Vitalik Buterin warned that advances in artificial intelligence could dramatically change how crypto systems are attacked and defended. He argues that the industry may need to move toward mathematically verified software to protect critical infrastructure.
In a new essay published on 18 May, Buterin said increasingly powerful AI models could make it far easier to discover and exploit vulnerabilities in complex software systems.
This is especially true in areas like smart contracts, zero-knowledge infrastructure, and cryptographic protocols.
He described bugs in crypto infrastructure as becoming “even more scary” when combined with AI systems capable of automating vulnerability discovery.
What Vitalik wants instead
Rather than relying only on traditional audits and software testing, Buterin argued that the crypto industry should increasingly adopt “formal verification.”
In simple terms, formal verification involves mathematically proving that software behaves correctly under specific conditions, rather than merely testing whether it appears to work.
Computers can automatically check the proofs themselves.
According to Buterin, this approach could become especially important for:
- Ethereum infrastructure,
- zero-knowledge proof systems,
- consensus mechanisms,
- post-quantum cryptography,
- and blockchain virtual machines.
- AI may both create and solve security problems
One of the more notable parts of the essay was Buterin’s argument that AI is not only a cybersecurity threat but could also become part of the solution.
He suggested that AI-assisted coding, combined with formal verification tools, could eventually produce software more secure than what humans alone can currently build.
Buterin compared the relationship to blockchain scaling systems, in which one technology introduces trade-offs while another helps restore security or efficiency.
He also emphasized that formal verification is not perfect. He acknowledged that even mathematically verified systems can fail if assumptions are incorrect or if vulnerabilities exist outside the verified code.
Ethereum moving toward a “secure core”
The essay outlines what Buterin described as a future where highly sensitive digital infrastructure becomes increasingly concentrated into smaller “secure core” systems.
These secure cores would include:
- blockchain consensus systems,
- cryptographic infrastructure,
- and operating-system level components.
According to Buterin, those systems would need to be heavily verified and carefully isolated as AI-generated software becomes more widespread.
Less critical applications and interfaces would remain more flexible. Still, they ideally operate with limited permissions to reduce the impact of potential bugs or exploits.
Final Summary
- Vitalik Buterin warned that AI-assisted exploit discovery could significantly increase risks for crypto infrastructure.
- He argued that Ethereum and other critical systems may need mathematically verified software to remain secure in an AI-driven future.