Buterin noted in a previous article that when programming with AI, “complete security is impossible.”
Ledger’s CTO believes AI is “breaking down the barrier to entry” for hackers.
Vitalik Buterin argued that the formal code verification technique assisted by artificial intelligence (AI) represents the answer to the problem that AI itself introduces to cybersecurity, and that this process can produce software that is more secure than that written by humans without that mathematical backing.
Buterin’s thesis, published today, May 18, on his personal blog, appears as a direct response to those who maintain that AI, by facilitating the automated discovery of vulnerabilities, would make it impossible to trust the code without depending on large organizations.
According to the co-founder of Ethereum, this is a transitory challenge, not a structural one. The state of equilibrium he aims for, he stated, would be “more favorable to the defender than what we had before.”
The proposal: two objects, one test
Buterin’s central argument is that formal verification (the mathematical demonstration that a program behaves exactly as it promises) can be verified automatically.
According to his approach, an AI model can write code in low-level assembly language, optimized for speed, and simultaneously generate the mathematical proof that proves its equivalence with a human-readable version. The result would be two separate objects: one optimized for efficiency, another for understanding, united by a verifiable proof. The user, Buterin noted, can verify that test once and then run the quick version without needing to audit the code internally.
In this framework, Buterin mentioned active projects within the Ethereum ecosystem that apply this approach:
- evm-asm: an implementation of the Ethereum Virtual Machine (EVM) written directly in assembly code (the language closest to the hardware, without intermediate layers) and formally verified.
- Arklib: a system aimed at building a verified implementation of STARKa variant of zero-knowledge proofs (ZK), cryptographic mechanisms that allow proving the correctness of a calculation without revealing its data.
- Similar efforts on consensus algorithms Byzantine fault tolerantwhere errors in human-written tests have already caused documented problems.
According to Buterin, the strength of this approach lies in the fact that verification would cover the system from end to endnot just its separate parts, which would eliminate the category of errors that appear in the interface between subsystems.
Vitalik Buterin recognizes challenges in his own proposal
However, his own Buterin recognized the limits of the approach. Formal verification does not prove that the software is “correct” in the sense that a user would mean by the term: it only proves that the code supports the mathematical properties that the developer chose to specify.
If those properties are incomplete, or if the developer fails to specify something critical, The test passes and the failure remains intact. It also does not cover hardware behaviors, such as power analysis side-channel attacks, which expose private keys by observing physical patterns external to the code.
As reported by CriptoNoticias, Buterin had already pointed out in a previous article that, when programming with AI, “Total security is impossible”although he estimated that in many specific cases it is possible to verify specific statements that eliminate more than 99% of the negative consequences of a failure.
The cases that feed the opposite side
Last May, the Google Threat Intelligence Group (GTIG) reported what it described as the first documented case of a “zero-day” vulnerability (a flaw with no patch available at the time of use). developed with AI assistanceas reported by CriptoNoticias.
According to Google, the exploit allowed two-step authentication to be bypassed by an open source systems administration tool, and clues in the code pointed to the involvement of a language model.
In February, decentralized finance protocol Moonwell recorded a loss of $1.7 million after an AI-generated smart contract priced the cbETH asset at $1.12 versus its actual market value of over $2,200. The difference allowed misvalued collateral to be exploited before the team detected the anomaly.
According to analysts, the bug passed all human reviews prior to implementationwhich places responsibility in the supervision process, not just in the model.
Charles Guillemet, Ledger’s chief technology officer, recently warned that AI is “breaking down the barrier to entry” for the attackers. According to their approach, converting the difference between two versions of a binary into a functional exploit (a process that previously required days of specialized work) can now be completed in hours, while most users have not yet installed the corresponding patch.
Buterin’s and Guillemet’s positions point to different diagnoses on the same phenomenon: the first maintains that formal verification turns AI into a clear tool for the defender; the second, that the speed with which AI reduces the cost of attacking now exceeds the speed with which the industry can respond.