Privacy-Focused AI Learns Faster and More Securely with New Blockchain System

Researchers are addressing critical limitations in federated learning (FL) regarding scalability, security, and reliable update validation. Amirhossein Taherpour and Xiaodong Wang, both from Columbia University, alongside their colleagues, present ZK-HybridFL, a novel framework integrating a directed acyclic graph ledger with dedicated sidechains and zero-knowledge proofs (ZKPs). This innovative approach facilitates privacy-preserving model validation and efficient detection of malicious behaviour during collaborative model training. Demonstrating superior performance against existing systems like Blade-FL and ChainFL across image classification and language modelling, ZK-HybridFL offers faster convergence, improved accuracy, and robust resistance to adversarial attacks, representing a significant advancement towards secure and scalable decentralised FL deployments.

This decentralized system integrates a directed acyclic graph (DAG) ledger with dedicated sidechains and zero-knowledge proofs (ZKPs) to enable collaborative model training without exposing sensitive data.

The research introduces a secure method for verifying local model updates on-device, eliminating the need for public datasets and associated privacy risks. ZK-HybridFL utilizes event-driven smart contracts and an oracle-assisted sidechain to validate updates efficiently, while a built-in challenge mechanism actively detects and mitigates adversarial behaviour.
Experiments conducted on both image classification and language modeling tasks demonstrate significant performance improvements with ZK-HybridFL. The framework achieves faster convergence, higher accuracy, and lower perplexity compared to existing decentralized FL systems, Blade-FL and ChainFL. Furthermore, latency is reduced, and the system exhibits robust performance even with a substantial proportion of adversarial or idle nodes.

On-chain verification occurs in under a second with efficient gas usage, preventing the acceptance of invalid updates and effectively guarding against orphanage-style attacks. This innovative architecture supports sub-second on-chain verification, minimizing computational burden and maximizing efficiency.

The integration of ZKPs allows for privacy-preserving model validation, ensuring that participant data remains confidential throughout the training process. By combining the strengths of DAG ledgers and sidechains, ZK-HybridFL offers a scalable and secure solution for decentralized federated learning across diverse environments, paving the way for more robust and privacy-conscious machine learning applications. The work represents a substantial advancement in decentralized machine learning, offering a practical solution for secure and efficient collaborative model training.

ZK-HybridFL system architecture and secure model update validation are crucial for privacy-preserving federated learning

A directed acyclic graph (DAG) ledger, coupled with dedicated sidechains and zero-knowledge proofs (ZKPs), underpins the ZK-HybridFL framework for secure decentralized federated learning. The system employs event-driven smart contracts to initiate tasks and manage the flow of local model updates between participating nodes.

An oracle-assisted sidechain then verifies these updates, crucially, without requiring access to the sensitive training data itself. This verification process leverages ZKPs to confirm the validity of each model contribution while preserving data privacy. To detect malicious activity, a built-in challenge mechanism actively probes for adversarial behaviour amongst the nodes.

Nodes train local models on mini-batches and sign the resulting updates before broadcasting them as transactions. The sidechain evaluates these updates using ZKPs, ensuring that only genuine, high-quality contributions are incorporated into the global model. This contrasts with approaches like Blade-FL, which relies on computationally expensive proof-of-work and public datasets for validation.

ZK-HybridFL’s architecture addresses limitations found in ChainFL, a hierarchical blockchain structure. Unlike ChainFL, which depends on centralized public dataset evaluations and suffers from cross-shard synchronization, ZK-HybridFL’s sidechain-based verification eliminates the need for public datasets and reduces synchronization overhead.

Experiments demonstrated faster convergence, higher accuracy, lower perplexity, and reduced latency compared to both Blade-FL and ChainFL, showcasing the efficiency gains achieved through this innovative methodology. The framework also proved robust against substantial fractions of adversarial and idle nodes, supporting sub-second on-chain verification with efficient gas usage.

Performance enhancements via zero-knowledge proofs and private data utilisation are becoming increasingly viable

ZK-HybridFL, a novel decentralized federated learning framework, demonstrates substantial performance gains in image classification and language modeling tasks. Simulations reveal faster convergence, higher accuracy, lower perplexity, and reduced latency when compared to both Blade-FL and ChainFL. The research establishes robust performance even with a significant proportion of adversarial and idle nodes within the network.

Specifically, the framework supports sub-second on-chain verification, achieving efficient gas usage during the process. The study utilizes zero-knowledge proofs to validate local model updates without revealing sensitive data, a key component of the system’s security. Employing private test datasets alongside ZKPs enhances both privacy and model quality, surpassing the limitations of public test datasets which can restrict robustness and adaptability.

The ZKP process enables a node to prove the validity of its inference output without disclosing its private test data or internal computations. This is achieved through a predefined circuit that generates predicted outputs and associated loss values, producing intermediate results known as witnesses. Verification of the model’s integrity involves a sequence of actions including commitment of weights and test data to a sidechain, availability of a circuit-specific proving key, proof generation using the private witness, and final verification by any node within the network.

Successful verification, indicated by a result of 1, certifies that the public outputs were produced by the committed model and test data, allowing the contribution to be added to the directed acyclic graph. The keys used for this process remain fixed across nodes and epochs, while each proof is specific to its witness, ensuring completeness, soundness, and zero-knowledge.

Enhanced performance and resilience in decentralised federated learning are achieved through collaborative model aggregation

ZK-HybridFL, a secure decentralised federated learning framework, integrates a directed acyclic graph ledger with dedicated sidechains and zero-knowledge proofs for privacy-preserving model validation. This system employs event-driven smart contracts and an oracle-assisted sidechain to verify local model updates without revealing sensitive data, alongside a challenge mechanism to identify potentially malicious activity.

Experiments utilising image classification and language modelling demonstrate that ZK-HybridFL achieves faster convergence, improved accuracy, reduced perplexity, and lower latency when compared to existing frameworks such as Blade-FL and ChainFL. The framework’s robustness extends to scenarios with a significant proportion of adversarial or inactive participants, maintaining sub-second on-chain verification with efficient gas consumption.

It effectively prevents the acceptance of invalid updates and mitigates orphanage-style attacks, establishing a scalable and secure solution for decentralised federated learning in varied environments. The authors acknowledge a five percent computational overhead, which can be mitigated through techniques like recursive folding to manage circuit complexity and key sizes. Future research will focus on refining the cryptographic design and assessing the framework’s performance in edge computing deployments.