The Ethereum Foundation has revealed that the biggest challenge in AI-assisted security research has become proving which reported vulnerabilities are genuine rather than finding potential bugs.
Summary
- Ethereum Foundation says verifying AI bug reports is harder than generating them.
- AI agents found a real libp2p vulnerability, later disclosed as CVE-2026-34219.
- The Foundation says human validation and reproducible proof remain essential for protocol security.
According to the Ethereum Foundation’s Protocol Security team, recent experiments with coordinated AI agents uncovered real software flaws across systems that Ethereum depends on, but the organization said the majority of the effort now goes into separating valid findings from convincing false positives.
The team described the results in a technical post explaining how it has been testing AI agents against systems software, cryptographic libraries, and high-assurance smart contracts.
One confirmed discovery involved a remotely triggerable panic in the gossipsub component of libp2p, which forms part of the peer-to-peer networking layer used by Ethereum consensus clients. The Ethereum Foundation said the vulnerability was fixed and later disclosed as CVE-2026-34219.
Instead of treating AI agents as decision-makers, the Foundation said they should be viewed as tools that generate hypotheses requiring independent verification. While agents can inspect source code, trace execution paths, and prepare proof-of-concept material, the Foundation said they also produce reports based on unreachable code, duplicate known issues, debug-only crashes, or weak formal proofs that fail to demonstrate a real security problem.
The team said the unexpected finding was not that AI could identify bugs, but that validating those reports consumed far more time than generating them.
Multi-agent workflow filters unreliable reports
To reduce unreliable findings, the Ethereum Foundation said it deploys multiple AI agents against the same software repository, with each agent handling a different stage of the review process. Instead of relying on a central coordinator, the agents exchange information through the repository itself by sharing state in version control.
According to the Foundation, the workflow begins with reconnaissance, where broad attack surfaces are narrowed into specific testable ideas. Hunting agents then follow each hypothesis through the code and attempt to build a working reproducer. Gap-filling agents track accepted and rejected reports to avoid repeating earlier work, while validation agents independently examine every candidate, remove duplicates, and determine whether a report qualifies as a legitimate vulnerability.
The Foundation said every accepted report must identify a reachable target, define a clear security invariant, explain the failure mechanism, provide observable evidence, include a self-contained reproducer, and carry a deduplication key. These requirements are intended to ensure that every claim can be tested directly against production code.
Human validation remains the deciding factor
At the center of the process, the Ethereum Foundation said one principle overrides everything else: a vulnerability does not count unless someone other than the reporting agent can reproduce it against the real codebase. According to the Foundation, this requirement removes reports built around impossible attack paths, debug-only failures, or formal verification results that appear mathematically correct without proving a meaningful security property.
Beyond technical validation, the Foundation said surviving candidates are also evaluated for practical exploitability. A flaw that any network participant can trigger carries different security implications than one requiring privileged access or unrealistic computing resources.
The Foundation added that AI agents remain inconsistent when judging exploit reachability, attack severity, or vulnerabilities that emerge only through long sequences of valid interactions. In those situations, it said the agents perform better as assistants for stateful testing frameworks than as replacements for experienced security researchers.
The latest security update comes only weeks after the Ethereum Foundation completed a major internal restructuring. In a June 23 announcement, the organization said it had reduced its workforce by about 20%, with 54 employees leaving following a months-long review under its Mandate and Treasury Management Policy.
According to the Foundation, the restructuring was intended to focus staff and resources on responsibilities that only the organization can perform while continuing long-term Ethereum development.











