AI identifies an Ethereum network vulnerability: it can force ETH validators to crash and go offline

The Ethereum Foundation sent a group of AI agents to pinpoint a remotely triggerable crash bug that was severe enough to take validators offline, and disclosed it as CVE-2026-34219. But the same batch of AI also generated about 1,000 false alarms at once—the hard part is telling which ones are real.

(Background: Luckily! A security firm found an Aptos vulnerability: systemic risk across 70 billion USD worth of crypto)
(Additional context: AI fully automates “hacker ransomware attacks” exposure! Codename JadePuffer, sweeping crypto wallets)

A set of AI agents designed by the Ethereum Foundation actually found a vulnerability that can truly take validators offline! The Ethereum Foundation had the AI scan the software executed by validators. The target was the protocol layer used by consensus clients in the Ethereum network (consensus clients responsible for verifying blocks and maintaining consensus among nodes) to pass messages to each other. In simple terms, it’s the communication channel where validators “whisper” to each other to confirm that they’re seeing the same chain.

Here, the AI agents uncovered a remotely triggerable crash (crash) vulnerability: an external attacker only needs to send a message in a specific way to force the node software to execute an “unfinishable” computation. The software can’t handle it, abandons the process, and shuts itself down. Validators go offline and must wait for the operator (node operator) to manually restart to recover—during that time, missed responsibilities could affect returns and network stability.

The vulnerability has now been quickly patched and disclosed as CVE-2026-34219. The issue lies in the gossipsub implementation of the Rust version of libp2p (a foundational networking library that helps different nodes discover each other, connect, and transmit messages).

In a set of public field notes, the author Nikos Baxevanis wrote that finding these bugs required surprisingly little effort; the real time was spent distinguishing which ones are real and which ones are merely similar.

AI false alarms wrapped in narrative

Traditional fuzzing tools only return “a crash” and “where it happened,” and engineers can confirm in a few minutes whether it’s real. But the AI agents returned an entire narrative: it traces how the vulnerability was triggered, argues why the issue matters, assigns a severity score, and even includes an attack demo code snippet that can be executed directly—all packaged into fluent text. Real bugs and pure fabrications end up reading almost identical.

The Ethereum Foundation’s team summarized three recurring types of false alarms:

  • Problems that only crash in test builds (compiler security checks enabled in the release build don’t come with real users, so real users won’t encounter them)
  • Attacks that only work after manually inserting dangerous values into the code (every path an external party can take is already blocked by preempting that value)
  • “Invalid proofs” produced by formal verification (mathematical proofs that program behavior is correct): it proves something obviously trivial that provides no new information about the software itself

More fundamentally, AI is good at reasoning about what happens in a single moment, but weaker at determining vulnerabilities assembled across multiple “individually valid” steps. Each step looks correct on its own—the fault is in the order.

Triage is the product

The solution provided by the Ethereum Foundation is neither to discard AI nor to accept its output wholesale. Instead, AI agents are tasked only with “recommending” which sequences of actions are worth testing, while actual verification still runs the usual traditional tests and manual review. No decision-making authority is handed over; AI’s role is always a search tool, not a replacement for human security researchers.

It seems that in the short term, finding bugs isn’t the rarest capability in the AI era—the scarce skill is figuring out which findings are real.

ETH0.09%
APT-2.36%
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned