Ethereum co-founder Vitalik Buterin has raised fresh concerns over the use of artificial intelligence (AI) in crypto governance, warning that malicious actors could exploit AI models through jailbreaks and vulnerabilities. His remarks come shortly after OpenAI’s latest ChatGPT update was demonstrated to leak private data under specific exploit conditions.
As AI tools evolve, many crypto projects have started experimenting with AI-based agents for trading, portfolio management, and even governance structures. The idea is that AI could bring efficiency, speed, and fairness in decision-making.
However, Buterin believes this enthusiasm may be misguided when applied to governance, especially when it comes to allocating funds or making protocol-level decisions.
He explained that if AI systems are placed in charge of distributing resources, attackers could simply embed “jailbreak prompts” that trick the model into granting them funds.
Why AI Governance Faces Exploitation Risks
The warning follows a recent report from Eito Miyamura, creator of EdisonWatch, who showcased a ChatGPT exploit capable of leaking private information. By using carefully designed prompts, the model could be manipulated into sharing data it should never reveal.
Buterin pointed out that this is exactly why naïve AI governance models are unsafe. AI’s lack of robust defense against prompt injection attacks makes it unreliable as a sole decision-making entity in decentralized ecosystems.
Buterin’s Alternative: The “Info Finance” Approach
Instead of relying on a single AI system to govern protocols, Buterin suggested a more open and competitive structure he calls the “info finance approach.”
This method creates a marketplace of models, where anyone can contribute their AI solutions. These models would be subject to spot-check mechanisms triggered by community members and evaluated by human juries.
According to Buterin, this approach introduces:
- Model diversity in real time
- Built-in incentives for participants to monitor and correct failures
- Resilience against exploits, since no single model dominates decision-making
He also highlighted prediction markets as a way to extract reliable information from market participants about future outcomes, ensuring governance decisions are grounded in incentives rather than AI vulnerabilities.
The controversy was sparked by OpenAI’s new integration feature called Model Context Protocol (MCP), which allows ChatGPT to interact with external software. Miyamura demonstrated that with only an email address, a malicious actor could potentially leak sensitive information through cleverly designed calendar invites.
He described this as a “serious security risk”, since victims wouldn’t even need to accept the invite for the exploit to work.
The Bigger Picture for Crypto Governance
While AI remains a promising tool in crypto trading and automation, Buterin’s warning highlights the need for caution when it comes to governance. Centralized or untested AI-run systems could easily be compromised, leading to massive financial risks for decentralized communities.
As the crypto industry explores AI integration, the debate underscores the importance of human oversight, market-based checks, and resilient institutional design.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.