Hi, I’m Moyed. I like to study new ideas and got into some questions after reading Sentient Whitepaper. If this is not eligible place for me to share the questions, please let me know, I’ll delete it.
-
How is actually $s(x) = s(x, \sigma(h(x))$ made? Let’s say model user recieved permission string $\sigma(h(x)$ from access layer, What operation does it do to create s(x). Does this scheme work for complicated model like LLM?
-
In verification process, how does Sentient platform check if model user knows the permission string?
-
Once prover query the fingerprint key, would the model owner know that it happened? If so, then only at most n verification is possible when n is number of fingerprints in the model.
-
Model host should requet permission string for each query. Woudln’t it add some meaningful latency to user or communication overhead in large demand situation?
-
What if prover DOS attack the platform by creasing fabircated proof of usage. Because the prover only own the key, it would be rejected, but at least it can interrupt the system. Economic slashing won’t work because platform cannot distingusih between fabricated proof of usage vs honest prover querying non-Sentiemt model. Any method to solve this?
-
Example method in 3.5.2 is confusing to me. If function f only output 0 or 1 based on the green and red word count, would it be 50% guess for unauthorize model host to bypass this system? Of coruse, this assumes that signature generation method is revealed to model host.
