What the FLock

Your AI Agent Has a Backdoor: Tevy Kuch and Justin Lam on Closing It

24 min · Ayer
Portada del episodio Your AI Agent Has a Backdoor: Tevy Kuch and Justin Lam on Closing It

Descripción

Most AI agent security assumes trust instead of proving it. Tevy Kuch and Justin Lam built Carapace to intercept every message an AI agent sends or receives and generate cryptographic proof that each security scan ran correctly, before the model ever sees the input. Tevy Kuch [https://www.linkedin.com/in/tevy-k-964892192/] — Data Scientist, Co-founder, Oneiris Mind Justin Lam [https://www.linkedin.com/in/justin-lam-b8306a223/]— Electrical and Electronics Engineer (Imperial College), CTO and Co-founder, Oneiris Mind Tevy and Justin met building Carapace for the Imperial College x FLock Blockchain for Good Alliance hackathon. Oneiris Mind, their primary venture, is a privacy-first EEG wearable — which is why the same hardware-rooted trust model shows up in both projects. Chapters (00:00) – Intro: guests Tevy Kuch and Justin Lam (00:40) – Introductions and the Imperial College hackathon (02:00) – What Carapace is and why Oneiris Mind needed it (04:15) – Why FLock's decentralized, trust-minimized network was a natural fit (06:30) – The four-vector attack model: prompt injection, credential infiltration, goal hijacking, absence of proof (09:00) – Why this is urgent: healthcare, finance, and auditable AI decisions (10:30) – Hardware trust: Intel SGX enclaves explained (13:00) – From hackathon prototype to manufactured EEG board (15:30) – Rebuilding Carapace's stack inside Oneiris Mind (18:00) – End-to-end security: EEG signals, wireless capture, and ARM TrustZone (21:30) – What FLock and BGA support could look like (24:00) – EEG data, brainwave states, and personalized models (28:00) – Shrinking the wearable: flex PCB and form factor 1. Trust has to be provable, not assumed. Carapace exists because agent inputs were unverified and no one could confirm a security layer had actually run. 2. Carapace runs three parallel cryptographic layers over every message, with zero code changes. It's built to route through OpenClaw agents without touching the underlying agent code. 3. The architecture targets a specific four-vector attack model. Prompt injection, credential infiltration, goal hijacking, and the absence of cryptographic proof of execution. 4. Software alone doesn't close the gap — hardware does. Intel SGX isolates encryption in a protected memory region even if the OS is compromised; ARM TrustZone does the equivalent on microcontrollers. 5. The same problem shows up in Oneiris Mind's EEG wearable. Personal brain-wave data needs hardware-rooted security for the same reason agent decisions do — the founders built the device from the hardware layer up rather than sourcing proprietary hardware. 6. Compliance is a real driver, not an afterthought. Frameworks like FCA and GDPR increasingly require audit trails that prove a scan ran, at a specific time, with a specific result. Key concepts * Carapace: An AI agent security proxy that intercepts every message to and from an OpenClaw agent and routes it through three parallel cryptographic verification layers before the model sees the input. * Four-vector attack model: The four failure modes Carapace defends against — prompt injection, credential infiltration, goal hijacking, and absence of cryptographic proof of execution. * Intel SGX (Software Guard Extensions): A hardware enclave on x86 CPUs that isolates a protected memory region, keeping encrypted operations secure even if the operating system itself is compromised. * ARM TrustZone: A hardware security extension on ARM microcontrollers that isolates peripherals into separate protected zones — the microcontroller-scale equivalent of SGX. * Zero-knowledge proof (ZK-STARK): Lets a party prove a computation ran correctly without revealing the underlying data, so a security scan's result can be verified by any third party without trusting Carapace or FLock as a middleman. * Oneiris Mind: Tevy and Justin's core venture — a privacy-first EEG wearable applying the same hardware-rooted trust model to personal brain-wave data.

Comentarios

0

Sé la primera persona en comentar

¡Regístrate ahora y únete a la comunidad de What the FLock!

Empezar

2 meses por 1 €

Después 4,99 € / mes · Cancela cuando quieras.

  • Podcasts exclusivos
  • 20 horas de audiolibros / mes
  • Podcast gratuitos

Todos los episodios

5 episodios

Portada del episodio Your AI Agent Has a Backdoor: Tevy Kuch and Justin Lam on Closing It

Your AI Agent Has a Backdoor: Tevy Kuch and Justin Lam on Closing It

Most AI agent security assumes trust instead of proving it. Tevy Kuch and Justin Lam built Carapace to intercept every message an AI agent sends or receives and generate cryptographic proof that each security scan ran correctly, before the model ever sees the input. Tevy Kuch [https://www.linkedin.com/in/tevy-k-964892192/] — Data Scientist, Co-founder, Oneiris Mind Justin Lam [https://www.linkedin.com/in/justin-lam-b8306a223/]— Electrical and Electronics Engineer (Imperial College), CTO and Co-founder, Oneiris Mind Tevy and Justin met building Carapace for the Imperial College x FLock Blockchain for Good Alliance hackathon. Oneiris Mind, their primary venture, is a privacy-first EEG wearable — which is why the same hardware-rooted trust model shows up in both projects. Chapters (00:00) – Intro: guests Tevy Kuch and Justin Lam (00:40) – Introductions and the Imperial College hackathon (02:00) – What Carapace is and why Oneiris Mind needed it (04:15) – Why FLock's decentralized, trust-minimized network was a natural fit (06:30) – The four-vector attack model: prompt injection, credential infiltration, goal hijacking, absence of proof (09:00) – Why this is urgent: healthcare, finance, and auditable AI decisions (10:30) – Hardware trust: Intel SGX enclaves explained (13:00) – From hackathon prototype to manufactured EEG board (15:30) – Rebuilding Carapace's stack inside Oneiris Mind (18:00) – End-to-end security: EEG signals, wireless capture, and ARM TrustZone (21:30) – What FLock and BGA support could look like (24:00) – EEG data, brainwave states, and personalized models (28:00) – Shrinking the wearable: flex PCB and form factor 1. Trust has to be provable, not assumed. Carapace exists because agent inputs were unverified and no one could confirm a security layer had actually run. 2. Carapace runs three parallel cryptographic layers over every message, with zero code changes. It's built to route through OpenClaw agents without touching the underlying agent code. 3. The architecture targets a specific four-vector attack model. Prompt injection, credential infiltration, goal hijacking, and the absence of cryptographic proof of execution. 4. Software alone doesn't close the gap — hardware does. Intel SGX isolates encryption in a protected memory region even if the OS is compromised; ARM TrustZone does the equivalent on microcontrollers. 5. The same problem shows up in Oneiris Mind's EEG wearable. Personal brain-wave data needs hardware-rooted security for the same reason agent decisions do — the founders built the device from the hardware layer up rather than sourcing proprietary hardware. 6. Compliance is a real driver, not an afterthought. Frameworks like FCA and GDPR increasingly require audit trails that prove a scan ran, at a specific time, with a specific result. Key concepts * Carapace: An AI agent security proxy that intercepts every message to and from an OpenClaw agent and routes it through three parallel cryptographic verification layers before the model sees the input. * Four-vector attack model: The four failure modes Carapace defends against — prompt injection, credential infiltration, goal hijacking, and absence of cryptographic proof of execution. * Intel SGX (Software Guard Extensions): A hardware enclave on x86 CPUs that isolates a protected memory region, keeping encrypted operations secure even if the operating system itself is compromised. * ARM TrustZone: A hardware security extension on ARM microcontrollers that isolates peripherals into separate protected zones — the microcontroller-scale equivalent of SGX. * Zero-knowledge proof (ZK-STARK): Lets a party prove a computation ran correctly without revealing the underlying data, so a security scan's result can be verified by any third party without trusting Carapace or FLock as a middleman. * Oneiris Mind: Tevy and Justin's core venture — a privacy-first EEG wearable applying the same hardware-rooted trust model to personal brain-wave data.

Ayer24 min
Portada del episodio A FLock Love Story: Elizabeth Lui on Ecosystem, Decentralized AI, and Real-World Impact

A FLock Love Story: Elizabeth Lui on Ecosystem, Decentralized AI, and Real-World Impact

In this episode of What the FLock, host Sameeha Rehman speaks with Elizabeth Lui [https://x.com/elizabethluihy], Head of Ecosystem at FLock [www.flock.io], about her path from Hong Kong and political science into software engineering, blockchain, and decentralized AI. Elizabeth traces her journey through human rights work, university research, computational social science, and a move to the UK. She explains how she met FLock founder Jiahao [linkedin.com/in/jiahao7sun/?skipRedirect=true], joined as an early engineer, and now works across research, technical product management, and ecosystem partnerships. The conversation covers FLock’s mission to decentralize and democratize AI development, its products including AI Arena and federated learning on blockchain, and a UNDP pilot in the Dominican Republic that uses AI, smart contracts, and DAO governance to support rural women’s agricultural collectives with transparent, automated insurance payouts. Timestamps 00:00 — Intro: What the FLock, guest Elizabeth Lui 00:38 — Growing up in Hong Kong 01:20 — Arts, history, literature to politics at university 01:58 — Web3 as political systems 04:20 — NGO and early research career 05:35 — Computational social science and Python 06:23 — Twitter data for social science 07:35 — Move to the UK 09:18 — Oxford, work ethic, and research ambitions 13:08 — Tech bootcamp and software engineering in London 14:21 — Path toward blockchain engineering 15:21 — Meeting Jiahao and discovering early FLock 17:42 — Joining FLock as an early team member 18:19 — First impressions of the FLock team 24:00 — Explaining FLock to non-technical listeners 26:29 — Decentralized AI experience before and at FLock 28:11 — Research, TPM, and head of ecosystem 33:45 — UNDP x Dominican Republic pilot 37:49 — Hackathons, crowdsourced data, and AI Arena for niche models 42:31 — FLock’s next 3-5 years 45:21 — Rapid fire: AI, colleagues, Turing, yoga, and privacy 48:25 — UK health data leak discussion 51:03 — If FLock were a song Key Takeaways 1. Web3 is political, not only technical. Consensus, incentives, and punishment of bad actors are governance questions. Web3 implements them in code and protocols. 2. Decentralized does not automatically mean democratic. FLock aims for both: open infrastructure and broader participation, voice, and rewards in AI. 3. Privacy is underweighted in AI. Over-collection and poor handling of data, especially sensitive data like health records, can create harm that is hard to undo. 4. Niche, high-impact problems need different infrastructure. Large AI vendors may not build models for every local need. Decentralized training and incentives, such as AI Arena, can help fill that gap. 5. Real-world pilots matter. The Dominican Republic project connects on-the-ground data collection, fine-tuned models, transparent payouts, and community governance into one end-to-end use case. Key Terms 1. Decentralized AI: AI development and training not controlled by a single central party. 2. Democratic AI: An approach where more people can participate, govern, and benefit from AI development. 3. Federated learning: Training models without centralizing sensitive raw data. 4. AI Arena: FLock’s decentralized training platform with Kaggle [https://www.kaggle.com/]-like rewards via smart contracts. 5. FL Alliance: Federated learning on blockchain, designed to be privacy-preserving across parties. 6. DAO: On-chain governance for collectives, such as loan and insurance decisions. Links FLock [https://flock.io/]

18 de may de 202650 min
Portada del episodio From Banking to FLock: Mo’s Journey into Sovereign AI

From Banking to FLock: Mo’s Journey into Sovereign AI

Join us as we explore Mo Marikar's [linkedin.com/in/mohammedmarikar?originalSubdomain=uk] journey from a childhood fascination with programming to leading AI innovation at FLock. Discover insights on decentralizing AI, data privacy, and the future of sovereign AI in this in-depth interview. Started as an intern at UBS at 18 through a social mobility charity, became one of the bank's earliest promoted associate directors during the 2008 credit crisis, then moved to RBC in 2013 where he built a hybrid data/sales practice and hired the Royal Bank of Canada's first AI engineer in wealth management. That engineer was Jiahao Sun — FLock's founder. Chapters 00:00 Introduction to Flock and Its Unique Team 02:34 Mo Marikar's Early Life and Education 05:27 Career Beginnings at UBS and Transition to AI 08:34 Innovations in Wealth Management and AI Research 11:31 Building AI Capabilities at RBC 14:38 Data Privacy and Ethical Considerations in Banking 17:32 The Shift to Consumer Data Ownership 20:21 Mo's Journey to Flock and the Vision Behind It 22:59 Ambition and Career Reflections 25:58 Future Directions and Innovations at Flock 34:27 Navigating Corporate Life and Continuous Learning 36:33 Bridging Technology and Institutional Use Cases 41:24 Identifying Key Sectors for AI Implementation 47:45 The Future of Decentralized AI 51:07 Personal Aspirations and Career Reflections 54:36 Rapid Fire Round: Insights and Fun Questions Key takeaways 1. Most people don't know what they're compromising. Governments and enterprises are adopting AI tools without understanding where their data goes — or that local alternatives already exist on their current hardware. 2. Healthcare data has no undo. Once a genome is in the wild, there is no password reset. The privacy stakes in healthcare AI are categorically different from other sectors. 3. Nations are ceding sovereignty by accident. Widespread adoption of foreign AI for critical infrastructure quietly transfers leverage to another state in any future dispute. 4. Competitors can collaborate safely with federated learning. Banks can jointly train fraud models without sharing customer data; defense allies can pool threat intelligence without revealing asset locations. 5. You probably don't need new hardware. The average office machine runs at 5% capacity. Distributed inference can extend AI capability across a nation's existing infrastructure without a significant lift in power or water use. 6. The privacy paradox is real. People cite privacy concerns in every conversation — then click a $100 Amazon voucher to connect their Facebook account. Key concepts * Federated learning (FL): Training AI models across distributed data sources without centralizing the raw data — the architecture that lets RBC-style banks share fraud signals without exposing customers. * Distributed inference: Running model inference across multiple devices rather than a central server; Mo's argument that existing office hardware is already sufficient. * Sovereign AI: AI infrastructure owned and operated within a nation's or organization's own control, not dependent on foreign cloud providers. * Flockit: FLock's federated learning toolkit, already deployed at several institutions. * FL Alliance: FLock's privacy-preserving cross-party federated learning framework. —— Moderator: ⁠Sameeha⁠ [https://x.com/sameeha_rehman] Twitter: ⁠https://x.com/flock_io⁠ [https://x.com/flock_io] Discord: ⁠https://discord.gg/8NCwYn2Ype⁠ [https://discord.gg/8NCwYn2Ype] #SovereignAI #FederatedLearning #DataPrivacy #FLock *The views and opinions expressed by guests on this podcast are their own and do not constitute any investment advice.

4 de may de 20261 h 4 min
Portada del episodio FLock 2025 Earnings Call

FLock 2025 Earnings Call

Recorded on Nov 18, 2025 — Live on 𝕏 [https://x.com/flock_io/status/1990755495435776241?s=46] In this session, FLock leadership breaks down the company’s 2025 performance and ecosystem milestones. Founder & CEO Jiahao Sun (@0x7SUN [https://x.com/0x7SUN]), CFO CosmeticFish (@cosmeticfish [https://x.com/cosmeticfish]), and Chief of Staff Sameeha Rehman (@sameeha_rehman [https://x.com/sameeha_rehman]) walk listeners through the year’s highlights, including: * Network expansion across Training Nodes, Validators & Delegators * Major strategic partnerships across AI, cloud, and Web3 ecosystems * Growth of on-chain activity and protocol revenue * Real-world adoption momentum in healthcare, government, finance & manufacturing * What’s ahead for scaling decentralized AI globally Tune in for a concise breakdown of how FLock advanced DeAI from concept to real-world infrastructure in 2025 — and where the ecosystem is heading next.If you missed our earnings call yesterday, check out the full report and transcript here ↓ https://www.flock.io/blog/flock-2025-earnings-report-performance--growth-overview?preview=true [https://www.flock.io/blog/flock-2025-earnings-report-performance--growth-overview?preview=true]

20 de nov de 202522 min
Portada del episodio Baby4D: Turning Ultrasounds into Realistic Baby Photos with AI | EP1

Baby4D: Turning Ultrasounds into Realistic Baby Photos with AI | EP1

Baby4D, the AI tool powered by FLock.io [https://www.flock.io/] that’s changing the pregnancy journey. It transforms 4D ultrasound scans into lifelike baby portraits, helping parents connect with their baby before birth. Founder Dr. Ken shares the story, the tech behind it, and what’s next. Baby4D Intro Video [https://www.youtube.com/watch?v=n-_dyieiFvk] 00:30 – Introduction FLock.io [http://FLock.io] — the world’s first decentralized AI model training platform for transforming ultrasound scans into lifelike baby images. 01:40 – What is Baby4D? 02:48 – The Inspiration: A Father’s Story 04:30 – The Tech Behind Baby4D 06:05 – Accuracy vs. Emotion 07:35 – Real User Reactions 08:55 – How It Works: User Experience 10:08 – Ethics and Data Privacy 11:30 – Powered by FLock.io’s Decentralized AI 12:25 – What’s Next for Baby4D? 13:35 – From the UK to the World —— Moderator: Sameeha [https://x.com/sameeha_rehman] Twitter: https://x.com/flock_io [https://x.com/flock_io] Discord: https://discord.gg/8NCwYn2Ype [https://discord.gg/8NCwYn2Ype] *The views and opinions expressed by guests on this podcast are their own and do not constitute any investment advice.

17 de jun de 202515 min