Ethereum Foundation AI lead Davide Crapis and Ethereum co-founder Vitalik Buterin have proposed a way to use zero-knowledge proofs and other methods to ensure that a user’s interactions with large language models are private, while preventing spam and abuse.

API calls occur every time a user sends a message to a software application, such as an AI chatbot. Crapis and Buterin said in a blog post on Wednesday that a core challenge for both users and providers is privacy, security and efficiency.

“We need a system where a user can deposit funds once and make thousands of API calls anonymously, securely, and efficiently,” they said.

“The provider must be guaranteed payment and protection against spam, while the user must be guaranteed that their requests cannot be linked to their identity or to each other,” they added.

With the use of AI chatbots rising, data leaks from LLMs have become a growing concern. Chatbots often handle highly sensitive data, and linking usage to identities can create significant privacy, legal, and security risks. Usage logs can even be used in court proceedings.

 

 

 

Get to know Godleak

Godleak crypto signal is a  service which provide profitable crypto and forex signals. Godleak tried to provide you signals of best crypto channels in the world.

It means that you don’t need to buy individual crypto signal vip channels that have expensive prices. We bought all for you and provide you the signals with bot on telegram without even a second of delay.

Godleak crypto leak service have multiple advantages in comparision with other services:

•  Providing signal of +160 best crypto vip channels in the world
• Using high tech bot to forward signals
• Without even a second of delay
• Joining in +160 separated channels on telegram
• 1 month, 3 months , 6 months and yearly plans
• Also we have trial to test our services before you pay for anything

For joining Godleak and get more information about us only need to follow godleak bot on telegram and can have access to our free vip channels. click on link bellow and press start button to see all features

 

Join for Free

☟☟☟☟☟

https://t.me/Godleakbot

Also you can check the list of available vip signal channels in the bot. by pressing Channels button.

 

  

Crapis and Buterin’s solution for users and providers

Crapis and Buterin said providers currently are forced to choose between two “suboptimal paths,” identity-based access with users forced to hand over sensitive information like an email or credit card, which creates privacy risks, or per-request on-chain payments, which are slow, costly, and traceable.

The duo proposes a system where users deposit funds into a smart contract and then make API calls without revealing their identity or linking requests, leveraging zero-knowledge proofs and rate-limit nullifiers for payments and anti-spam enforcement.

“A user deposits 100 USDC into a smart contract and makes 500 queries to a hosted LLM. The provider receives 500 valid, paid requests but cannot link them to the same depositor, or to each other, while the user’s prompts remain unlinkable to the user identity,” Crapis and Buterin said.

“The model enforces solvency by requiring the user to prove that their cumulative spending — represented by their current ticket index —remains strictly within the bounds of their initial deposit and their verified refund history.”

Cheating the system could slash your deposit

To deter scammers, illegal content generation, jailbreaking attempts, and other terms-of-service violations, Crapis and Buterin propose a dual-staking system.

If a user is caught trying to double-spend, their deposit can be claimed by anyone, including the server. However, users violating the terms of service will have their deposit sent to a burn address, and the slashing event is recorded on-chain.

“For example, a user might submit a prompt asking the model to generate instructions for building a weapon or to help them bypass security controls — requests that would violate many providers’ usage policies,” Crapis and Buterin said.

“While the user’s identity remains hidden, the community can audit the rate at which the Server burns stakes and the posted evidence for these burns.”