Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
CFD
Stock CFD Derivatives
US Stocks
Access real US stocks and ETFs
HK Stocks
Trade quality Hong Kong-listed stocks
Korean Stocks
SK Hynix
Real Korean stocks and top assets
Stock Futures
High leverage, 24/7 trading
Tokenized Stocks
Backed by real stock assets
IPO Access
Unlock full access to global stock IPOs
GUSD
3.8%
Mint GUSD for Treasury RWA yields
Stocks Activities
Trade Popular Stocks and Unlock Generous Airdrops
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
IPO Access
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
AI identifies an Ethereum network vulnerability: it can force ETH validators to crash and go offline
The Ethereum Foundation sent a group of AI agents to pinpoint a remotely triggerable crash bug that was severe enough to take validators offline, and disclosed it as CVE-2026-34219. But the same batch of AI also generated about 1,000 false alarms at once—the hard part is telling which ones are real.
(Background: Luckily! A security firm found an Aptos vulnerability: systemic risk across 70 billion USD worth of crypto)
(Additional context: AI fully automates “hacker ransomware attacks” exposure! Codename JadePuffer, sweeping crypto wallets)
A set of AI agents designed by the Ethereum Foundation actually found a vulnerability that can truly take validators offline! The Ethereum Foundation had the AI scan the software executed by validators. The target was the protocol layer used by consensus clients in the Ethereum network (consensus clients responsible for verifying blocks and maintaining consensus among nodes) to pass messages to each other. In simple terms, it’s the communication channel where validators “whisper” to each other to confirm that they’re seeing the same chain.
Here, the AI agents uncovered a remotely triggerable crash (crash) vulnerability: an external attacker only needs to send a message in a specific way to force the node software to execute an “unfinishable” computation. The software can’t handle it, abandons the process, and shuts itself down. Validators go offline and must wait for the operator (node operator) to manually restart to recover—during that time, missed responsibilities could affect returns and network stability.
The vulnerability has now been quickly patched and disclosed as CVE-2026-34219. The issue lies in the gossipsub implementation of the Rust version of libp2p (a foundational networking library that helps different nodes discover each other, connect, and transmit messages).
In a set of public field notes, the author Nikos Baxevanis wrote that finding these bugs required surprisingly little effort; the real time was spent distinguishing which ones are real and which ones are merely similar.
AI false alarms wrapped in narrative
Traditional fuzzing tools only return “a crash” and “where it happened,” and engineers can confirm in a few minutes whether it’s real. But the AI agents returned an entire narrative: it traces how the vulnerability was triggered, argues why the issue matters, assigns a severity score, and even includes an attack demo code snippet that can be executed directly—all packaged into fluent text. Real bugs and pure fabrications end up reading almost identical.
The Ethereum Foundation’s team summarized three recurring types of false alarms:
More fundamentally, AI is good at reasoning about what happens in a single moment, but weaker at determining vulnerabilities assembled across multiple “individually valid” steps. Each step looks correct on its own—the fault is in the order.
Triage is the product
The solution provided by the Ethereum Foundation is neither to discard AI nor to accept its output wholesale. Instead, AI agents are tasked only with “recommending” which sequences of actions are worth testing, while actual verification still runs the usual traditional tests and manual review. No decision-making authority is handed over; AI’s role is always a search tool, not a replacement for human security researchers.
It seems that in the short term, finding bugs isn’t the rarest capability in the AI era—the scarce skill is figuring out which findings are real.