Triage Is the Product: AI Agents Audit Ethereum's Protocol Code
Ethereum Foundation's security team runs parallel AI agents against protocol code, surfacing a real CVE—yet the hard part is filtering out false positives.
The Ethereum Foundation's Protocol Security team ran coordinated AI agents against the systems software, cryptographic code, and contracts the network depends on. The effort produced a concrete result: a remotely-triggerable panic in libp2p's gossipsub component, now tracked as CVE-2026-34219. The real finding, however, was less about discovery and more about verification—agents were good at surfacing bugs, but most of the effort went into telling genuine issues apart from convincing-looking false positives.
The team runs many agents in parallel against a single target, coordinating through version control rather than a central process. Work is organized by role: recon turns attack surfaces into testable hypotheses, hunting traces code paths to build reproducers, gap-filling tracks uncovered ground, and validation independently rechecks and deduplicates candidates. A finding only counts once it satisfies a strict schema—target, invariant, mechanism, observable proof, and a self-contained reproducer that runs against the real code.
The most important rule is that no claim counts until it reproduces for someone who didn't write it. The team found most false positives fell into three patterns: panics only present in debug builds, reproducers built from unreachable internal states no real input could trigger, and formal proofs that technically pass without capturing the intended property. Acceptance rates vary sharply by target, with mature, heavily audited code yielding almost nothing and less-explored or formally verified code yielding more candidates. This mirrors similar agent-driven audit work at Anthropic and Cloudflare, underscoring that the hard part of AI-assisted security research isn't finding bugs—it's separating real signal from confident-sounding noise.