We have extended the functionality of Omron, Bittensor SN2, to include the use of Trusted Execution Environments (TEEs) as a means of verification and Proof-of-Inference. Miners compete against each other to be the best in performance, and only the top miners receive rewards from the Bittensor network.
Trusted Execution Environments (TEEs) provide a secure way of executing Trusted Apps (TAs). This enables 3rd parties to query models all while the inputs/prompts remain fully private to all parties.
Omron is a Proof-of-Inference compute cluster deployed on Bittensor. Omron SN 2 is the worlds largest zkml proving cluster.
Omron currently supports verified inference through the use of zero knowledge proofs. Models are converted to zk circuits which produce cryptographic proof of execution. Adding TEE functionality greatly reduces overhead incurred in verifying computation and improves response time, at the tradeoff of additional trust assumptions. Another goal of ours was to provide hardware enclave abstraction, allowing miners who have diverse hardware to easily participate in the network.
This project was completed as a submission in the Brussels ** dAGI House ** hackathon July 5-7 2024. DoraHacks Link
To be added
Caution
This requires running on confidential computing hardware with Intel SGX support.
Comprehensive steps to start and connect to a development blockchain instance can be found at the below link.
Important
Ensure you are within the /neurons directory before using the commands below to start your miner
cd neuronspm2 start miner.py --name miner --interpreter ../omron-venv/bin/python --kill-timeout 3000 -- \
--netuid 1 \
--subtensor.network local \
--wallet.name {your_miner_key_name} \
--wallet.hotkey {your_miner_hotkey_name}pm2 start miner.py --name miner --interpreter python3 --kill-timeout 3000 -- \
--netuid 1 \
--subtensor.network local \
--wallet.name {your_miner_key_name} \
--wallet.hotkey {your_miner_hotkey_name}Important
Ensure you are within the /neurons directory before using the commands below to start your validator
cd neuronspm2 start validator.py --name validator --interpreter ../omron-venv/bin/python --kill-timeout 3000 -- \
--netuid 1 \
--subtensor.network local \
--wallet.name {validator_key_name} \
--wallet.hotkey {validator_hot_key_name}pm2 start validator.py --name validator --interpreter python3 --kill-timeout 3000 -- \
--netuid 1 \
--subtensor.network local \
--wallet.name {validator_key_name} \
--wallet.hotkey {validator_hot_key_name}Use the below docker commands to view inferences traveling back and forth between the miner and validator
docker logs minerdocker logs validatorUse the below pm2 logging to view the validator's interpretation of the miner's responses including adjustments to scoring.
pm2 logs validatorValidators within the subnet query miners and the following exchange occurs.
- Validator receives a request for Inference
- Validator selects a miner, generates a unique nonce.
- Miner configures secure enclave, requesting Remote Attestation (RA) evidence with the nonce. Miner returns the RA to the validator
- Validator confirms the RA evidence is valid.
- Validator established a secure and private communication channel with the miner who then receives data to execute the Inference.
- Inference is completed and verified by the validator
- Validators update the scoring of miners based on their performance
Validators score miners based on a correct and valid response. Additionally, miners are ranked on their response time and performance.
The following is a non extensive list
bittensor==7.2.0intel_sgx_2.5.101.3_pvbigdl-llm:2.5.0-SNAPSHOT
Miners require an Intel CPU compatible with SGX.
Minimum Hardware Requirements
- CPU: 3.8GHz Intel Xeon-CoffeeLake (E-2174G-Quadcore)
- RAM: 32GB DDR4
- Secure Enclave: Intel SGX or TDX
For the hackathon we provisioned a custom bare metal machine on IBM Cloud.
Validators do not require an Intel SGX enabled CPU to verify the computations performed by miners.
Open a PR and we will review. Thanks!
Colin G @gagichce
HudsonGraeme @HudsonGraeme
We acknowledge the support from many sponsors who made the Brussels dAGI hackathon possible. This includes cyber.Fund amoung many others listed here.