The Ethereum Foundation pointed a fleet of coordinated AI agents at the software that runs the network and came away with a genuine security flaw: a remotely triggerable crash that could take a validator offline until an operator restarts it. The bug was fixed and disclosed as CVE-2026-34219.

In field notes published July 9, the Foundation’s Protocol Security team, writing through researcher Nikos Baxevanis, walked through how it ran the agents and vetted their output.


This story is an excerpt from the Unchained Daily newsletter.

Subscribe here to get these updates in your email for free


The more striking finding was about the work itself. Baxevanis wrote that little effort went into finding bugs and most went into separating the real ones from findings that only looked real. Unlike a fuzzer, which returns a crash and a stack trace, an AI agent returns a persuasive narrative, complete with a call chain, a severity rating, and working code, and it reads the same whether the bug is genuine or invented.

That gap has practical stakes as AI reshapes the security threat model. The team catalogued recurring false positives: crashes that only occur in test builds, attacks that work only if a value is planted by hand, and formal proofs that pass without proving anything useful. Agents also struggle with exploits that unfold across a sequence of individually valid steps, the pattern behind several of this year’s costly DeFi attacks, so the Foundation now uses agents to suggest which sequences to test rather than to render a verdict.

The experiment fits a broader shift at the Foundation, which has said it will lean more on AI-assisted verification after deep staff cuts. Its conclusion echoes work by Anthropic and Cloudflare on agent-driven security research: the models can cover far more ground than humans alone, but a person still has to decide what counts as a real bug and what gets disclosed.

Related Listen: Ex-Ethereum Foundation Researchers Launched Their Own Lab: Uneasy Money