Guavy AI Editorial TeamSentiment: 2Clout: 40

Ethereum Foundation Deploys AI Agents for Vulnerability Hunting

The Ethereum Foundation's Protocol Security team is using AI agents to test the security of their own software, networking layers, and smart contracts. These swarms of AI agents continuously probe parts of the Ethereum stack, looking for vulnerabilities before hostile actors can exploit them.

One notable result from this program was the discovery of a remotely triggerable panic in the libp2p gossipsub networking layer. This bug was later patched and disclosed as CVE-2026-34219.

The Foundation's approach is to use AI to search more broadly and often, but then have human researchers validate the findings and decide on severity and patching.

AI agents are not meant to replace traditional security methods like manual review, client team expertise, or formal verification. Instead, they sit alongside these tools to provide additional capabilities.