Vitalik Buterin says artificial intelligence could ultimately make cryptocurrency systems and critical internet infrastructure more secure, if developers combine AI-generated code with mathematically verified software.
The Ethereum co-founder argued that AI-assisted “formal verification” could become one of the most important tools for cybersecurity as increasingly advanced AI systems make it easier to discover software vulnerabilities, in a lengthy blog post shared Monday.
Formal verification refers to the use of machine-checkable mathematical proofs to confirm that software behaves exactly as intended. While the technique has existed for decades, Buterin said recent advances in AI are making it dramatically more practical by helping developers write both code and the proofs needed to verify it.
Buterin framed the technology as a response to growing fears that AI could overwhelm defenders by accelerating bug discovery and cyberattacks. Smart contract exploits remain a persistent issue across crypto, with attackers frequently draining millions of dollars from vulnerable decentralized finance protocols.
Mathematically verified software could help reverse that trend, especially in areas where security failures would be catastrophic, Buterin argued. He specifically pointed to Ethereum infrastructure, zero-knowledge proof systems, consensus mechanisms and post-quantum cryptography as technologies that could benefit from formal verification.
“Bugs in computer code are scary,” Buterin wrote, before describing how risks become even more severe when software controls immutable onchain assets or advanced cryptographic systems.
The post also pushed back against a growing belief among some security researchers that increasingly complex AI-generated software may become impossible to fully trust. Instead, Buterin said AI could eventually strengthen cybersecurity by helping developers identify and eliminate flaws faster than attackers can exploit them.
Still, he cautioned that formal verification is “not a panacea.” Even mathematically proven systems can fail if developers verify the wrong assumptions, overlook hardware vulnerabilities or leave parts of a system unchecked.
“AI gives you the ability to write large volumes of code at the cost of accuracy, and formal verification gives you back … accuracy,” Buterin writes. “By default, AI will enable large amounts of very sloppy code … But there is an optimistic future for cybersecurity here.”
Read more: The Ethereum Foundation unveils new ‘Clear Signing’ standard to stop users from approving malicious crypto transactions
Leave a Reply