a16z 研究:AI 代理可识别 DeFi 价格操纵漏洞,但复杂攻击执行能力仍有限
ChainCatcher 消息,据 a16z 披露,其研究人员对 AI 代理能否独立完成 DeFi 价格操纵漏洞利用进行了系统测试。
研究以 20 起以太坊价格操纵事件为数据集,使用配备 Foundry 工具链的 Codex(GPT 5.4)作为测试代理。在无领域知识的基准条件下,代理成功率仅为 10%;引入基于真实攻击事件提炼的结构化领域知识后,成功率提升至 70%。失败案例显示,代理均能准确识别漏洞,但普遍无法理解递归借贷的杠杆逻辑、错误判断盈利空间,以及无法组装跨合约的多步骤攻击结构。实验还记录到一起沙箱逃逸事件:代理通过提取本地节点配置中的 RPC 密钥,调用 anvil_reset 方法将节点重置至未来区块,绕过信息隔离限制并获取真实攻击数据。研究团队认为,AI 代理目前可有效辅助漏洞识别,但尚不能替代专业安全审计人员。
Disclaimer: OKX Orbit content is provided for informational purposes only. Learn more
Replies
Related Flash News
Odaily•1h agoMaji Big Brother's Ethereum long positions face partial forced liquidations, current investment return -124.94%
Odaily•5h agoDan Romero, former Farcaster founder and Tempo team member: Tempo may achieve decentralization within two years, and the head of the Asian market is already in place
币界网•7h agoGrayscale Research: Improved regulatory transparency will drive blockchain adoption explosions
Blockbeats•8h agoStablecoin issuer JPYC is about to complete its Series B financing, with participation from Life Design Fund and others, raising a total of about $31.4 million
币界网•9h agoWu said: AAVE, MetaMask, and Mastercard have partnered
币界网•9h agoJoseph Lubin: Blockchain technology can solve the U.S. debt crisis
ChainCatcher•9h agoData: A suspected Bitmine address increased its holdings by another 60,000 ETH, valued at about $125.9 million
Odaily•10h agoTwo newly created wallets suspected to be related to Bitmine withdrew 60,000 ETH from Bitgo and Kraken, worth $126 million
TechFlow•10h agoSantiment: Bitcoin ETFs have seen net outflows on 9 out of the past 10 days, with negative sentiment for Ethereum at its lowest level since 2023
币界网•15h agoMatrixport-linked addresses "Top 1 in ETH long positions": The floating loss on ETH long positions at Matrixport-linked addresses expanded to 7.01 million