Vitalik Buterin Says AI Could Help Find Bugs In Ethereum Code
Ethereum co-founder Vitalik Buterin has expressed his excitement about the potential of artificial intelligence (AI) in identifying potential flaws within Ethereum’s codebase.
According to Buterin, AI could play a critical role in addressing one of Ethereum’s “biggest technical” risks: bugs hidden deep within its code. In a post shared on February 18, he highlighted the significance of AI-powered auditing in detecting and rectifying buggy code within the Ethereum network, describing it as the most significant technical risk to the network.
Vitalik Buterin Hints at Using AI to Improve Dencun
The ETH co-founder’s remarks coincide with Ethereum’s progress toward implementing the highly anticipated Dencun upgrade, scheduled for launch on March 13. Although Dencun was deployed on the Goerli testnet on January 17, a bug in Prsym delayed the network finalization on the testnet for four hours. Upgrades to the Ethereum network are pivotal to its long-term development roadmap.
However, not everyone shares Buterin’s confidence in AI as a reliable tool for bug detection in Ethereum-based code.
In July 2023, OpenZeppelin conducted experiments utilizing OpenAI’s GPT-4 to identify security issues in Solidity smart contracts, Ethereum’s native language. In these experiments, GPT-4 successfully identified vulnerabilities in 20 out of 28 challenges. However, when GPT-4 failed to identify flaws, it sometimes created new vulnerabilities that did not previously exist.
Similarly, Kang Li, Chief Security Officer at CertiK, cautioned against relying solely on AI-powered tools, such as ChatGPT, in coding, as they can sometimes introduce more security issues than they resolve.
Overall, Li recommends using AI assistants as aids to experienced developers, as they can help explain code quickly. While Buterin remains optimistic about AI’s potential, he has previously warned developers to exercise caution when integrating AI with blockchain technology, especially in “high-risk” applications like oracles.
“It is crucial to be cautious,” Buterin emphasized. “If, for example, a prediction market or stablecoin relies on an AI oracle that is vulnerable, a significant amount of funds could be at risk of disappearing suddenly.”