pith. sign in

arxiv: 2404.09005 · v8 · submitted 2024-04-13 · 💻 cs.CR · cs.AI· cs.ET· cs.GT· cs.LG

Proof-of-Learning with Incentive Security

Zishuo Zhao , Zhixuan Fang , Xuechao Wang , Xi Chen , Hongxu Su , Haibo Xiao , Yuan Zhou This is my paper

Pith reviewed 2026-05-24 02:22 UTC · model grok-4.3

classification 💻 cs.CR cs.AIcs.ETcs.GTcs.LG
keywords proof of learningincentive securityproof of useful workblockchain consensusmachine learning trainingverifier dilemmarational proverdecentralized computing
0
0 comments X

The pith

Incentive-security aligns rational provers with honest behavior in Proof-of-Learning for blockchain consensus.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces incentive-security as a way to make honest participation the rational best choice for provers in Proof-of-Learning systems, avoiding the need for full Byzantine security designs. This approach yields a mechanism that is computationally lighter, has controllable difficulty, and resists two specific attacks while remaining secure even when problem providers and verifiers cannot be trusted. A sympathetic reader would care because it turns energy spent on model training into useful work for consensus, sidestepping the waste of traditional Proof-of-Work and the economic problems of Proof-of-Stake, and it opens a path to decentralized markets for computing power in AI tasks.

Core claim

By defining incentive-security to make honest behavior strictly dominant for rational provers, the authors construct a Proof-of-Learning protocol that achieves computational efficiency with overhead reduced from Θ(1) to O(log E / E), provable incentive-security guarantees, and controllable difficulty. The design remains secure against two attacks, supplies frontend incentive-security when problem providers are untrusted, and delivers verifier incentive-security that avoids the Verifier's Dilemma.

What carries the argument

Incentive-security, the property that makes honest prover actions the utility-maximizing choice under the modeled rewards and penalties.

If this is right

  • The protocol resists the two identified attacks while keeping difficulty adjustable.
  • Overhead drops to O(log E / E) while preserving the useful-work property of model training.
  • Security holds without assuming trusted problem providers.
  • Verifiers are incentivized without falling into the Verifier's Dilemma.
  • Machine-learning training becomes a viable primitive for decentralized consensus and computing markets.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same incentive-alignment idea could be tested on other useful-work tasks such as protein folding or simulation workloads.
  • If the dominance property holds in practice, blockchains could shift consensus energy expenditure into publicly verifiable model improvements.
  • A market clearing mechanism for training tasks might emerge where nodes bid on problems whose solutions feed directly into consensus.

Load-bearing premise

Rational provers will follow the modeled incentives and honest behavior can be made strictly better than any deviation.

What would settle it

A concrete game in which provers receive the proposed reward structure and are observed to choose the honest training path over the two attack strategies at a measurable rate above random.

Figures

Figures reproduced from arXiv: 2404.09005 by Haibo Xiao, Hongxu Su, Xi Chen, Xuechao Wang, Yuan Zhou, Zhixuan Fang, Zishuo Zhao.

Figure 1
Figure 1. Figure 1: Experimental Results [PITH_FULL_IMAGE:figures/full_fig_p012_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Prover Net Utilities. Furthermore, in [PITH_FULL_IMAGE:figures/full_fig_p012_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Verifier’s Utility [PITH_FULL_IMAGE:figures/full_fig_p016_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Verifier’s Utility without CTF Protocol D DISCUSSIONS ON MALICIOUS PROVERS AND ANOMALY DETECTION Throughout the paper, we mainly consider the scenario in which strategic provers are motivated solely by the block rewards for the training task, with their utility defined as the block reward minus computational costs. Nevertheless, in reality, there are indeed mali￾cious trainers who may have incentives to ad… view at source ↗
read the original abstract

Most concurrent blockchain systems rely heavily on the Proof-of-Work (PoW) or Proof-of-Stake (PoS) mechanisms for decentralized consensus and security assurance. However, the substantial energy expenditure stemming from computationally intensive yet meaningless tasks has raised considerable concerns surrounding traditional PoW approaches, The PoS mechanism, while free of energy consumption, is subject to security and economic issues. Addressing these issues, the paradigm of Proof-of-Useful-Work (PoUW) seeks to employ challenges of practical significance as PoW, thereby imbuing energy consumption with tangible value. While previous efforts in Proof of Learning (PoL) explored the utilization of deep learning model training SGD tasks as PoUW challenges, recent research has revealed its vulnerabilities to adversarial attacks and the theoretical hardness in crafting a byzantine-secure PoL mechanism. In this paper, we introduce the concept of incentive-security that incentivizes rational provers to behave honestly for their best interest, bypassing the existing hardness to design a PoL mechanism with computational efficiency, a provable incentive-security guarantee and controllable difficulty. Particularly, our work is secure against two attacks, and also improves the computational overhead from $\Theta(1)$ to $O(\frac{\log E}{E})$. Furthermore, while most recent research assumes trusted problem providers and verifiers, our design also guarantees frontend incentive-security even when problem providers are untrusted, and verifier incentive-security that bypasses the Verifier's Dilemma. By incorporating ML training into blockchain consensus mechanisms with provable guarantees, our research not only proposes an eco-friendly solution to blockchain systems, but also provides a proposal for a completely decentralized computing power market in the new AI age.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

3 major / 2 minor

Summary. The manuscript introduces the concept of incentive-security for Proof-of-Learning (PoL) as a Proof-of-Useful-Work mechanism in blockchain systems. It claims this approach incentivizes rational provers to behave honestly (bypassing Byzantine hardness), delivers a provable incentive-security guarantee, resists two attacks, reduces computational overhead from Θ(1) to O(log E / E), and provides frontend incentive-security with untrusted problem providers plus verifier incentive-security that bypasses the Verifier's Dilemma, enabling decentralized ML training in consensus.

Significance. If the incentive-security claims can be formalized with explicit game models and dominance proofs, the work would offer a potentially significant route to PoUW that substitutes economic incentives for traditional fault-tolerance hardness while improving efficiency and tolerating untrusted parties. The efficiency claim and handling of the Verifier's Dilemma would be notable strengths if substantiated.

major comments (3)
  1. [Abstract] Abstract: the central claim of a 'provable incentive-security guarantee' that makes honest behavior strictly dominant for rational provers (bypassing Byzantine hardness) is load-bearing but unsupported; no extensive-form game, utility functions for honest vs. the two attack strategies, payoff matrix, or dominance proof appears, so the assertion that incentives render deviation strictly loss-making cannot be evaluated.
  2. [Abstract] Abstract: security is asserted against 'two attacks' without identifying the attacks, defining the threat model, or providing any argument or reduction showing resistance; this is required to substantiate the security claims.
  3. [Abstract] Abstract: the overhead reduction from Θ(1) to O(log E / E) is stated without defining E, referencing the prior Θ(1) construction, or supplying a derivation or complexity analysis that would allow verification of the improvement.
minor comments (2)
  1. [Abstract] Abstract: the notation E in O(log E / E) is introduced without definition or context.
  2. [Abstract] Abstract: the claim that the design 'guarantees frontend incentive-security even when problem providers are untrusted' would benefit from a brief statement of the threat model for the provider.

Simulated Author's Rebuttal

3 responses · 0 unresolved

We thank the referee for the careful reading and constructive feedback. The abstract is intentionally high-level, but we agree it can be strengthened with explicit pointers to the formal definitions, models, and analyses that appear in the body. We address each comment below and will revise the abstract accordingly.

read point-by-point responses

  1. Referee: [Abstract] Abstract: the central claim of a 'provable incentive-security guarantee' that makes honest behavior strictly dominant for rational provers (bypassing Byzantine hardness) is load-bearing but unsupported; no extensive-form game, utility functions for honest vs. the two attack strategies, payoff matrix, or dominance proof appears, so the assertion that incentives render deviation strictly loss-making cannot be evaluated.

    Authors: Section 3 presents the extensive-form game, the utility functions for the honest strategy versus each attack strategy, the payoff matrix, and the dominance proof that honest behavior is strictly dominant for rational provers. The abstract summarizes the result; we will add a parenthetical reference to Section 3 and the key dominance result. revision: yes

  2. Referee: [Abstract] Abstract: security is asserted against 'two attacks' without identifying the attacks, defining the threat model, or providing any argument or reduction showing resistance; this is required to substantiate the security claims.

    Authors: The threat model is defined in Section 2; the two attacks (model-extraction and gradient-poisoning) are introduced in Section 4; and the resistance arguments (including reductions) appear in Section 5. We will revise the abstract to name the attacks and cite the relevant sections. revision: yes

  3. Referee: [Abstract] Abstract: the overhead reduction from Θ(1) to O(log E / E) is stated without defining E, referencing the prior Θ(1) construction, or supplying a derivation or complexity analysis that would allow verification of the improvement.

    Authors: E denotes the number of training epochs; the Θ(1) baseline is the construction cited in the introduction; and the O(log E / E) derivation with complexity analysis is given in Section 6. We will insert a brief definition of E and the citation in the revised abstract. revision: yes

Circularity Check

0 steps flagged

No circularity; incentive-security introduced as independent concept without reduction to inputs

full rationale

The abstract and available text introduce incentive-security as a new framing that incentivizes honest behavior for rational provers, bypassing Byzantine hardness. No equations, fitted parameters, self-citations, or ansatzes are quoted that reduce the claimed guarantees or dominance to prior quantities by construction. The derivation chain is presented as conceptual and independent of the target result itself. This is the common honest finding when no load-bearing step exhibits the enumerated circular patterns.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Abstract-only review provides no equations or sections to identify concrete free parameters, axioms, or invented entities; all claims rest on unstated assumptions about participant rationality and incentive dominance.

pith-pipeline@v0.9.0 · 5857 in / 1310 out tokens · 22763 ms · 2026-05-24T02:22:26.316262+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. PoLO: Proof-of-Learning and Proof-of-Ownership at Once with Chained Watermarking

    cs.CR 2025-05 unverdicted novelty 5.0

    PoLO achieves 99% watermark detection accuracy for ownership verification at 1.5-10% of traditional verification costs while requiring 1.1-4x more resources to forge.

Reference graph

Works this paper leans on

72 extracted references · 72 canonical work pages · cited by 1 Pith paper · 5 internal anchors

  1. [1]

    Nuno Antunes, Leandro Balby, Flavio Figueiredo, Nuno Lourenco, Wagner Meira, and Walter Santos. 2018. Fairness and transparency of machine learning for trustworthy cloud services. In2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W) . IEEE, 188–193

    work page 2018

  2. [2]

    Vivek Bagaria, Amir Dembo, Sreeram Kannan, Sewoong Oh, David Tse, Pramod Viswanath, Xuechao Wang, and Ofer Zeitouni. 2022. Proof-of-stake longest chain protocols: Security vs predictability. In Proceedings of the 2022 ACM Workshop on Developments in Consensus. 29–42

    work page 2022

  3. [3]

    Alejandro Baldominos and Yago Saez. 2019. Coin. AI: A proof-of-useful-work scheme for blockchain-based distributed deep learning. Entropy 21, 8 (2019), 723

    work page 2019

  4. [4]

    Marshall Ball, Alon Rosen, Manuel Sabin, and Prashant Nalini Vasudevan. 2017. Proofs of useful work. Cryptology ePrint Archive (2017)

    work page 2017

  5. [5]

    Juan Benet. 2014. Ipfs-content addressed, versioned, p2p file system. arXiv preprint arXiv:1407.3561 (2014)

    work page internal anchor Pith review Pith/arXiv arXiv 2014

  6. [6]

    Yoshua Bengio, Geoffrey Hinton, Andrew Yao, Dawn Song, Pieter Abbeel, Trevor Darrell, Yuval Noah Harari, Ya-Qin Zhang, Lan Xue, Shai Shalev-Shwartz, et al

    work page

  7. [7]

    Science 384, 6698 (2024), 842–845

    Managing extreme AI risks amid rapid progress. Science 384, 6698 (2024), 842–845

    work page 2024

  8. [8]

    Yoshua Bengio, Sören Mindermann, Daniel Privitera, Tamay Besiroglu, Rishi Bommasani, Stephen Casper, Yejin Choi, Danielle Goldfarb, Hoda Heidari, Leila Khalatbari, et al. 2024. International Scientific Report on the Safety of Advanced AI (Interim Report). arXiv preprint arXiv:2412.05282 (2024)

    work page arXiv 2024

  9. [9]

    Elisa Bertino, Murat Kantarcioglu, Cuneyt Gurcan Akcora, Sagar Samtani, Sudip Mittal, and Maanak Gupta. 2021. AI for Security and Security for AI. InProceedings of the Eleventh ACM Conference on Data and Application Security and Privacy . 333–334

    work page 2021

  10. [10]

    Siddharth Bhatore, Lalit Mohan, and Y Raghu Reddy. 2020. Machine learning techniques for credit risk evaluation: a systematic literature review. Journal of Banking and Financial Technology 4, 1 (2020), 111–138

    work page 2020

  11. [11]

    Felipe Bravo-Marquez, Steve Reeves, and Martin Ugarte. 2019. Proof-of-learning: a blockchain consensus mechanism based on machine learning competitions. In 2019 IEEE International Conference on Decentralized Applications and Infrastruc- tures (DAPPCON). IEEE, 119–124

    work page 2019

  12. [12]

    Vitalik Buterin et al. 2014. A next-generation smart contract and decentralized application platform. white paper 3, 37 (2014), 2–1

    work page 2014

  13. [13]

    Canhui Chen, Zerui Cheng, Shutong Qu, and Zhixuan Fang. 2022. Crowdsourcing Work as Mining: A Decentralized Computation and Storage Paradigm. arXiv preprint arXiv:2211.06669 (2022)

    work page arXiv 2022

  14. [14]

    Yiling Chen, Yiheng Shen, and Shuran Zheng. 2020. Truthful data acquisition via peer prediction. Advances in Neural Information Processing Systems 33 (2020), 18194–18204

    work page 2020

  15. [15]

    KD Conway, Cathie So, Xiaohang Yu, and Kartin Wong. 2024. opML: Optimistic Machine Learning on Blockchain. arXiv preprint arXiv:2401.17555 (2024)

    work page arXiv 2024

  16. [16]

    Congyu Fang, Hengrui Jia, Anvith Thudi, Mohammad Yaghini, Christopher A Choquette-Choo, Natalie Dullerud, Varun Chandrasekaran, and Nicolas Papernot

    work page

  17. [17]

    In 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)

    Proof-of-Learning is Currently More Broken Than You Think. In 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P) . IEEE, 797–816

    work page 2023

  18. [18]

    Erez Firt. 2023. Calibrating machine behavior: a challenge for AI alignment. Ethics and Information Technology 25, 3 (2023), 42

    work page 2023

  19. [19]

    Beltrán Borja Fiz Pontiveros, Christof Ferreira Torres, and Radu State. 2020. Sluggish mining: Profiting from the verifier’s dilemma. InFinancial Cryptography and Data Security: FC 2019 International Workshops, VOTING and WTSC, St. Kitts, St. Kitts and Nevis, February 18–22, 2019, Revised Selected Papers 23 . Springer, 67–81

    work page 2020

  20. [20]

    Chaya Ganesh, Claudio Orlandi, and Daniel Tschudi. 2019. Proof-of-Stake Proto- cols for Privacy-Aware Blockchains. In Advances in Cryptology – EUROCRYPT 2019, Yuval Ishai and Vincent Rijmen (Eds.). Springer International Publishing, Cham, 690–719

    work page 2019

  21. [21]

    Karame, Karl Wüst, Vasileios Glykantzis, Hubert Ritzdorf, and Srdjan Capkun

    Arthur Gervais, Ghassan O. Karame, Karl Wüst, Vasileios Glykantzis, Hubert Ritzdorf, and Srdjan Capkun. 2016. On the Security and Performance of Proof of Work Blockchains. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (Vienna, Austria) (CCS ’16). Association for Computing Machinery, New York, NY, USA, 3–16. https...

    work page arXiv 2016

  22. [22]

    Arthur Gervais, Ghassan O Karame, Karl Wüst, Vasileios Glykantzis, Hubert Ritzdorf, and Srdjan Capkun. 2016. On the security and performance of proof of work blockchains. In Proceedings of the 2016 ACM SIGSAC conference on computer and communications security. 3–16

    work page 2016

  23. [23]

    Charles AE Goodhart. 1984. Problems of monetary management: the UK experience. Springer

    work page 1984

  24. [24]

    Dan Hendrycks. 2024. Introduction to AI safety, ethics and society. Dan Hendrycks

    work page 2024

  25. [25]

    Felix Hoffmann. 2022. Challenges of Proof-of-Useful-Work (PoUW). In 2022 IEEE 1st Global Emerging Technology Blockchain Forum: Blockchain & Beyond (iGETblockchain). IEEE, 1–5

    work page 2022

  26. [26]

    Yupeng Hu, Wenxin Kuang, Zheng Qin, Kenli Li, Jiliang Zhang, Yansong Gao, Wenjia Li, and Keqin Li. 2021. Artificial intelligence security: Threats and coun- termeasures. ACM Computing Surveys (CSUR) 55, 1 (2021), 1–36

    work page 2021

  27. [27]

    Juan Ignacio Ibañez and Alexander Freier. 2023. Bitcoin’s carbon footprint revisited: Proof of Work mining for renewable energy expansion. Challenges 14, 3 (2023), 35

    work page 2023

  28. [28]

    Atalay M Ileri, Halil I Ozercan, Alper Gundogdu, Ahmet K Senol, M Yusuf Ozkaya, and Can Alkan. 2016. Coinami: a cryptocurrency with DNA sequence alignment as proof-of-work. arXiv preprint arXiv:1602.03031 (2016)

    work page internal anchor Pith review Pith/arXiv arXiv 2016

  29. [29]

    Markus Jakobsson and Ari Juels. 1999. Proofs of work and bread pudding proto- cols. In Secure Information Networks: Communications and Multimedia Security IFIP TC6/TC11 Joint Working Conference on Communications and Multimedia Security (CMS’99) September 20–21, 1999, Leuven, Belgium . Springer, 258–272

    work page 1999

  30. [30]

    Jiaming Ji, Tianyi Qiu, Boyuan Chen, Borong Zhang, Hantao Lou, Kaile Wang, Yawen Duan, Zhonghao He, Jiayi Zhou, Zhaowei Zhang, et al. 2023. Ai alignment: A comprehensive survey. arXiv preprint arXiv:2310.19852 (2023)

    work page internal anchor Pith review Pith/arXiv arXiv 2023

  31. [31]

    Hengrui Jia, Mohammad Yaghini, Christopher A Choquette-Choo, Natalie Dullerud, Anvith Thudi, Varun Chandrasekaran, and Nicolas Papernot. 2021. Proof-of-learning: Definitions and practice. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE, 1039–1056

    work page 2021

  32. [32]

    Davinder Kaur, Suleyman Uslu, Kaley J Rittichier, and Arjan Durresi. 2022. Trust- worthy artificial intelligence: a review. ACM computing surveys (CSUR) 55, 2 (2022), 1–38

    work page 2022

  33. [33]

    John Kelsey, Bruce Schneier, David Wagner, and Chris Hall. 1998. Cryptanalytic attacks on pseudorandom number generators. In International workshop on fast software encryption. Springer, 168–188. 13 , , Zishuo Zhao, Zhixuan Fang, Xuechao Wang, Xi Chen, Hongxu Su, Haibo Xiao, and Yuan Zhou

    work page 1998

  34. [34]

    Jayden Khakurel, Birgit Penzenstadler, Jari Porras, Antti Knutas, and Wenlu Zhang. 2018. The rise of artificial intelligence under the lens of sustainability. Technologies 6, 4 (2018), 100

    work page 2018

  35. [35]

    Aggelos Kiayias, Andrew Miller, and Dionysis Zindros. 2020. Non-interactive proofs of proof-of-work. In Financial Cryptography and Data Security: 24th In- ternational Conference, FC 2020, Kota Kinabalu, Malaysia, February 10–14, 2020 Revised Selected Papers 24 . Springer, 505–522

    work page 2020

  36. [36]

    Aggelos Kiayias, Alexander Russell, Bernardo David, and Roman Oliynykov. 2017. Ouroboros: A provably secure proof-of-stake blockchain protocol. In Annual international cryptology conference. Springer, 357–388

    work page 2017

  37. [37]

    Sunny King. 2013. Primecoin: Cryptocurrency with prime number proof-of-work. July 7th 1, 6 (2013)

    work page 2013

  38. [38]

    Katja Langenbucher. 2022. AI credit scoring and evaluation of creditworthiness–a test case for the EU proposal for an AI Act. how the challenges of today prepare the ground for tomorrow (2022), 362

    work page 2022

  39. [39]

    Jei Young Lee. 2019. A decentralized token economy: How blockchain and cryptocurrency can revolutionize business. Business Horizons 62, 6 (2019), 773– 784

    work page 2019

  40. [40]

    Tiffany Wenting Li, Silas Hsu, Max Fowler, Zhilin Zhang, Craig Zilles, and Karrie Karahalios. 2023. Am I wrong, or is the autograder wrong? Effects of AI grading mistakes on learning. In Proceedings of the 2023 ACM Conference on International Computing Education Research-Volume 1. 159–176

    work page 2023

  41. [41]

    Yuan Liu, Yixiao Lan, Boyang Li, Chunyan Miao, and Zhihong Tian. 2021. Proof of Learning (PoLe): empowering neural network training with consensus building on blockchains. Computer Networks 201 (2021), 108594

    work page 2021

  42. [42]

    Tao Lu, Haoyu Wang, Wenjie Qu, Zonghui Wang, Jinye He, Tianyang Tao, Wenzhi Chen, and Jiaheng Zhang. 2024. An Efficient and Extensible Zero-knowledge Proof Framework for Neural Networks. Cryptology ePrint Archive (2024)

    work page 2024

  43. [43]

    Loi Luu, Jason Teutsch, Raghav Kulkarni, and Prateek Saxena. 2015. Demystifying incentives in the consensus computer. In Proceedings of the 22Nd acm sigsac conference on computer and communications security . 706–719

    work page 2015

  44. [44]

    Kaifeng Lyu, Haoyu Zhao, Xinran Gu, Dingli Yu, Anirudh Goyal, and Sanjeev Arora. 2024. Keeping llms aligned after fine-tuning: The crucial role of prompt templates. arXiv preprint arXiv:2402.18540 (2024)

    work page arXiv 2024

  45. [45]

    Nolan Miller, Paul Resnick, and Richard Zeckhauser. 2005. Eliciting informative feedback: The peer-prediction method. Management Science 51, 9 (2005), 1359– 1373

    work page 2005

  46. [46]

    Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. Decen- tralized business review (2008)

    work page 2008

  47. [47]

    Mohamed Nassar, Khaled Salah, Muhammad Habib ur Rehman, and Davor Svetinovic. 2020. Blockchain for explainable and trustworthy artificial intel- ligence. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery 10, 1 (2020), e1340

    work page 2020

  48. [48]

    Andrea Paudice, Luis Muñoz-González, Andras Gyorgy, and Emil C Lupu. 2018. Detection of adversarial training examples in poisoning attacks through anomaly detection. arXiv preprint arXiv:1802.03041 (2018)

    work page internal anchor Pith review Pith/arXiv arXiv 2018

  49. [49]

    Thomas Piketty. 2014. Capital in the twenty-first century . Harvard University Press

    work page 2014

  50. [50]

    Adnan Qayyum, Aneeqa Ijaz, Muhammad Usama, Waleed Iqbal, Junaid Qadir, Yehia Elkhatib, and Ala Al-Fuqaha. 2020. Securing machine learning in the cloud: A systematic review of cloud machine learning security. Frontiers in big Data 3 (2020), 587139

    work page 2020

  51. [51]

    Richard Ren, Steven Basart, Adam Khoja, Alice Gatti, Long Phan, Xuwang Yin, Mantas Mazeika, Alexander Pan, Gabriel Mukobi, Ryan H Kim, et al. 2024. Safe- tywashing: Do AI Safety Benchmarks Actually Measure Safety Progress? arXiv preprint arXiv:2407.21792 (2024)

    work page arXiv 2024

  52. [52]

    Reuters. 2024. ByteDance seeks $1.1 mln damages from intern in AI breach case, report says. (2024). https://www.reuters.com/technology/artificial- intelligence/bytedance-seeks-11-mln-damages-intern-ai-breach-case-report- says-2024-11-28/ November 28, 2024

    work page 2024

  53. [53]

    Maxime Reynouard, Rida Laraki, and Olga Gorelkina. 2024. BAR Nash Equi- librium and Application to Blockchain Design. arXiv preprint arXiv:2401.16856 (2024)

    work page arXiv 2024

  54. [54]

    Mauro Ribeiro, Katarina Grolinger, and Miriam AM Capretz. 2015. Mlaas: Machine learning as a service. In 2015 IEEE 14th international conference on machine learning and applications (ICMLA) . IEEE, 896–902

    work page 2015

  55. [55]

    John Riley. 2021. The current status of cryptocurrency regulation in China and its effect around the world. China and WTO Review 7, 1 (2021), 135–152

    work page 2021

  56. [56]

    Fahad Saleh. 2020. Blockchain without Waste: Proof-of-Stake. The Review of Financial Studies 34, 3 (07 2020), 1156–1190. https: //doi.org/10.1093/rfs/hhaa075 arXiv:https://academic.oup.com/rfs/article- pdf/34/3/1156/36264598/hhaa075.pdf

    work page doi:10.1093/rfs/hhaa075 2020

  57. [57]

    Cosimo Sguanci, Roberto Spatafora, and Andrea Mario Vergani. 2021. Layer 2 Blockchain Scaling: a Survey. arXiv:2107.10881 [cs.DC]

    work page arXiv 2021

  58. [58]

    Daria Smuseva, Ivan Malakhov, Andrea Marin, Aad van Moorsel, and Sabina Rossi. 2022. Verifier’s dilemma in ethereum blockchain: A quantitative analysis. In International Conference on Quantitative Evaluation of Systems. Springer, 317–336

    work page 2022

  59. [59]

    Christian Stoll, Lena Klaaßen, and Ulrich Gallersdörfer. 2019. The carbon footprint of bitcoin. Joule 3, 7 (2019), 1647–1661

    work page 2019

  60. [60]

    Jason Teutsch and Christian Reitwießner. 2024. A scalable verification solution for blockchains. In ASPECTS OF COMPUTATION AND AUTOMATA THEORY WITH APPLICATIONS. World Scientific, 377–424

    work page 2024

  61. [61]

    Bojan B Tomić, Anisja D Kijevčanin, Zoran V Ševarac, and Jelena M Jovanović

    work page

  62. [62]

    An AI-based approach for grading students’ collaboration.IEEE Transactions on Learning Technologies 16, 3 (2022), 292–305

    work page 2022

  63. [63]

    Ambre Toulemonde, Loic Besson, Louis Goubin, and Jacques Patarin. 2022. Useful work: a new protocol to ensure usefulness of PoW-based consensus for blockchain. In Proceedings of the 2022 ACM Conference on Information Technology for Social Good (Limassol, Cyprus) (GoodIT ’22). Association for Computing Machinery, New York, NY, USA, 308–314. https://doi.org...

    work page doi:10.1145/3524458.3547248 2022

  64. [64]

    Warren J Von Eschenbach. 2021. Transparency and the black box problem: Why we do not trust AI. Philosophy & Technology 34, 4 (2021), 1607–1622

    work page 2021

  65. [65]

    Harald Vranken. 2017. Sustainability of bitcoin and blockchains. Current opinion in environmental sustainability 28 (2017), 1–9

    work page 2017

  66. [66]

    Shengling Wang, Xidi Qu, Qin Hu, Xia Wang, and Xiuzhen Cheng. 2023. An uncertainty-and collusion-proof voting consensus mechanism in blockchain. IEEE/ACM Transactions on Networking 31, 5 (2023), 2376–2388

    work page 2023

  67. [67]

    Adversarial Examples

    Rui Zhang, Jian Liu, Yuan Ding, Zhibo Wang, Qingbiao Wu, and Kui Ren. 2022. “Adversarial Examples” for Proof-of-Learning. In2022 IEEE Symposium on Security and Privacy (SP). IEEE, 1408–1422

    work page 2022

  68. [68]

    Yue Zhang, Shouqiao Wang, Xiaoyuan Liu, Sijun Tan, Raluca Ada Popa, and Ciamac C Moallemi. 2024. Proof of Sampling: A Nash Equilibrium-Secured Verification Protocol for Decentralized Systems. arXiv preprint arXiv:2405.00295 (2024)

    work page arXiv 2024

  69. [69]

    Zhenyu Zhang, Ajay Jaiswal, Lu Yin, Shiwei Liu, Jiawei Zhao, Yuandong Tian, and Zhangyang Wang. 2024. Q-galore: Quantized galore with int4 projection and layer-adaptive low-rank gradients. arXiv preprint arXiv:2407.08296 (2024)

    work page arXiv 2024

  70. [70]

    Jiawei Zhao, Zhenyu Zhang, Beidi Chen, Zhangyang Wang, Anima Anandkumar, and Yuandong Tian. 2024. Galore: Memory-efficient llm training by gradient low-rank projection. arXiv preprint arXiv:2403.03507 (2024)

    work page internal anchor Pith review Pith/arXiv arXiv 2024

  71. [71]

    Zishuo Zhao, Xi Chen, and Yuan Zhou. 2024. It Takes Two: A Peer-Prediction Solution for Blockchain Verifier’s Dilemma. arXiv preprint arXiv:2406.01794 (2024)

    work page arXiv 2024

  72. [72]

    absolutely secure

    Kaiwen Zheng, Shulai Zhang, and Xiaoli Ma. 2020. Difficulty prediction for proof-of-work based blockchains. In 2020 IEEE 21st International Workshop on Signal Processing Advances in Wireless Communications (SPA WC). IEEE, 1–5. 14 Proof-of-Learning with Incentive Security , , Appendix A COMPUTATION OF PROVER’S SUNK COST 𝜇 (𝜌) ON LOSING COMPETITION Define 𝑃...

    work page 2020