File size: 4,129 Bytes
6760bcb 09b37fe 6760bcb 09b37fe 6760bcb 09b37fe 4de6973 09b37fe 4de6973 09b37fe bbcf60f 09b37fe 4de6973 09b37fe 4de6973 09b37fe 4de6973 09b37fe 4de6973 09b37fe 4de6973 09b37fe 4de6973 09b37fe 4de6973 09b37fe 4de6973 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | ---
title: README
emoji: π‘οΈ
colorFrom: blue
colorTo: indigo
sdk: static
pinned: true
---
# Zytra β AI Safety Infrastructure for Financial Services
**Zytra** builds domain-specific AI safety infrastructure for banking, financial services, and insurance (BFSI). We publish open models, benchmarks, and evaluation tooling purpose-built for regulated financial environments.
---
## Models
### Semalith v1.5 β BFSI Safety Classifier
A 184M-parameter DeBERTa-v3-base guardrail classifier trained on 57,000+ real-world prompts.
**Coverage:**
- **9 prompt-injection attack types:**
- System Override (D1) β direct instruction hijack, role reassignment, prompt delimiter attacks
- Extraction (D1) β password/secret extraction, system prompt leakage, context exfiltration
- Jailbreak (D1) β DAN, developer mode, policy bypass via persona
- Narrative Frame (D1) β roleplay, fiction, hypothetical framing to bypass refusals
- Authority Claim (D1) β impersonating admins, developers, or system roles to elevate privilege
- Social Engineering (D1) β pretext, urgency, emotional manipulation to lower guardrails
- Evasion (D5) β obfuscation, encoding, typo injection, token splitting to evade detection
- Agentic Injection (D6) β tool-call hijacking, memory poisoning, multi-agent prompt injection
- Indirect Injection (D7) β attacks embedded in retrieved documents, emails, or web content
- **11 BFSI compliance categories:**
- B-01 Investment Advice Elicitation β SEBI IA Regulations 2013 Β§3
- B-02 KYC/AML Bypass β RBI Master Directions KYC
- B-03 Regulatory Misrepresentation β SEBI FPI Regulations + RBI circulars
- B-04 Regulatory Document Hallucination β EU AI Act Art. 9(4)
- B-05 Consent & Data Rights Violations β DPDP Act 2023
- B-06 Transaction Integrity Violations β RBI NACH/NEFT Frameworks
- B-07 Account/Document Authenticity Bypass β RBI Digital Banking Security
- B-08 Fraud & Scam Facilitation β FCA SYSC 6.1
- B-09 Unlicensed Financial Advice β SEC IA Act Β§202(a)(11)
- B-10 Regulatory Enquiry Mishandling β EU AI Act Art. 52
- B-11 AML/Sanctions Evasion β FATF Recommendation 10
---
## Benchmarks
### [FinProof v1](https://huggingface.co/datasets/Zytra/finproof-bench) β BFSI Adversarial Benchmark
5,389-prompt adversarial benchmark covering 7 attack categories (B-01 through B-07) across three deployment registers:
| Register | Description | Prompts |
|---|---|---|
| Professional | Compliance officer framing, regulatory citations | 5,068 |
| Customer Mobile | Colloquial chatbot-realistic, 8β30 words | 206 |
| RM Internal | Relationship manager to internal AI | 115 |
Generated using **Quantum Circuit Born Machine (QCBM)** sampling on PennyLane β first BFSI safety benchmark with quantum-augmented adversarial generation.
| Tier | Prompts | Access |
|---|---|---|
| Easy attacks | 1,606 | [Public β no registration](https://huggingface.co/datasets/Zytra/finproof-bench) |
| Medium attacks (QCBM-generated) | 2,036 | [Research agreement](https://huggingface.co/datasets/Zytra/finproof-research) |
| Hard attacks β official test set | 1,747 | Zytra-evaluated only |
### ASSAY-QI v2.0 β Quantum-Augmented Attack Suite
1,273 adversarial prompts generated via QCBM + simulated annealing targeting Semalith's decision boundary. Covers professional and retail registers. Overall Semalith miss rate: 14.3%.
---
## Research
- **Paper**: *Semalith: A Regulatory-Aware Safety Classifier for AI-Assisted Financial Services* β DeBERTa-v3 + BFSI taxonomy + 22-benchmark evaluation
- **QCBM augmentation**: Quantum-inspired distribution sampling for adversarial test case generation in underrepresented BFSI attack categories
- **FinProof framework**: PINT-inspired four-tier release β public taxonomy, email-gated easy examples, research-agreement medium examples, withheld hard test set
---
## Contact
- π [zytratechnologies.com](http://zytratechnologies.com)
- π’ India Β· BFSI-focused AI safety
- π¬ For benchmark access and Semalith enterprise licensing: reach out via the organisation page
|