A brief review by former Ethereum Foundation zkML researcher on Vitalik's new work Crypto+AI
Written by: Cathie, Hyper Oracle
Preliminary Summary
Vitalik Buterin's latest article explores the intersection of blockchain and artificial intelligence (AI), focusing on how AI can be applied in the crypto world and discussing four intersections: AI as a participant, AI as an interface, AI as rules, and AI as a goal.
The article discusses the prospects and challenges at these intersections, emphasizing the issues of adversarial machine learning attacks and cryptographic overhead. It mentions the possibility of using cryptographic forms like zero-knowledge proofs to hide the internal workings of models, while also pointing out the challenges posed by cryptographic overhead and black-box adversarial machine learning attacks.
Finally, the article discusses the technology for creating scalable decentralized privacy AI and considers applications in AI safety and AI as game objectives. The conclusion emphasizes the need for cautious practice in these areas but expresses optimism about the prospects of the intersection between blockchain and AI.
"Prospects and Challenges of Crypto + AI Applications"
In Vitalik's latest article, he discusses the intersection of artificial intelligence and cryptography, presenting two main challenges: cryptographic overhead and black-box adversarial machine learning attacks.
Vitalik believes there is great potential for artificial intelligence in the direction of cryptocurrency. AI can play a key role in improving cryptocurrency, such as serving as a "game interface" or "game rules."
Challenge: Cryptographic Overhead
a) Has the cryptographic overhead issue been resolved?
While Vitalik believes that AI x Crypto has great potential, he points out that one of the main objections is cryptographic overhead. The most mainstream on-chain AI/ML method currently is zkML, which compiles ML models into zk circuits, allowing for cryptographic proof verification on-chain.
"AI computation is already expensive," and with cryptography, it becomes even slower.
Vitalik believes that the issue of cryptographic overhead has been partially addressed:
- AI computation and its cryptographic overhead are suitable for high acceleration and do not have "unstructured" computation types like zkEVM.
- Over time, more efficient zk cryptographic schemes will be invented, significantly reducing overhead.
b) Currently, the additional overhead is 1000 times.
However, this approach is far from practical, especially for the use cases described by Vitalik. Here are some relevant examples:
- The zkML framework EZKL takes about 80 minutes to generate a proof for a 1M-nanoGPT model.
- According to Modulus Labs, zkML has an overhead of >>1000 times compared to pure computation, with the latest reported figure being 1000 times.
- According to EZKL's tests, the average proof time for RISC Zero's random forest classification is 173 seconds.
In practice, waiting several minutes for a readable explanation of a transaction generated by AI is unacceptable.
2. Solving Through opML
a) opML: Optimistic Machine Learning
At the end of the article, Vitalik mentions, "I look forward to seeing more constructive use cases of artificial intelligence in all these areas, so we can see which ones are truly viable for scaling." We believe that zkML is not "viable" at this stage for achieving the aforementioned applications.
As the inventor of opML and the creator of its first open-source implementation, we believe that opML can solve the cryptographic overhead problem through game theory, making AI x Crypto feasible right now.
b) Achieving Security Through Incentives
opML addresses the cryptographic overhead issue of on-chain ML while ensuring security. For simplicity, we can use Arbitrum's AnyTrust assumption to evaluate the security of the opML system.
The AnyTrust assumption states that there is at least one honest node for each claim, ensuring that either the submitter or at least one verifier is honest. Under AnyTrust, security and validity are maintained:
- Security: An honest verifier can enforce correct behavior by challenging the erroneous results of malicious nodes, thus punishing through an arbitration process.
- Validity: Proposed results are either accepted within the longest time frame or rejected.
Comparing "AnyTrust" and "Majority Trust," opML's "AnyTrust" model is more secure. "AnyTrust" maintains high security and outperforms "Majority Trust" under various conditions.
c) User Privacy > Model Privacy
Vitalik also discusses the issue of model privacy in the article. In fact, for most models (especially the small models currently supported in practice by zkML), the model can be reconstructed through sufficient inference.
For general privacy, especially user privacy, opML seems to lack inherent privacy features due to the need to maintain the public nature of challenges. By combining zkML and opML, we can achieve the right level of privacy, ensuring security and irreversible obfuscation.
d) Implementing AI x Crypto Use Cases
opML can already run Stable Diffusion and LLaMA 2 directly on Ethereum. The four categories mentioned by Vitalik (AI as player/interface/rules/goal) can already be implemented through opML without any additional overhead.
We are actively exploring the following use cases and directions:
- AIGC NFT (ERC-7007), 7007 Studio won at the Story Protocol Hackathon
- On-chain AI games (such as Dungeons and Dragons)
- Prediction markets using ML
- Content authenticity (Deepfake verifier)
- Compliant programmable privacy
- Prompt market
- Reputation/credit scoring
3. Conclusion
With opML, we can eliminate the challenges posed by cryptographic overhead, preserving decentralization and verifiability, making AI x Crypto feasible right now.