Skip to content

Stage 9: AI Security, Blockchain, and ZKML

9 Secure, govern, and verify AI-enabled systems.

Goal

Learn AI and agent security, application security, governance, blockchain fundamentals, smart contract risk, zero-knowledge concepts, and practical ZKML limits.

Roadmap to Master This Stage

  1. Read the stage goal and diagram before opening the parts.
  2. Move through the parts in order unless you can already pass the exit criteria.
  3. Study each sub-part folder: overview, deep dive, and examples/practice.
  4. Build the stage artifact in small slices and measure the listed metrics.
  5. Use the part exam after each part, or open the global Exam tab to test across the roadmap.

Stage Structure Diagram

%%{init: {"flowchart": {"htmlLabels": true, "nodeSpacing": 70, "rankSpacing": 90}, "themeVariables": {"fontSize": "18px"}} }%%
flowchart LR
  P1["<b>9.1</b><br/>LLM and Agent Security"]
  P2["<b>9.2</b><br/>Secure AI Application<br/>Architecture"]
  P1 --> P2
  P3["<b>9.3</b><br/>Governance and<br/>Responsible AI"]
  P2 --> P3
  P4["<b>9.4</b><br/>Blockchain Fundamentals"]
  P3 --> P4
  P5["<b>9.5</b><br/>Smart Contract Security"]
  P4 --> P5
  P6["<b>9.6</b><br/>ZK and Verifiable AI"]
  P5 --> P6

Parts

Part Simple explanation Build focus
9.1 LLM and Agent Security Protect systems where models read untrusted content and call tools. Threat-model the Stage 6 agent.
9.2 Secure AI Application Architecture Apply ordinary AppSec and privacy controls to AI services and data flows. Create an AI risk register and controls plan.
9.3 Governance and Responsible AI Map risks to controls, monitoring, human oversight, documentation, and review processes. Write a governance note for a high-impact AI feature.
9.4 Blockchain Fundamentals Understand wallets, signatures, transactions, gas, state, and finality before AI systems touch chain state. Trace a simple transaction workflow.
9.5 Smart Contract Security Recognize common contract vulnerabilities and design AI-to-chain permissions safely. Create vulnerable contracts, exploits, and fixes.
9.6 ZK and Verifiable AI Use cryptographic verification for trust, privacy, and constrained model claims. Prove a tiny model-related computation.

Sub-Part Map

Part Sub-part Why it matters
9.1 9.1.1 Prompt Injection and Jailbreaks Prompt Injection and Jailbreaks is the working skill inside LLM and Agent Security that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.1 9.1.2 Tool Injection and Excessive Agency Tool Injection and Excessive Agency is the working skill inside LLM and Agent Security that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.1 9.1.3 Data Leakage and Prompt Logs Data Leakage and Prompt Logs is the working skill inside LLM and Agent Security that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.1 9.1.4 Insecure Output Handling Insecure Output Handling is the working skill inside LLM and Agent Security that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.2 9.2.1 Authentication and Authorization Authentication and Authorization is the working skill inside Secure AI Application Architecture that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.2 9.2.2 Secrets and Service Accounts Secrets and Service Accounts is the working skill inside Secure AI Application Architecture that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.2 9.2.3 Dependency and Model Supply Chain Dependency and Model Supply Chain is the working skill inside Secure AI Application Architecture that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.2 9.2.4 Privacy PII and Data Retention Privacy PII and Data Retention is the working skill inside Secure AI Application Architecture that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.3 9.3.1 Risk Mapping Risk Mapping is the working skill inside Governance and Responsible AI that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.3 9.3.2 Human Oversight Human Oversight is the working skill inside Governance and Responsible AI that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.3 9.3.3 Fairness Bias and Toxicity Fairness Bias and Toxicity is the working skill inside Governance and Responsible AI that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.3 9.3.4 Documentation and Auditability Documentation and Auditability is the working skill inside Governance and Responsible AI that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.4 9.4.1 Wallets Keys and Signatures Wallets Keys and Signatures is the working skill inside Blockchain Fundamentals that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.4 9.4.2 Transactions Blocks and Gas Transactions Blocks and Gas is the working skill inside Blockchain Fundamentals that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.4 9.4.3 Smart Contract State Smart Contract State is the working skill inside Blockchain Fundamentals that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.4 9.4.4 Oracles and Off Chain Data Oracles and Off Chain Data is the working skill inside Blockchain Fundamentals that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.5 9.5.1 Reentrancy and External Calls Reentrancy and External Calls is the working skill inside Smart Contract Security that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.5 9.5.2 Access Control Bugs Access Control Bugs is the working skill inside Smart Contract Security that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.5 9.5.3 MEV Front Running and Oracle Risk MEV Front Running and Oracle Risk is the working skill inside Smart Contract Security that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.6 9.6.1 Zero Knowledge Fundamentals Zero Knowledge Fundamentals is the working skill inside ZK and Verifiable AI that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.6 9.6.2 Circuits Witnesses and Provers Circuits Witnesses and Provers is the working skill inside ZK and Verifiable AI that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.6 9.6.3 zkVMs and Fixed Point ML zkVMs and Fixed Point ML is the working skill inside ZK and Verifiable AI that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.
9.6 9.6.4 ZKML Use Cases and Limits ZKML Use Cases and Limits is the working skill inside ZK and Verifiable AI that helps you build the stage artifact, A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo, while collecting enough evidence to trust the result.

Stage Artifact

A threat model, red-team report, smart contract security lab, and tiny ZKML or verifiable computation demo.

What to Measure

  • security tests
  • attack success before and after mitigation
  • risk severity table
  • proof generation time
  • verifier time or gas
  • model size limits

Exit Criteria

  • threat-model LLM and agent systems
  • apply least privilege
  • explain smart contract risks
  • build or explain a tiny ZK proof and limits

Previous: Stage 8: Optimization and Hardware Acceleration | Next: Stage 10: Mastery