AI Audit Uncovers Critical Bug in Ethereum Client

AI from Octane Security found a critical flaw in Ethereum client Nethermind.

Artificial intelligence from Octane Security has identified a critical flaw affecting the functionality of the Ethereum client Nethermind.

1/ Octane’s AI found a high-severity liveness bug in the @Nethermind execution client that could have stopped local block production for 38% of @ethereum mainnet validators.

This bug was patched via the @ethereumfndn bug bounty program, with no exploitation observed. pic.twitter.com/ebdUt31WC8

— Octane Security (@octane_security) February 25, 2026

According to auditors, the vulnerability allowed for the halting of local block production for 38% of mainnet validators.

The issue arose from a lack of length equality checks when validating transactions with large binary data arrays (BLOB) in Nethermind as they were added to the pool.

Potential attackers could create an incorrect operation with BLOB objects, leading to skipped slots with genuine requests.

The problem was discovered during the integration of the Fusaka update. It affected both the testnet and mainnet.

The bug has been fixed, and an in-depth analysis found no attacks exploiting it.

“This is where automated security shines. Edge cases on the client side are difficult to analyze manually, but they are easy to verify once detected [with AI],” representatives of Octane Security addressed blockchain co-founder Vitalik Buterin.

The Ethereum Foundation confirmed the high level of danger, awarding the company the maximum bounty of $50,000 under the bug bounty program.

In February, OpenAI, in collaboration with Paradigm, released a benchmark to assess the ability of AI agents to hack smart contracts.