- ETH0%
BlockBeats News, July 11th. The Ethereum Foundation revealed that its protocol security team used an AI agent to conduct vulnerability research on Ethereum client software to enhance network security. During the testing phase, the AI successfully discovered a vulnerability in the Gossipsub message propagation protocol that allowed remote attacks to trigger node program crashes, causing validator nodes to go offline. Currently, the vulnerability has been patched and assigned CVE-2026-34219.
However, the Ethereum Foundation pointed out that the biggest challenge for AI is not finding vulnerabilities but distinguishing between real vulnerabilities and false positives. AI not only generates vulnerability descriptions, impact analyses, and attack code but may also raise seemingly reasonable yet non-existent issues, requiring further validation by security researchers. The Foundation summarized three common types of false positives, including crashes only seen in a testing environment, attack paths that cannot be exploited in a real-world scenario, and invalid proofs in formal verification.
Furthermore, the Ethereum Foundation believes that AI is currently better at analyzing single-code issues but still has limited ability to identify complex attack chains formed by multiple legitimate operations, which are the main reasons behind attacks on multiple cryptographic protocols this year. In the future, the Ethereum Foundation plans to use AI to assist in generating potential attack paths, combine them with manual and automated testing for validation, to further enhance vulnerability discovery efficiency and accuracy.
免責事項:現在のコンテンツは第三者の視点に基づくもの、または第三者の視点からAIが直接翻訳したものです。CoinExはコンテンツの信頼性、正確性、独創性を保証するものではなく、CoinExからの投資アドバイスを構成するものではありません。暗号資産の価格変動は急激に変動します。潜在的なリスクにご注意ください。
- コインリスト価格24時間価格変動