Avant Blockchain Capital
Compiled: Babbitt Information
Results of text2img model with hint: "AI+Blockchain"
background
Over the past few months, there have been several breakthroughs in the AI industry. Models like GPT4 and Stable Diffusion are changing the way people build and interact with software and the internet.
Despite the impressive capabilities of these new AI models, some are still concerned about the unpredictability and consistency of AI. For example, there is a lack of transparency in the online services space, where most of the back-end work is run by AI models. Verifying that these models work as expected is a challenge. In addition, user privacy is also an issue because all the data we provide to the model API can be used to improve AI or be exploited by hackers.
ZKML may be a new way to solve these problems. By injecting verifiable and trustless attributes into machine learning models, blockchain and ZK technologies can form AI-aligned frameworks.
What is ZKML
Zero-knowledge machine learning (ZKML) in this article refers to the use of zkSNARK (a zero-knowledge proof) to prove the correctness of machine learning inference without exposing model inputs or model parameters. Depending on the privacy information, ZKML's use cases can be divided into the following types:
Public model + private data:
- Privacy-preserving machine learning: ZKML can be used to train and evaluate machine learning models on sensitive data without revealing the data to anyone else. This can be important for applications such as medical diagnostics and financial fraud detection. We've also seen some players use ZKML on biometric data authentication to build proof of humanity services.
- Proof: In a world where most online content is generated by AI, cryptography can provide a source of truth. People are trying to use ZKML to solve the deepfake problem.
Private model + public data:
- Model authenticity: ZKML can be used to ensure the consistency of machine learning models. This can be important for users to ensure that model providers don't lazily use cheaper models or get hacked.
- Decentralized Kaggle:ZKML allows participants in data science competitions to prove the accuracy of models on public test data without revealing model weights in training.
Public Model + Public Data:
- Decentralized inference: This method mainly takes advantage of the concise nature of ZKML to compress complex AI computations into on-chain proofs similar to ZK rollup. This approach distributes the cost of the model service across multiple nodes.
Since zkSNARK will become a very important technology in the crypto world, ZKML also has the potential to change the crypto landscape. By adding AI capabilities to smart contracts, ZKML can unlock more complex on-chain applications. This integration is described in the ZKML community as "giving blockchain eyes".
Technical bottlenecks
However, ZK-ML presents some technical challenges that must be solved today.
Quantization: ZKP works on the field, but the neural network is trained in floating-point numbers. This means that in order for a neural network model to be zk/blockchain friendly, it needs to be converted to a fixed-point arithmetic representation with a full computational trace. This may sacrifice model performance because the parameters are less accurate.
Cross-language translation: Neural network AI models are written in python and cpp, while ZKP circuits require rust. So we need a translation layer to convert the model to a ZKP-based runtime. Often this type of translation layer is model-specific and difficult to design a generic one.
Computational cost of ZKP: The cost of ZKP will basically be much higher than the original ML calculation. According to Modulus labs' experiments, for a 20M parameter model, it takes more than 1-5 minutes to generate a proof according to different ZK proof systems, and the memory consumption is about 20-60GB.
Smart Cost — Modulus Labs
status quo
Even in the face of these challenges, we see that ZKML has generated a lot of interest from the crypto community, and there are some great teams exploring this space.
infrastructure
Model compiler
Since the main bottleneck of ZKML is converting AI models into ZK circuits, some teams are working on basic layers such as ZK model compilers. Starting with logistic regression models or simple CNN models 1 year ago, the field has quickly moved into more complex models.
The EZKL project now supports models up to 100mm parameters. It uses the ONNX format and the halo2 ZKP system. The library also supports committing only a portion of the model.
The ZKML library already supports ZKP for GPT2, Bert and diffusion models!
ZKVM
The ZKML compiler also belongs to some of the more general realm of zero-knowledge virtual machines.
Risc Zero is a zkVM that uses the open-source RiscV instruction set, so it can support ZKP for C++ and rust. This zkDTP project shows how to convert a decision tree ML model into Rust and run it on Risc Zero.
We also see some teams trying to bring AI models on-chain through Startnet (Giza) and Alo (zero gravity).
apply
In addition to infrastructure, other teams are also beginning to explore the use of ZKML.
Challenge:
An example of a DeFi use case is an AI-driven vault where mechanisms are defined by AI models rather than fixed policies. These strategies can leverage on-chain and off-chain data to predict market trends and execute transactions. ZKML guarantees consistent models on the chain. This allows the entire process to be automated and trustless. Mondulus Labs is building RockyBot. The team trained an on-chain AI model to predict ETH prices and built a smart contract to automatically transact with the model.
Other potential DeFi use cases include AI-powered DEXs and lending protocols. Oracles can also leverage ZKML to provide a new type of data source generated from off-chain data.
Gaming:
Modulus labs has launched Leela, a chess game based on ZKML, that all users can play with a robot powered by an AI model validated by ZK. AI capabilities could bring more interactivity to existing fully on-chain games.
NFT/Creator Economy:
EIP-7007: This EIP provides an interface to use ZKML to verify that the content generated by AI for NFTs really comes from a specific model with a specific input (hint). The standard could enable AI-generated NFT collections and could even power a new type of creator economy.
EIP-7007 Project Workflow
Identity:
The Wordcoin project is providing a human proof solution based on the user's biometric information. The team is exploring the use of ZKML to enable users to generate Iris code without permission. When the algorithm that generates the IRIS code is upgraded, users can download the model and generate proofs by themselves without going to the ORB station.
The key to adoption
Considering the high cost of zero-knowledge proofs of AI models. We believe ZKML adoption can start with some cryptography-native use cases that are costly to trust.
Another market we should consider is industries where data privacy is very important, such as the healthcare industry. For this, there are other solutions such as federated learning and secure MPC, but ZKML can take advantage of blockchain's scalable incentive network.
Wider mass adoption of ZKML may depend on people losing trust in existing large AI providers. Will there be events that raise awareness across the industry and prompt users to consider verifiable AI technologies?
summary
ZKML is still in its early stages and there are many challenges to overcome. But as ZK technology improves, we think we will soon find several ZKML use cases with strong product-market fit. These use cases may seem like a good fit at first. But as the power of centralized AI grows and penetrates into every industry and even human life, people may find greater value in ZKML.