AI-coded smart contracts may be flawed and 'fail miserably' when attacked: CertiK

cointelegraph.com:

Artificial intelligence tools such as OpenAI’s ChatGPT will create more problems, bugs and attack vectors if used to write smart contracts and build cryptocurrency projects, says an executive from blockchain security firm CertiK.

Kang Li, CertiK’s chief security officer, explained to Cointelegraph at Korean Blockchain Week on Sept. 5 that ChatGPT cannot pick up logical code bugs the same way experienced developers can.

Li suggested ChatGPT may create more bugs than identify them which could be catastrophic for first-time or amateur-level coders looking to build their own projects.

“You write something and ChatGPT helps you build it but because of all these design flaws it may fail miserably when attackers start coming,” he added.

Instead, Li believes ChatGPT should be used as an engineer’s assistant because it’s better at explaining what a line of code actually means.

He stressed that it shouldn’t be relied on for writing code — especially by inexperienced programmers looking to build something monetizable.

Li said he will back his assertions for at least the next two to three years as he acknowledged the rapid developments in AI may vastly improve ChatGPT’s capabilities.

Meanwhile, Richard Ma, the co-founder and CEO of Web3 security firm Quantstamp, told Cointelegraph at KBW on Sept. 4 that AI tools are becoming more successful at social engineering attacks — many of which are identical to attempts by humans.

Ma said Quantstamp’s clients are reporting an alarming amount of ever more sophisticated social engineering attempts.

While the ordinary internet user has been plagued with AI-generated spam emails for years, Ma believes we’re approaching a point where we won’t know if malicious messages are AI or human-generated.

Related: