The "Holy Grail" of distributed systems—consensus protocols—has long been a "Bug Hell" for top-tier infrastructure engineers. Due to their extremely complex states and intertwined multi-node interactions, traditional testing and monolithic LLMs are almost powerless against hardcore Deep Bugs (deep logical vulnerabilities).

Recently, in a paper accepted at the upcoming ICML 2026, researchers from 0G Labs and top academic-industry teams including the National University of Singapore, Peking University, and Beijing University of Posts and Telecommunications proposed Agora—the first automated testing framework that deeply integrates domain knowledge with large language model multi-agent collaboration.

Through an innovative architecture that directly tackles the pain points of protocols, this framework has successfully captured 15 previously unknown protocol-level Deep Bugs in industrial and academic core protocols such as Raft, EPaxos, HotStuff, and BullShark! In stark contrast, top native large models like GPT-5.2 and Claude 4.5 all failed, scoring zero. As multi-agent systems and "Agentic Quality Control" become the hottest tracks in 2026, Agora delivers not just a paper, but a practical, industrial-grade solution.

Paper: "Agora: Toward Autonomous Bug Detection in Production-Level Consensus Protocols with LLM Agents"

1. Background: A Powerful Alliance between 0G and NUS, Merging Long-Term System Knowledge with the Cross-Generational Multi-Agent Paradigm

The evolution of distributed consensus protocols is both a history of genius innovation and a bloody chronicle of pitfalls encountered by countless top engineers. As Turing Award winner Lamport stated, ensuring the correctness of distributed protocol implementations is as challenging as navigating a constantly shaking maze blindfolded. On this "hellish" track, the market is quietly shifting: According to Gartner observations, enterprise consulting demand for multi-agent systems has surged over tenfold in just over a year, and the multi-agent platform market is entering a period of rapid expansion, nearly doubling annually—using "multi-agent collaboration" for the most hardcore low-level system verification is transforming from a frontier concept to an industry necessity.

Facing this hellish challenge, tech giants with halos were the first to embark on heavy-asset exploration. For example, industry leader Anthropic's recent internal Glasswing project within Claude Code attempted to use agents for low-level infrastructure testing, but its architecture still heavily relies on top-tier commercial large models, with vague project details and closed-door collaborations limited to a handful of large institutions and multinational corporations. More critically, such giant-led solutions may exhibit terrifying token consumption during operation. This high computational barrier and heavy-asset approach directly shut out startups and SMEs with limited budgets.

Are smaller companies and open-source communities doomed to be unable to afford top-tier automated vulnerability auditing tools?

Engineers from 0G Labs, collaborating with Xiang Liu from the National University of Singapore, Sa Song and Yong Sun from Beijing University of Posts and Telecommunications, and Ph.D. student Zhao-wei Zhang and researcher Ce-yao Zhang from Peking University's School of Intelligence, leveraged their profound knowledge in the agent domain to empower systems, launching a disruptive "David vs. Goliath" innovation. Their work has been accepted at the 2026 AI top conference ICML.

The academic world's "long-term accumulation of system knowledge" meets the industry's "pain points and keen insight." How can this ignite the next revolution in system security?

The 0G team has accumulated extremely rich production-level attack and defense experience in implementing blockchain consensus protocols; while the academic team has profound expertise in high-performance distributed systems, low-level concurrency control, and formal verification. They are keenly aware that traditional methods (like fuzzing) often struggle with state-space explosion when facing industrial-scale codebases. The researchers decided to infuse the "soul"—their long-accumulated knowledge of global invariant logical deduction in distributed systems—into the cutting-edge multi-agent collaboration paradigm and automated harness architecture, launching the open-source and accessible Agora framework.

Simultaneously, as a leader in modular AI infrastructure and high-performance decentralized data availability networks, the 0G team has accumulated extremely rich production-level attack/defense experience and real-world protocol defect samples in the industrial implementation of blockchain consensus protocols and high-concurrency BFT (Byzantine Fault Tolerance) architectures.

This cross-domain fusion fundamentally changes the game: it is neither blind brute-force testing nor large models "fumbling in the dark" without domain knowledge. Instead, through specialized agent roles, it transforms the decades of logical deduction intuition from seasoned system experts into strategic interaction and collaboration among agents, thereby acquiring the hardcore capability to outperform traditional testing tools.

Unlike Glasswing's heavy-asset approach, which voraciously consumes expensive top-tier tokens, Agora presents a highly accessible alternative for SMEs—it proves that even with a "slightly inferior" base model and higher cost-effectiveness, a cleverly designed domain-aware multi-agent collaborative architecture can still unearth hardcore Deep Bugs!

2. Pain Point: Monolithic LLMs Struggle to Break Through, Distributed Systems Hang Under the "Damocles' Sword" of Deep Logic

In today's world dominated by big data, blockchain, and distributed databases, consensus protocols (like Paxos, Raft, PBFT, etc.) form the foundational bedrock of the entire digital world. However, implementing consensus protocols is notoriously "hellishly difficult." Even industrial-grade benchmark projects like etcd, honed by countless top engineers worldwide over years of operation, still harbor Deep Bugs (deep logical vulnerabilities) that send chills down one's spine.

These vulnerabilities differ from ordinary low-level implementation bugs like memory leaks or integer overflows. They span multiple execution phases and depend on complex concurrent states. If maliciously triggered, they can not only cause core data corruption but also lead to catastrophic financial-level losses.

While Large Language Models (LLMs), hugely popular in recent years, have shown promise in general code analysis, they appear "intellectually challenged" when facing distributed consensus. They can at best find shallow defects in local code. When confronted with protocol-level logical vulnerabilities dependent on global state, monolithic LLMs often get stuck in the mud of local code, completely unable to perform global temporal reasoning.

3. The Breakthrough: Agora's Three-Agent Paradigm and Core Harness Architecture

To break this deadlock, Agora is the first to introduce the classic academic paradigm of Hypothesis-Driven Testing (HDT) into large model agent systems. To achieve efficient global reasoning, Agora completely abandons the traditional "lone wolf" mode, elegantly decoupling the workflow into three highly specialized agents with distinct roles:

Orchestrator Agent: Responsible for maintaining global state and performing "vulnerability exploitation" by extrapolating from known bugs.

Strategy Agent: Responsible for injecting distributed domain knowledge and generating highly aggressive anomalous scenarios tailored for CFT and BFT protocols.

TestGen Agent: The practical executor. The key that truly enables Agora to be operational and generate effective tests in a closed loop lies in its core automated testing architecture.

The architecture is illustrated in the following diagram:

In Agora's overall design, this "David vs. Goliath" accessible magic does not come out of thin air; it stems from the deep integration of its ingenious agent interaction mechanisms and the testing harness architecture.

The research team specially designed an extremely succinct and efficient communication and memory mechanism (Succinct Memory & Communication) within the system framework. While ensuring each agent focuses on its core tasks, it minimizes redundant context transmission overhead to the lowest level. Under this extreme communication constraint, the Orchestrator Agent (responsible for global coordination and state control), the Strategy Agent (responsible for generating distributed anomalous environments and scenarios), and the TestGen Agent (responsible for code testing and dynamic evaluation) are perfectly interwoven, collectively driving and fulfilling the Harness architecture:

Automated Closed-Loop Synergy: When the Strategy Agent deduces an abstract distributed attack scenario, relying on the highly decoupled interaction framework, the TestGen Agent can immediately launch the underlying test harness. This architecture not only possesses strong environmental adaptability, capable of spanning different programming language environments like Go and Rust to translate attack hypotheses into real, runnable unit tests, but also incorporates efficient reflection-loop technology.

Once a test throws an error during execution in the environment, the system precisely and real-time captures the call stack and execution logs, concisely feeding them back to the agents for targeted self-correction. This organic combination of "multi-agent minimal interaction + dynamic harness closed-loop" not only allows Agora to capture the most elusive deep logical bugs with extremely low token costs but also produces detailed analysis reports with very low false-positive rates.

The final operational overview is illustrated in the following diagram:

4. Results: Capturing 15 Top-Tier Zero-Day Deep Bugs, Baseline Large Models Score Zero

The evaluation results are astounding. The research team conducted a comprehensive assessment on four well-known consensus protocol libraries (including production-grade etcd and the underlying components of the emerging public chain core, Sui), comparing against top-tier models like GPT-5.2, Gemini 3.0 Pro Preview, Claude Sonnet 4.5, and Qwen3 Coder.

The outcome not only made 0G's own operational consensus systems more secure but also demonstrated overwhelming superiority:

15 New Logic Deep Bugs Uncovered: Agora successfully discovered 15 previously unknown protocol-level deep logical vulnerabilities. These span high-risk areas such as execution divergence, monotonicity violations, topology flaws, and signature vulnerabilities.

Native Large Models All Score Zero: In contrast, baseline models (even equipped with advanced ReAct dynamic toolchains) completely failed (0/15) against these deep logical vulnerabilities. They consumed massive amounts of tokens but could only find low-level code implementation bugs.

Extremely Low False-Positive Rate and High Cost-Effectiveness: Among all bug reports generated by Agora, genuine logical vulnerabilities accounted for a high 73.9% (false-positive rate only 26.1%). Even more impressive, it costs only about 5.32M tokens (approximately $40) on average to unearth one top-tier logical bug that would make seasoned architects lose their hair, demonstrating extremely high cost-effectiveness.

Results across multiple LLMs are shown below:

5. The Future: High Generalizability, Advancing into More Hardcore "Uncharted Territories"

Agora's success not only injects confidence into the security of distributed systems but also points the way for large model applications in vertical, industrial-grade scenarios.

Critically, Agora's architectural design demonstrates high generalizability and universality. The research team emphasizes that Agora can also be quickly reproduced and used by a broad user base in the form of plugins or skills. Our code (github.com/0gfoundation/agora) provides corresponding skills to aid reproduction. Furthermore, Agora's "Large Model + Multi-Agent Collaboration + Hypothesis-Driven" paradigm is not limited to consensus protocols. Due to the deep decoupling between its underlying workflow control and the upper-layer domain knowledge base and testing harness, the architecture means it can not only help numerous users quickly debug consensus protocols but can also be rapidly extended to other hardcore fields similarly plagued by "deep logical vulnerability hell" in a "plug-and-play" manner:

Database Concurrency Control: For testing complex transaction conflict defects in distributed databases under extreme isolation levels (like Serializable).

Operating System Kernels / Concurrent Systems: For deeply discovering hidden deadlocks and race conditions in multi-threaded infrastructure.

Web3 Smart Contract Auditing: For in-depth security boundary exploration of cross-chain protocols and DeFi logic involving complex economic models. The blockchain security market is projected to reach about $8.5 billion by 2026, and commercial products using "multi-agent security systems" for smart contract auditing, compressing audit cycles from weeks to hours, are already emerging. Market demand is exploding.

The era of AI-automated security for industrial-grade low-level infrastructure may have been officially inaugurated by Agora and its harness architecture.

We have reason to believe that Agora can help better test the capabilities of coding LLMs by discovering more deep bugs across various domains, and the deep bug use cases it finds can also help enhance coding LLMs' code comprehension abilities.

Agora can significantly improve the security of code repositories that form the foundation for financial secure transactions, such as consensus protocols, concurrency control, and smart contracts. Moreover, Agora can help more tech companies discover deeper logic bugs while consuming fewer tokens, saving funds and being more efficient!

More importantly, this precisely aligns with the two hottest current trends: First, multi-agent systems are transitioning from experimentation to production—Gartner predicts that by 2028, over 30% of enterprise software will have agentic AI built-in, and the multi-agent platform market size is expected to surge from the tens of billions to hundreds of billions of dollars within a few years. Second, "using agents to audit agents"—Agentic Quality Control—is becoming the industry standard for 2026.

Against the backdrop where the Veracode 2025 report indicates approximately 45% of AI-generated code contains security vulnerabilities and the agentic AI security market is growing at a ~42% CAGR, Agora enables tech companies to unearth deeper Logic Bugs with lower token costs, upgrading security auditing from a "human-powered task billed by the week" to an "automated capability delivered by the hour."

And as the landscape of this track becomes clearer, those who truly seize the early advantage are often not the loudest giants, but the team that first operationalizes the methodology and can consistently replicate it.