The Protocol Security team recently tested autonomous agents against core cryptographic libraries and smart contracts, yielding a mix of real threats and noise. Among the successes was the discovery of a remotely triggerable panic in the libp2p gossipsub component, eventually disclosed as CVE-2026-34219. However, the Foundation reports that AI agents frequently produce convincing false positives, citing unreachable code, duplicate issues, and flawed formal proofs as constant hurdles.
To manage this, the Foundation implemented a multi-agent workflow where different systems handle reconnaissance, hypothesis testing, and validation. Agents now communicate through version control, sharing state to avoid redundant work. Despite these systematic improvements, the organization maintains that AI should act only as a hypothesis generator. Human oversight remains mandatory, as the Foundation refuses to categorize any finding as a valid vulnerability unless it can be independently reproduced against production code. This rigorous stance underscores a shift in security strategy: AI is effectively an assistant for stateful testing, yet it currently lacks the nuance to judge exploit reachability or genuine security implications on its own.

Comments (0)
No comments yet. Be the first!