Introduction

opp/ai (Optimistic Privacy-Preserving AI), invented by ORA, is an onchain AI framework designed to address the challenges of privacy and computational efficiency in blockchain-based machine learning systems. ^[1] It integrates the privacy guarantees of Zero-Knowledge Machine Learning (zkML) with the efficiency of Optimistic Machine Learning (opML), creating a hybrid model for secure AI services onchain. ^[2] The framework is designed to be flexible, meaning that advances in the underlying zkML technology can be directly incorporated into opp/ai.

Technology

The opp/ai framework is a hybrid that combines two core technologies to balance privacy with efficiency.

zkML (Zero-Knowledge Machine Learning)

Zero-Knowledge Machine Learning (zkML) is used in the opp/ai framework to provide privacy. It leverages zero-knowledge proofs (ZKPs) to verify computations without revealing the underlying sensitive data or model parameters. ^[1] This allows for the protection of confidential information during AI inference. However, generating ZKPs is computationally intensive and can be costly, which is a primary reason for opp/ai's hybrid approach. ^[2]

opML (Optimistic Machine Learning)

Optimistic Machine Learning (opML) is used to ensure computational efficiency. Unlike zkML, opML uses a fraud-proof system where ML results are executed off-chain and submitted to the blockchain with an optimistic assumption of their correctness. ^[1] These results are subject to a challenge period during which they can be disputed. This method significantly reduces the onchain computational load, offering a more scalable and efficient solution for integrating ML with blockchain technology. ^[2]

How it Works

The opp/ai framework operates by strategically partitioning a machine learning model into different submodels based on its privacy requirements. This creates a hybrid execution model that balances privacy and efficiency. ^[2]​

• zkML Submodels: Components that handle proprietary algorithms or sensitive data are designated as zkML submodels. These are executed using Zero-Knowledge Proofs to maintain the confidentiality of the model weights or data.
• opML Submodels: Components where efficiency is prioritized over privacy are designated as opML submodels. These are executed off-chain using the optimistic approach.

The outputs from the zkML submodels can serve as inputs for the opML submodels, allowing for a seamless integration of the two systems. For the opML components, disputes are resolved through an interactive game that utilizes a Fraud Proof Virtual Machine (FPVM) to verify computation steps onchain. ^[1]​

A primary application of this is concealing specific fine-tuning weights of a model where the majority of the weights are already public. For example, the proprietary LoRA weights in the attention layers of an open-source model like Stable Diffusion can be protected using the opp/ai framework. This preserves the competitive advantage of the unique adaptations while the base model remains accessible. ^[1]​

Use Cases

• Proprietary Fine-Tuned Models: opp/ai can conceal fine-tuning weights for models where most weights are public, such as protecting custom LoRA weights in open-source generative AI models. This is crucial for preserving proprietary enhancements made to publicly shared models. ^[1]
• Individual Voice Tuning: Text-to-voice service providers can use opp/ai to protect personalized voice models tailored to an individual's sensitive voice data. The framework ensures the model's parameters remain confidential while the service is verifiably offered to users.
• Financial Sector: Trading algorithms, which are highly valuable and contain sensitive strategies, can be protected. A financial firm could use opp/ai to conceal the proprietary weights of a model specifically tuned to its trading strategy, allowing for secure and verifiable onchain trading operations without exposing trade secrets.
• Gaming Industry: AI models used for non-player characters (NPCs) can be fine-tuned to create unique and engaging behaviors. Developers can use opp/ai to hide the fine-tuned weights, protecting their competitive edge and preventing others from easily copying unique NPC strategies.