Pairing AI with math-verified code can flip crypto's security equation, making key systems harder to exploit than to build, Buterin argues.

Don't scroll Twitter for crypto news
One email. Five minutes. Everything that matters today
Ethereum co-founder Vitalik Buterin published a blog post on May 18, 2026, arguing that AI-assisted formal verification – mathematical proofs that code behaves exactly as intended – could become crypto's most important security tool. He pushed back against the view that AI-powered bug discovery makes trustless systems impossible, saying the same AI accelerating attacks can also produce verified, provably correct code.
AI is rewriting crypto's threat model – and its defenses. Get tomorrow's Web Snack for the next move in the blockchain security arms race.
How Months of AI Experiments Set the Stage for Buterin's Formal Verification Case
The May 18 post didn't arrive without a runway. In late February 2026, Buterin responded to a developer who had prototyped major Ethereum roadmap features in two weeks using agentic AI coding. He was cautiously impressed, but warned the build was "almost certainly" full of critical bugs, and proposed that developers redirect half the speed gains from AI into security work: more test cases, formal verification, and multiple independent implementations. He floated the possibility that the Ethereum roadmap could "finish much faster than people expect, at a much higher standard of security."
Around the same time, a collaborator on the Lean Ethereum project used AI to generate a machine-verifiable proof for one of the most complex theorems underlying STARK-based cryptography – the kind of work that had previously required months of specialized effort. On May 11, one week before the full essay, Buterin posted on X that he was "getting increasingly bullish on just vibe-coding the important things in Lean," linking to ArkLib, a formally verified zkEVM project, and a zkSecurity post titled "The Final Form of Software Development."
The May 18 blog post was the extended argument those signals pointed toward: a case that formal verification is not academic overhead, but a practical response to an AI-driven arms race in software security.
The Tools Behind Buterin's Formal Verification Bet: Lean, ArkLib, and evm-asm
Formal verification has existed for decades. The core idea is to write mathematical theorems about software and check them automatically, proving behavior holds across all possible inputs rather than a sample of test cases. AI is making the technique far more practical by helping developers write both the code and the proofs needed to check it.
Buterin pointed to Lean as the primary tool – a programming language used in mathematics and software engineering that lets developers write machine-verifiable proofs alongside executable code. Two active projects came up by name: ArkLib builds formally verified implementations of zkEVM cryptographic components, while evm-asm implements the Ethereum Virtual Machine in RISC-V assembly with correctness proofs attached. "AI gives you the ability to write large volumes of code at the cost of accuracy, and formal verification gives you back ... accuracy," Buterin wrote.
He named four areas where the approach matters most: Ethereum infrastructure, zero-knowledge proof systems, consensus mechanisms, and post-quantum cryptography – all areas where security properties are conceptually simple to state but fiendishly complex to implement without introducing bugs.
Why Formal Verification Changes the Math on DeFi Security
Smart contract exploits have drained hundreds of millions of dollars from DeFi protocols year after year, with attackers finding flaws that standard audits missed. AI is accelerating that threat: code review that once took experienced security teams weeks can now be done in minutes. The advantage is shifting toward attackers.
Formal verification changes the asymmetry. Rather than testing code on a sample of inputs, it proves behavior holds on all possible inputs given defined assumptions. Automated proof-checking catches interaction bugs – the kind that sit at the boundary between two subsystems each considered sound in isolation – where human auditors cannot. The nastiest vulnerabilities in complex systems are exactly this type. Buterin connected the argument to the Ethereum Foundation's Clear Signing standard, launched on May 12, 2026, as a complementary layer targeting the gap between what users intend and what wallets execute.
Still, Buterin was careful. Formal verification is "not a panacea," he wrote. Even mathematically proven systems fail when developers verify the wrong assumptions, overlook hardware side-channels, or leave portions of a system unchecked. Formally verified C compilers have shipped with bugs; formally proven cryptographic protocols have been broken under adversary models their authors never anticipated.
Ethereum's Secure Core: The Formal Verification Roadmap from Here
Buterin's framework divides software into two tiers. The secure core – operating system kernels, Ethereum itself, cryptographic infrastructure, ZK proof systems – must be held to a fundamentally different standard than the periphery: apps, plugins, AI-generated scripts. The peripheral layer may stay messy, so long as it runs sandboxed, with minimal privileges and no path to the core.
This maps directly onto Ethereum's active roadmap. The Glamsterdam upgrade, expected in the first half of 2026, and the Hegota upgrade, targeted for late 2026, both advance Ethereum toward ZK-EVM verification and structural simplification of the base layer. The ongoing push to replace the EVM with RISC-V – already referenced in evm-asm – aligns with the verification goal: a RISC-V EVM with machine-verifiable correctness proofs is already in development.
The deepest argument in the post is about something older than Ethereum. The cypherpunk principle – that defenders on a cryptographic network have a structural advantage because building protection is cheaper than breaking it – is under genuine pressure from AI that can find and exploit bugs at scale. Formal verification, Buterin argued, is one of the few tools capable of restoring that advantage: not by making all code perfect, but by making the systems that matter provably secure against a well-defined class of threats.
DeFi exploits aren't slowing down. Subscribe to Web Snack and get the security stories that matter, every morning before the market opens.
P.S. This article is for informational purposes only and does not constitute investment advice. Always conduct your own research and make independent decisions.
Like this story? There's more tomorrow
Join Web Snack – no fluff, just value
