Ethereum deploys AI agents to discover libp2p vulnerability
The Ethereum Foundation used AI agents to uncover a critical vulnerability in libp2p. This marks a new approach in security auditing.
The Ethereum Foundation successfully deployed coordinated AI agents to uncover a remotely-triggerable vulnerability in libp2p, identified as CVE-2026-34219. The team highlighted that the real challenge lies in distinguishing genuine bugs from false positives.
These AI agents operate in parallel against a single target, performing roles such as hypothesis generation and validation. However, the team noted that many candidates are incorrect or out of scope, emphasizing the need for reliable result identification in security auditing.