A16z: Exploring four new business models under the fusion of AI and blockchain

Original video: Web3 with a16z, AI Crypto
Original author: Dan Boneh (professor at Stanford University, senior research consultant at a16z crypto), focuses on cryptography, computer security, and machine learning; Ali Yahya (general partner at a16z crypto), formerly worked at Google Brain, and is one of the core contributors to Google's machine learning library TensorFlow.
Compiled by Qianwen, ChainCatcher
Stephen King once wrote a science fiction novel called The Diamond Age, in which there is an artificial intelligence device that acts as a mentor to people throughout their lives. When you are born, you are paired with an artificial intelligence that knows you very well - knows your preferences, follows you throughout your life, helps you make decisions, and guides you in the right direction. This sounds great, but you never want such technology to fall into the hands of a middleman giant. Because this will give the company a lot of control and extend a series of privacy and sovereignty issues.
We want this technology to be truly mine, and so a vision emerges that you can do this with blockchain. You can embed AI in smart contracts. Keep data private with the power of zero-knowledge proofs. Over the next few decades, this technology will get smarter and smarter. You can choose to do whatever you want with it, or change it in any way you want.
So what is the relationship between blockchain and artificial intelligence? What kind of world will artificial intelligence lead us to? What is the current status and challenges of artificial intelligence? What role will blockchain play in this process?
AI and blockchain: The competition
The development of artificial intelligence, including the scenario described in "The Diamond Age", has always existed, but it has only recently experienced a leap in development.
First, AI is very much a top-down, centralized technology. Crypto is a bottom-up, decentralized, collaborative technology. In many ways, cryptocurrency is the study of how to build decentralized systems that enable large-scale human collaboration without a real central controller. In that respect, this is a natural way for the two technologies to merge.
AI is a sustainable innovation that reinforces the business models of existing technology companies and helps them make top-down decisions. The best example of this is Google, which can decide what content is presented to users across billions of users and billions of page views. Cryptocurrency is inherently a disruptive innovation, and its business model is fundamentally at odds with the business models of large technology companies. Therefore, this is a movement led by fringe rebels rather than those in power.
Therefore, artificial intelligence may be closely related to all aspects of privacy protection, and the two promote and interact with each other. As a technology, artificial intelligence has established various incentive mechanisms, resulting in less and less privacy for users, because companies want to obtain all our data. And artificial intelligence models trained based on more and more data will become more and more effective. On the other hand, artificial intelligence is not perfect, and the model may be biased, which may lead to unfair results. Therefore, there are many papers on algorithm fairness at this stage.
I think we're on a path to AI where everyone's data is aggregated into these massive model trainings to optimize the models. Cryptocurrency is going in the opposite direction, increasing personal privacy and empowering users to control their data sovereignty. It can be said that encryption technology is a counter-technology to AI because it helps us distinguish between human or AI-created content from abundant content. In a world flooded with AI-created content, encryption technology will become an important tool for maintaining and preserving human content.
Cryptocurrency is the Wild West because it is completely permissionless and anyone can participate. You have to assume that some of the parties involved are malicious. So now there is a greater need for tools to help you filter out honest participants from dishonest participants, and machine learning and artificial intelligence as a smart tool are actually very helpful in this regard.
For example, there are projects that use machine learning to identify suspicious transactions submitted to a wallet. This way, these transactions of the user will be marked and submitted to the blockchain. This can be a good way to prevent users from accidentally submitting all their funds to an attacker or doing something they will regret later. Machine learning can also be used as a tool to help you determine in advance which transactions may have mev.
Just as LLM models can be used to detect false data or malicious activity, in turn, these models can be used to generate false data. The most classic example is deep fakes. You can create a video of someone saying something that they never said. But blockchain can actually help alleviate this problem.
For example, there are timestamps on the blockchain that show that you said such and such on this date. If someone fakes a video, then you can use the timestamp to deny it. All of this data, the real real data is recorded on the blockchain and can be used to prove that this deep fake video is really fake. So I think blockchain may help fight forgery. We can also rely on trusted hardware to achieve this. Devices like cameras and our phones sign the images and videos they take as a standard. It's called C 2 PA, and it specifies how cameras sign data. In fact, there is a camera from Sony right now that can take photos and videos and then generate a C 2 PA signature on the video. This is a very complicated topic, so we won't go into it here.
Normally, when newspapers publish pictures, they don't publish the pictures exactly as they were taken by the camera. They crop them and do some licensing work on the pictures. Once you start editing the pictures, it means that the recipient, the end reader, the user on the browser is not seeing the original picture, and it is impossible to verify the C2PA signature.
The question is, how can you give the user confirmation that the image they are seeing is indeed correctly signed by the C 2 PA camera? This is exactly where ZK technology comes in, you can prove that the edited image is actually the result of downsampling and grayscale scaling of the correctly signed image. In this way, we can replace the C 2 PA signature with a simple ZK proof and correspond one-to-one with these images. Now, the reader can still confirm that they are seeing the real image. Therefore, ZK technology can be used to fight this information.
How can blockchain break the deadlock?
Artificial intelligence is essentially a centralized technology. It benefits greatly from economies of scale, as running on a single data center makes things more efficient. In addition, data, machine learning models, machine learning talent, etc. are usually controlled by a few technology companies, so how can we break the deadlock? Cryptocurrency can help us achieve the decentralization of artificial intelligence by using technologies such as ZKML, which can be applied to data centers, databases, and machine learning models themselves. For example, in computing, using zero-knowledge proofs, users can prove that the actual process of reasoning or training models is correct.
This way, you can outsource this process to a large community. In this distributed process, anyone with a GPU can contribute computing power to the network and train the model in this way without having to rely on a large data center with all the GPUs centralized.
It's not certain whether this makes sense from an economic perspective. But at least with the right incentives, you can achieve a long tail effect. You can use all the GPU power that may exist. Let all these people contribute computing power for model training or inference running, which will replace the large technology companies that control everything. To achieve this, various important technical problems must be solved. In fact, there is a company called NVIDIA that is building a decentralized GPU computing market, mainly for training machine learning models. In this market, anyone can contribute their GPU computing power. On the other hand, anyone can use any computing that exists in the network to train their large machine learning models. This will become an alternative to centralized large technology companies such as OpenAI, Google, Metadata, etc.
Imagine a situation where Alice has a model that she wants to protect. She wants to send it to Bob in encrypted form, and Bob now receives the encrypted model and needs to run his data on it. How do you do this? You use what is called fully homomorphic encryption to compute encrypted data. If you have the encrypted model and the plaintext data, you can run the encrypted model on the plaintext data and receive and get the encrypted result. You send the encrypted result back to Alice, and she can decrypt and see the plaintext result.
This is actually technology that already exists. The question is, the current technology works well for medium-sized models, can we scale it up to larger models? This is a considerable challenge that requires the efforts of more companies.
Current situation, challenges and incentive mechanisms
I think there's going to be a decentralization of computation. The first is the verification problem, which you can solve with ZK, but currently those techniques can only handle smaller models. The challenge is that the performance of these cryptographic primitives is far from what you need to train or infer very large models. So there's a lot of work going on to improve the performance of the proof process so that you can prove larger and larger amounts of work efficiently. At the same time, some companies are using other techniques that are not just cryptographic techniques. Instead, they use game-theoretic techniques where they have more people working independently of each other. This is a game-theoretic optimistic approach that doesn't rely on cryptography, but it's still consistent with the larger goal of decentralizing AI or helping to create an AI ecosystem. This is a goal that companies like openai have proposed.
The second big problem is the distributed systems problem. For example, how do you coordinate a large community to contribute GPs to a network so that it feels like an integrated, unified computing substrate? There are many challenges, such as how to decompose the workload of machine learning in a reasonable way and assign different workloads to different nodes of the network, and how to do all this efficiently.
Current technology can basically be applied to medium-sized models, but it cannot be applied to models as large as GPT 3 or GPT 4. Of course, we have other methods. For example, we can let multiple people conduct training and then compare the results, so that there is a game theory incentive mechanism. Incentivize people not to cheat. If someone cheats, others may complain that the training results they calculated are incorrect. In this way, the cheater will not be rewarded. We can also disperse the data sources in the community to train large machine learning models. Similarly, we can also collect all the data and train the model ourselves instead of having a centralized institution in charge. This can be achieved by creating a kind of market. This is similar to the computing market we just described.
We can also look at it from an incentive perspective, encouraging people to contribute new data to a large dataset, which can then be used to train models. The difficulty here is similar to the verification challenge. You have to verify in some way that the data people contribute is indeed good data. These data are neither duplicate data, nor randomly generated junk data, nor are they unreal data generated in some way.
Also, make sure the data doesn't subvert the model in some way, otherwise the model performance will actually get worse. Maybe we have to rely on a combination of technical solutions and social solutions, in which case you can also build credibility through some kind of site metrics that community members can get, so that when they contribute data, the data is more credible than it was before.
Otherwise, it will take a very long time to truly cover the data distribution. One of the big challenges of machine learning is that the model can actually only cover the distribution range that the training data set can reach. If there are some inputs that are far outside the distribution range of the training data, then your model may actually behave completely unpredictably. In order for the model to perform well in edge cases, black swan data points, or data inputs that may be encountered in the real world, we need a dataset that is as comprehensive as possible.
So if you have this open, decentralized marketplace for data sets, and you can have anyone in the world that has unique data provide that data to the network, that's a much better way to do it. Because if you try to do it as a centralized company, you have no way of knowing who owns that data. So if you can create an incentive for these people to step up and provide that data, then I think you can actually get significantly better coverage of the long tail of data.
So we must have some mechanism to ensure that the data you provide is authentic. One way is to rely on trusted hardware, embed some trusted hardware in the sensor itself, and we only trust the data correctly signed by the hardware. Otherwise, we must have other mechanisms to distinguish the authenticity of the data. There are currently two important trends in machine learning. First, the performance measurement methods of machine learning models are constantly improving, but they are still in the early stages and it is actually difficult to judge the performance of another model. Another trend is that we are getting better and better at explaining how the model works.
So based on these two points, at some point I might be able to understand the impact of datasets on the performance of machine learning models. If we can understand whether a dataset contributed by a third party contributes to the performance of a machine learning model, then we can reward that contribution and create incentives for that market to exist. Imagine if you could create an open market for people to contribute trained models that solve a certain type of problem, or if you created a smart contract that had some kind of test embedded in it, and if someone could provide a model using zkml and prove that the model solves that test, that's one way to end it. You now have the tools you need to create a market that is incentivized when people contribute machine learning models that solve certain problems.
How do AI and encryption form a business model?
I think the vision behind the intersection of cryptocurrency and AI is that you can create a set of protocols that distribute the value captured by this new technology, AI, to more people, so that everyone can contribute and everyone can share the benefits of this new technology.
Therefore, the people who can profit will be those who contribute computing power, those who contribute data, or those who contribute new machine learning models to the network, so that better machine learning models can be trained to solve more important problems.
The demand side of the network can also profit. They use this network as infrastructure to train their own machine learning models. Maybe their models can contribute to something interesting, like the next generation of chat tools. In these models, since these companies will have their own business models, they themselves can drive value capture.
The people who build this network will also benefit. For example, a token will be created for the network and distributed to the community. All of these people will have collective ownership of this decentralized network for computing data and models, and can also capture some of the value of all economic activity that takes place through this network.
You can imagine that every transaction that goes through this network, every payment method that pays for computation, data, or models, could be charged a fee that goes into a treasury that is controlled by the entire network. And the token holders collectively own the network. That's essentially the business model of the network itself.
Artificial Intelligence Promotes Code Security
A lot of our listeners may have heard of co pilot, which is a tool for generating code. You can try to use these co-generation tools to write solidity contracts or cryptographic code. I want to emphasize that it is actually very dangerous to do so. Because a lot of times when you try to run, these systems will actually generate code that works but is not safe.
We actually wrote a paper about this recently, where we showed that if you try to take a collaborative pilot and write a simple encryption function, it provides the correct encryption function, but it uses an incorrect mode of operation, so you end up with an insecure encryption mode.
You might ask, why does this happen? One reason is that these models are basically trained on existing code, they are trained on github repositories. A lot of github repositories are actually vulnerable to various attacks. So the code learned by these models works, but it is not secure. It's like garbage out of garbage. So I hope people will be very careful when using these generative models to generate code and double-check that the code actually does what it is supposed to do and does it securely.
You can use AI models, combined with other tools to generate code, to ensure that the whole process is error-free. For example, one idea is to use the LLM model to generate specifications for a formal verification system, and ask the LLM to generate a specification for the formal verification tool. Then, ask the same LLM instance to generate a program that meets the specification, and then use the formal verification tool to see if the program actually meets the specification. If there are bugs, the tool will catch them. These errors can be fed back to the LLM as feedback, and then ideally, the LLM can modify its work and then generate another correct version of the code.
Finally, if you repeat the operation, you will eventually have a piece of code that, ideally, fully satisfies this return value and is formally verified to satisfy this return value. And, since humans can read this backtrace, you can see from this backtrace that this is the program I wanted to write. In fact, there have been many attempts to evaluate LLM's ability to find software vulnerabilities, such as solidarity smart contracts, C, and C plus.
So, will we get to a point where the code generated by an LLM is less likely to contain bugs than the code generated by a human? For example, when we talk about autonomous driving, do we care about whether it is less likely to crash than a human driver? I think this trend will only get stronger and stronger, and the degree to which AI technology is integrated into existing tool chains will also increase.
You can integrate it into your formal verification toolchain, you can integrate it into other tools, like the ones mentioned earlier that check for memory management issues. You can also integrate it into your unit testing and integration testing toolchains, so that the LLM isn't just acting in a vacuum. It can get real-time feedback from other tools that connect it to ground truth.
I think that the combination of very large machine learning models trained using all the data in the world, coupled with these other tools, could make it possible for computer programs to be better than human programmers. Even if they still make mistakes, they could be superhuman. This would be a major moment for software engineering.
Artificial Intelligence and Social Graphs
Another possibility is that we might be able to build decentralized social networks that actually behave a lot like Weibo, but the social graph is actually completely on-chain. It's almost like a public product that anyone can build on top of. As a user, you control your identity on the social graph. You control your data, control who you follow, and who can follow you. In addition, there are a large number of companies that build portals into the social graph to provide users with experiences similar to Twitter, Instagram, Tick Tock, or whatever else they want to build.
But it’s all built on the same social graph, and no one owns it, and there’s no multi-billion dollar tech company in the middle that completely controls it.
That’s an exciting world to be in because it means it can be a more vibrant, collaborative ecosystem where every user has more control over what they see and do on the platform.
But at the same time, users also need to filter the signal from the noise. For example, reasonable recommendation algorithms need to be developed to filter all the content and show you the news sources that you actually want to see. This will open the door to a whole market, a competitive environment composed of players who provide services. You can use algorithms, use artificial intelligence-based algorithms to curate content for you. As a user, you can decide whether to use a specific algorithm, perhaps the algorithm built by Twitter, or other algorithms. But equally, you also need tools like "machine learning" to help you filter the noise and help you parse all the garbage information in this world where generative models can create all the garbage information in the world.
Why is human proof important?
A very relevant question is, in a world flooded with AI-generated fake content, how do you prove that you are indeed human?
Biometrics is one possible direction, and one project called World Coin uses retinal scans as biometric information to verify whether you are a real person, to ensure that you are actually a living person, not just a photo of your eyes. This system has secure hardware that is difficult to tamper with, so the proof that appears on the other end, which is a zero-knowledge proof that masks your actual biometric information, is difficult to forge in this way.
On the internet, nobody knows you're a bot. So I guess this is where proof of humanity projects become really important, because knowing whether you're interacting with a bot or a human is going to be really important. If you don't have proof of humanity, then you can't tell if an address belongs to one person or a group of people, or if 10,000 addresses really belong to one person or are just pretending to be 10,000 different people.
This is critical in governance. If every participant in a governance system can prove that they are in fact human, and they can prove that they are human in a unique way because they only have one set of eyeballs, then the governance system will be much more fair and less plutocracy (based on preferences for the largest amount of money locked in some smart contract).
Artificial Intelligence and Art
AI models mean we’re going to live in a world of infinitely rich media, a world where the community around any particular piece of media or the narrative around any particular piece of media is going to become increasingly important.
For example, Sound.xyz is building a decentralized music streaming platform that allows artists and musicians to upload music and then connect directly with our community by selling NFTs to them. For example, you can comment on a track on the sound dot xyz website so that other people who play the song can also see the comment. This is similar to the previous sound cloud function. The act of buying NFTs is also supporting artists and helping them achieve sustainability and create more music. But the beauty of all this is that it actually provides artists with a platform to truly interact with the community. Artists are everyone's artists.
Because of what cryptocurrency does here, you can create a community around a piece of music that wouldn’t exist if the piece of music was just created by a machine learning model without any human element.
A lot of the music we’re going to be exposed to is going to be completely AI-generated, and the tools to build communities and tell stories around art, around music, around other types of media are going to be really important in differentiating the media that we actually care about and actually want to invest in and spend time with from the rest of the media that’s out there.
There may be some synergies between the two, for example, a lot of music will be enhanced or generated by AI. But if there are human elements involved, for example, creators use AI tools to create a new piece of music, they have their own sound characteristics, they have their own artist page, their own community, and their own followers.
Now, there's a synergy between those two worlds where we have the best music because of the superpowers that AI has given us, but at the same time, we have the human element and the story that's orchestrated and enabled by crypto, which allows you to bring all of these people together on one platform.
It’s definitely a brave new world when it comes to content generation. So how do we differentiate between human-generated art, which needs to be supported, and machine-generated art?
This actually opens the door to collective art, art that is generated through the creative process of the entire community, rather than a single artist. There are already some projects doing this, in which the community influences the chain through some voting procedures to generate artworks based on the prompts of the machine learning model. Maybe you don't generate one piece of art, but 10,000 pieces. Then you use another machine learning model, which is also trained based on the feedback of the community, and it can select the best one from these 10,000 works.