The Ethereum Foundation has deployed coordinated swarms of AI agents to attack its own infrastructure, running them against cryptographic systems, protocol code, and smart contracts in a bid to find weaknesses before malicious actors do.
In a blog post published Thursday by the Foundation’s Protocol Security team, researchers confirmed the agents have already found real vulnerabilities, including a remotely triggered panic in libp2p’s gossipsub, which forms part of the peer-to-peer layer used by Ethereum consensus clients. That bug was patched and disclosed on GitHub as CVE-2026-34219.
What the AI Agents Actually Do
The agents are organised into specialised roles covering reconnaissance, hunting, gap-filling, and validation. Some scan for potential attack paths, while others attempt to reproduce failures and test whether they hold up against production code.
The team described the setup as analogous to fuzzers, tools that stress-test software for flaws, but said AI agents go further by generating full vulnerability reports, assessing impact, and building proof-of-concept tests.
‘We have been running coordinated AI agents against the kinds of systems the network depends on, like systems software, cryptographic code, and contracts that have to be right,’ the researchers wrote. ‘The agents found real bugs.’
The Hard Part Is Triage, Not Discovery
The Foundation said the biggest surprise was not that the agents found bugs, but how lopsided the workload became once they did.
‘Agents finding bugs wasn’t the surprise,’ the team wrote. ‘The surprise was how little of the work went into finding them, and how much went into telling the real bugs from the ones that just looked real.’
AI-generated findings can appear credible even when they are wrong, producing duplicates, false positives, and vulnerabilities that cannot actually be exploited. To counter this, the Foundation imposed a strict standard: no candidate counts as a confirmed finding until a self-contained artifact reproduces the failure against real code and runs successfully for someone who did not write it.
‘The reproducer doesn’t read the write-up, and it doesn’t care how confident the model sounded. It either runs or it doesn’t,’ the researchers wrote.
AI Security Research Is Gaining Ground Across Crypto
The approach builds on a pattern emerging across the industry. In April, a preview version of Anthropic’s Claude Mythos discovered 271 vulnerabilities in Mozilla’s Firefox browser. In May, security researcher Taylor Hornby used Anthropic’s Claude Opus 4.8 in an audit that uncovered a critical flaw in Zcash’s Orchard privacy pool. That vulnerability had existed for roughly four years and could have let an attacker create counterfeit ZEC without leaving an obvious on-chain trace. A network upgrade to restore confidence in Zcash’s supply remains ongoing.
What the Foundation Concludes
The Ethereum Foundation framed the initiative not as a replacement for human security researchers but as a shift in what those researchers spend their time doing.
‘AI didn’t replace the security researcher. It moved the work,’ the Foundation said. ‘Agents let us cover far more ground than we could by hand. In exchange, they ask for more careful judgment, across a much bigger pile of confident-sounding claims.’
The team added: ‘That’s a trade worth making, as long as you remember that the judgment is the real product.’


