermining the dismissal that AI-generated bug reports are axenic noise. Yet the workload has not disappeared but simply moved downstream to triage, wherever experienced engineers abstracted awesome from simulation. For a web securing hundreds of billions of dollars successful value, that filter is important.

The instauration is present pushing the enactment guardant alternatively than treating it arsenic a one-off. Its Ecosystem Support Program, for instance, is backing a dedicated assistance circular for AI-powered protocol security, covering research, auditing, and vulnerability detection.

View source