Zypher Network: How to "Make AI Agents Secure Again"?
Zypher Network: Make AI Agent Secure Again!
Zypher Network is a co-processing infrastructure centered on zero-knowledge proof (ZKP) solutions, designed to provide ZK services for all applications and infrastructures requiring zero-knowledge computation.
The Zypher Network consists of an off-chain computational network formed by distributed computing nodes and an on-chain engine called Zytron. When zero-knowledge computation tasks arise within the Zypher Network, the system assigns these tasks to computational miners and generates ZKPs, which can be verified on the Zytron chain to ensure the trustworthiness and integrity of data, transactions, and actions. Zypher’s system has already been successfully implemented in the Web3 AI gaming sector, with dozens of Web3 games currently running efficiently, securely, and reliably without relying on centralized servers.
Now, we’re working on a new zero-knowledge computation layer, providing the AI agent field with two key capabilities: Proof of Prompt and Proof of Inference. These allow the system to prove to the public that prompts and inferences are correct and unaltered while safeguarding underlying sensitive data. This ensures the verifiability and trustworthiness of prompts and inferences during the operation of AI agents.
zkPrompt
As mentioned earlier, a major issue with traditional AI Agent models is the inability to ensure the trustworthiness of prompts. This includes whether prompts have been tampered with, whether the model inference is driven by accurate prompts, and whether sensitive information within the prompts is exposed.
Zypher addresses these concerns through its zkPrompt solution within the computation layer, aiming to ensure the correctness and consistency of prompts without revealing underlying data to the public or users. This makes zk Prompt not only a key product for trustless AI Agents and decentralized application logic but also an essential component of Zypher’s trustless AI Agent development framework.
zk Prompt is delivered as an easy-to-use SDK and relies on an advanced cryptographic scheme, including primitives such as strong encryption, Pedersen commitments, and zkSNARKs (Plonk). It works seamlessly with the system's prompt initialization process by taking the initialized prompt as input, generating encrypted commitments through Zypher's ZK miner network, and constructing zero-knowledge proofs (ZKPs).
These ZKPs allow any user or third party to verify the prompts by comparing them with audited initial commitments, ensuring the accuracy and consistency of the prompt content. If the actual initialized prompt differs from the audited sample, the verification process will immediately fail, quickly identifying and addressing potential issues. This ensures transparency and reliability in system behavior.
From an operational perspective, AI Agent developers and AI Prompt application developers can utilize zk Prompt to create and define System Prompts, ensuring that AI models execute specific tasks as intended.
After a System Prompt is initialized, it is passed to the LLM model for loading. Simultaneously, an encrypted commitment is generated through a commitment scheme, and an immutable proof is created using Zypher's ZK computation network. This process records the integrity and consistency of the prompt, ensuring that it guides the model to produce expected behaviors.
For users interacting with the prompt, they can download the committed prompt and its corresponding proof file to verify the current model's behavior against the committed prompt. The verification process clearly identifies whether the prompt has been tampered with, ensuring that the prompt and the model's behavior align with the developer's original intent.
Interaction Example
zk Prompt establishes a reliable interaction mechanism among AI Agents, the ZK computation network, DApps, and smart contracts. This ensures the integrity and consistency of prompts, providing a trustworthy foundation for AI model behavior.
When AI Agent developers define and submit a System Prompt through zk Prompt, the prompt undergoes encryption to generate a commitment. Simultaneously, the AI Agent is initialized, and encryption circuits related to the prompt are created to ensure the immutability of the prompt's content within the system. At the same time, the AI Agent sends a verification key to Zypher's ZK computation network, which serves as the basis for subsequent validations.
When a DApp initiates a message or transaction request, the AI Agent receives the request and delegates the computational task to the ZK computation network. Within the ZK computation network, the execution results of the prompt are encrypted and verified through zero-knowledge proofs. These proofs not only document the task execution process but also ensure consistency between the prompt and its behavior. The generated proof file is then returned to the smart contract or DApp for further verification.
The Zytron Engine on Zypher’s blockchain verifies the zero-knowledge proof against the encrypted commitment, ensuring the accuracy of the prompt content and execution behavior. If the prompt content is tampered with or the execution deviates from the original intent, the fvgvalidation will fail, effectively preventing potential issues. This validation mechanism provides robust support for prompt reliability and ensures that the AI model consistently operates as intended by the developer.
Through collaboration with smart contracts and other blockchain components, Zypher achieves transparent and verifiable security goals, allowing seamless integration into various Web3 use cases.
Key Features of zk Prompt for AI Agents:
Data Privacy: Users can verify the correctness of prompts without accessing or knowing the specific content of system prompts, safeguarding the sensitivity of prompts.
Trust and Transparency: Zero-knowledge proofs enable users to trust that AI behavior has not been maliciously altered.
Decentralized Verification: Any user or third party can confirm the consistency of prompts and models through the verification process without relying on centralized entities.
Built on zk Prompt, the system can also extend its capabilities to Proof of Inference, ensuring that the reasoning process of the AI Agent is trustworthy and that the inference results are generated based on legitimate inputs.
Our Conclusion:
The zk Prompt solution is particularly suited for mission-critical scenarios, such as those involving financial-sensitive information or AI Agents requiring precise action directives. It provides a highly secure foundation to ensure reliability and trustworthiness.
zkInference
The application of AI Agents in the Web3 domain is becoming increasingly widespread. However, most AI Agents currently operate as "black boxes," with their reasoning processes lacking transparency and their behavior difficult to verify. This raises significant risks, especially in multiplayer games, where multiple AI Agents might collude due to being controlled by the same entity. Such collusion could disrupt the fairness of the game.
For instance, imagine a poker game where several AI Agents are controlled by the same entity. These agents could conspire to target a specific player, severely undermining the gameplay experience and fairness. The lack of verifiable mechanisms makes it challenging to regulate AI Agent behavior, posing a threat to the security of Web3 games.
To address this issue, we propose the zkInference framework. This framework uses zero-knowledge proof algorithms to ensure that AI Agents strictly adhere to predefined rules or AI model operations, guaranteeing their decision-making processes align with principles of fairness, accuracy, and security. This approach allows the behavior of AI Agents to be verified without exposing the underlying models or data. Consequently, zkInference effectively prevents collusion and malicious behavior among multiple AI Agents, safeguarding the fairness and security of Web3 games.
Framework Features
Verifiability: Leverages zero-knowledge proof technology to validate AI Agent behavior without exposing the underlying model or data.
Anti-Collusion: Effectively prevents collusion between different AI Agents, ensuring a fair gaming experience.
Unlimited Computing Power: Provides a decentralized mining market to offer unlimited computational resources for Verifiable AI Agents.
Flying Chess Game: A Showcase of zkInference
We‘re going to create a game meticulously crafted based on the zkInference framework- Flying Chess Game, designed to provide a fair and transparent gaming environment. The core gameplay involves one player competing against three AI Agents. However, in scenarios where AI Agent behavior is challenging to verify, ensuring that AI Agents do not collaborate or act under the control of the same entity becomes critical. To address this, we innovatively combine game theory with the zkInference framework. Specifically, zk circuits ensure that each AI Agent operates independently, maximizing its own benefits throughout the game, effectively preventing collusion.
Game Theory and MinMax Algorithm
We adopt the classic MinMax algorithm from game theory. The MinMax algorithm, a game tree search algorithm, is particularly suited for solving zero-sum games. In a zero-sum game, one player's gain is always another player's loss, maintaining a net sum of zero. Applying the MinMax algorithm to Flying Chess means that each player strives to maximize their chances of winning.
The MinMax algorithm constructs a game tree recursively, exploring all possible moves. At each node of the game tree, the algorithm evaluates the current state and selects the optimal move based on the node type (maximizing or minimizing).
Through this approach, our Flying Chess game not only ensures the independence and fairness of AI Agent behavior but also enhances the game’s strategic depth and competitiveness using the MinMax algorithm.
The Path Ahead
Despite the rapid advancement of AI technologies, the full adoption of fully autonomous AI Agents remains constrained by challenges in security, ethics, and practicality. On the other hand, semi-autonomous AI Agents—striking a balance between automation and human oversight—are likely to remain the dominant trend in the near future. This highlights the urgent need for advancements in trust and privacy technologies before large-scale adoption can be realized.
We will accelerate this progress through fully ZKP-based cryptographic solutions and lay a robust foundation for the next phase of development in the AI Agent industry's evolution.
For more zypher details, please refer to our documentation: