Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Trust the Process: Zero-Knowledge Machine Learning to Enhance Trust in Generative AI Interactions

Bianca-Mihaela Ganescu, Jonathan Passerat-Palmbach

TL;DR

The paper addresses the lack of guarantees for fairness and accuracy in remote generative AI by introducing zero-knowledge machine learning (ZKML) as a cryptographic audit approach. It presents snarkGPT, a practical zkSNARK-based verifier pipeline for GPT-2-like transformers, and demonstrates its feasibility on nanoGPT, including adaptations to fit finite-field arithmetic and Halo2/EZKL constraints. Through extensive empirical evaluation, the authors analyze how model scale, circuit size, and architectural choices impact proof time and memory, revealing transformer-specific overheads and constraints. The work argues that cryptographic proofs can provide uniform, auditable performance across users without revealing proprietary weights, thereby enabling transparent and trustworthy AI deployments. Overall, it lays the groundwork for an integrated, privacy-preserving fairness framework in generative AI, with clear directions for improving scalability and applicability beyond GPT architectures.

Abstract

Generative AI, exemplified by models like transformers, has opened up new possibilities in various domains but also raised concerns about fairness, transparency and reliability, especially in fields like medicine and law. This paper emphasizes the urgency of ensuring fairness and quality in these domains through generative AI. It explores using cryptographic techniques, particularly Zero-Knowledge Proofs (ZKPs), to address concerns regarding performance fairness and accuracy while protecting model privacy. Applying ZKPs to Machine Learning models, known as ZKML (Zero-Knowledge Machine Learning), enables independent validation of AI-generated content without revealing sensitive model information, promoting transparency and trust. ZKML enhances AI fairness by providing cryptographic audit trails for model predictions and ensuring uniform performance across users. We introduce snarkGPT, a practical ZKML implementation for transformers, to empower users to verify output accuracy and quality while preserving model privacy. We present a series of empirical results studying snarkGPT's scalability and performance to assess the feasibility and challenges of adopting a ZKML-powered approach to capture quality and performance fairness problems in generative AI models.

Trust the Process: Zero-Knowledge Machine Learning to Enhance Trust in Generative AI Interactions

TL;DR

The paper addresses the lack of guarantees for fairness and accuracy in remote generative AI by introducing zero-knowledge machine learning (ZKML) as a cryptographic audit approach. It presents snarkGPT, a practical zkSNARK-based verifier pipeline for GPT-2-like transformers, and demonstrates its feasibility on nanoGPT, including adaptations to fit finite-field arithmetic and Halo2/EZKL constraints. Through extensive empirical evaluation, the authors analyze how model scale, circuit size, and architectural choices impact proof time and memory, revealing transformer-specific overheads and constraints. The work argues that cryptographic proofs can provide uniform, auditable performance across users without revealing proprietary weights, thereby enabling transparent and trustworthy AI deployments. Overall, it lays the groundwork for an integrated, privacy-preserving fairness framework in generative AI, with clear directions for improving scalability and applicability beyond GPT architectures.

Abstract

Generative AI, exemplified by models like transformers, has opened up new possibilities in various domains but also raised concerns about fairness, transparency and reliability, especially in fields like medicine and law. This paper emphasizes the urgency of ensuring fairness and quality in these domains through generative AI. It explores using cryptographic techniques, particularly Zero-Knowledge Proofs (ZKPs), to address concerns regarding performance fairness and accuracy while protecting model privacy. Applying ZKPs to Machine Learning models, known as ZKML (Zero-Knowledge Machine Learning), enables independent validation of AI-generated content without revealing sensitive model information, promoting transparency and trust. ZKML enhances AI fairness by providing cryptographic audit trails for model predictions and ensuring uniform performance across users. We introduce snarkGPT, a practical ZKML implementation for transformers, to empower users to verify output accuracy and quality while preserving model privacy. We present a series of empirical results studying snarkGPT's scalability and performance to assess the feasibility and challenges of adopting a ZKML-powered approach to capture quality and performance fairness problems in generative AI models.
Paper Structure (21 sections, 5 tables)

This paper contains 21 sections, 5 tables.

Table of Contents

  1. Introduction
  2. Background
  3. zkSNARKs
  4. Halo2
  5. EZKL
  6. Generative AI: from GPT down to nanoGPT
  7. Related work
  8. ZKML
  9. Fairness
  10. A provably fair GPT prototype: SNARKGPT
  11. A protocol fostering performance fairness
  12. nanoGPT adaptations
  13. Empirical feasibility evaluation
  14. Overview
  15. Scaling Up the Model
  16. ...and 6 more sections