Ethereum Foundation uses AI to conduct red team testing on the ETH network and discovers real vulnerabilities
The Ethereum Foundation Protocol Security team researchers stated in a blog post on Thursday that a series of AI agents have been deployed to test the software relied upon by Ethereum, searching for vulnerabilities in the cryptographic systems, protocol code, and smart contracts. The vulnerabilities discovered by the AI agents include a remotely triggerable panic issue in the peer-to-peer layer libp2p gossipsub used by the Ethereum consensus client, which has been fixed and disclosed on GitHub as CVE-2026-34219.
The researchers noted that the AI agents are organized into specialized roles such as reconnaissance, searching, patching, and verification, aimed at identifying potential attack paths, reproducing failures, and verifying their applicability to production code. The Ethereum Foundation stated that AI has not replaced security researchers but has changed the way they work, allowing the team to cover a much broader scope than manual reviews, although researchers need to exercise more careful judgment over a large number of seemingly credible conclusions.






