Dragonfly Capital 合伙人：去中心化推理的信任问题与验证挑战

Assuming that you want to run a large language model like this, such a huge model needs more memory, which means that you can't run the original model on your home computer. What choice do you have? You may jump to the cloud provider, but you may not be too keen to trust a single centralized company to handle this workload and collect all the usage data for you, then what you need is decentralized reasoning, which can make you independent of any single mention. It is not enough to run the machine learning model and trust the output in a decentralized network. Suppose I ask the network to use it to analyze the governance dilemma. How do I know that it is actually not used? It has provided me with a worse analysis and pocketed the difference. In a centralized world, you may believe that companies like this will do this honestly because their reputation is threatened, and the quality is self-evident to some extent, but in a decentralized world. Honesty is not hypothetical but verified, which is where verifiable inference comes into play. In addition to providing a response to the query, you can also prove that it works correctly on the model you requested, but how? The simplest way is to run the model as a smart contract on the chain, which will definitely ensure that the output is verified, but this is very unrealistic. It means that if you want to do a matrix multiplication of this scale on the chain, it will cost about 100 million dollars at the current price. Calculation will fill every block for about a month in a row, so no, we need a different method. After observing the whole situation, I know that there have been three main methods to solve verifiable reasoning, zero-knowledge proof, optimistic fraud proof and encryption economics, each of which has its own security and cost impact. Imagine that you can prove that you have run a large model, but no matter how big the model is, it is actually a fixed size. This is what the magic of passing bears. Although it sounds elegant in principle, it is extremely difficult to compile the deep neural network into a zero-knowledge circuit and prove it, and its cost is also very high. At least you may see times the reasoning cost and times the delay in generating the proof, not to mention compiling the model itself into a circuit before all this happens. Eventually, the cost must be passed on to the user, so it will eventually be very expensive for the end user. On the other hand, it is the only way to ensure the correctness through cryptography. No matter how hard a provider tries, it can't cheat, but the cost of doing so is huge, which makes it impractical for a large model in the foreseeable future. An example of optimistic fraud proves that the optimistic method is trust, but we assume that the inference is correct unless it is proved otherwise. If a node tries to cheat, observers in the network can point out cheaters and use fraud proof to challenge them. These observers must always observe the chain and rerun the inference on their own models to ensure that. The output is correct. These frauds prove to be style interactive challenge response games. You can repeatedly divide the execution trajectory of the model in the chain until you find an error. If this happens, the cost will be very high because these programs are very large and have huge internal states. The cost of a single reasoning is about floating-point operation, but the game theory shows that this situation will almost never happen. As we all know, fraud proves to be difficult to code correctly because the code will almost never be attacked in production. Optimistic is good. The point is that as long as there is an honest observer paying attention to machine learning, the cost is safer than cheaper, but please remember that every observer in the network will rerun each query on his own, which means that if there is an observer, the security cost must be passed on to the users, so they will have to pay more than twice the reasoning cost, or no matter how many observers are as optimistic as the summary, the disadvantage is that you have to wait for the challenge period to pass before you can be sure that the response has been verified, but according to the network parameterization. You may have to wait a few minutes instead of a few days. Although encryption economics is not specified at present, here we give up all fancy technologies and do simple things. Equity-weighted voting users decide how many nodes should run their queries, and each node will display their responses. If there is a difference between the responses, then strange nodes will be cut off from the standard prediction machine. This is a more direct way for users to set the security level they want. Balance cost and trust. If they are doing machine learning, they will do so. The delay here is very fast. You only need the submission display of each node. If it is written into the blockchain, it may technically happen in two blocks. However, if it is cunning enough, most nodes can rationally choose collusion as users. You must infer how risky these nodes are and how much cheating will cost, that is to say, using things such as remortgage and attributable security. The network can effectively provide insurance in the case of security failure, but the advantage of this system is that users can specify the degree of security they want. They can choose to include nodes or nodes or every node in the network in arbitration, or if they want, they can even choose the cost function here. It is very simple that users pay for the legal number of nodes they want. If they choose, they need to pay twice the reasoning cost. Here is a thorny question: Can you make security in a simple one? In the single implementation, if no one checks a single node, you should cheat every time, but I doubt that if you encrypt the query and pay by intention, you may be able to confuse the nodes. They are actually the only nodes that respond to this task. In this case, you may be able to charge ordinary users less than twice the reasoning cost. The final encryption economic method is the simplest, easiest and possibly cheapest, but it is the least sexy in principle and the least secure, but as always, the details are decided. Examples of success or failure Although it is not specified why verifiable machine learning is difficult at present, you may want to know why we don't have all this. After all, in essence, the machine learning model is only a very large computer program. For a long time, the correct execution of the program has been the basis of the blockchain. This is why these three verification methods reflect the way that the blockchain protects its block space, and it is not surprising that most blockchains use encryption economics. We have come up with basically the same solution, so what makes it difficult to apply it to machine learning? 比特币今日价格行情网_okx交易所app_永续合约_比特币怎么买卖交易_虚拟币交易所平台

注册有任何问题请添加 微信：MVIP619 拉你进入群

文章转载注明 网址：https://netpsp.com/?id=56535