The Perturb Protocol
A decentralized adversarial robustness network for production AI, built on Bittensor. Read the full technical specification.
Abstract
Modern AI systems are deployed in safety-critical settings yet remain vulnerable to imperceptible adversarial perturbations. Perturb introduces a decentralized subnet on Bittensor where independent miners are economically incentivized to discover novel attack vectors against submitted models. This paper formalizes the threat model, describes the validator scoring function, and presents empirical results from our public testnet.
Threat Model
Formal definition of adversarial perturbations and our security assumptions.
Subnet Architecture
How miners, validators, and the Bittensor consensus layer interact.
Incentive Design
Reward mechanics that align attackers with model hardening outcomes.