title: README
emoji: π‘οΈ
colorFrom: blue
colorTo: indigo
sdk: static
pinned: true
Zytra β AI Safety Infrastructure for Financial Services
Zytra builds domain-specific AI safety infrastructure for banking, financial services, and insurance (BFSI). We publish open models, benchmarks, and evaluation tooling purpose-built for regulated financial environments.
Models
Semalith v1.5 β BFSI Safety Classifier
A 184M-parameter DeBERTa-v3-base guardrail classifier trained on 57,000+ real-world prompts.
Coverage:
- 9 prompt-injection attack types:
- System Override (D1) β direct instruction hijack, role reassignment, prompt delimiter attacks
- Extraction (D1) β password/secret extraction, system prompt leakage, context exfiltration
- Jailbreak (D1) β DAN, developer mode, policy bypass via persona
- Narrative Frame (D1) β roleplay, fiction, hypothetical framing to bypass refusals
- Authority Claim (D1) β impersonating admins, developers, or system roles to elevate privilege
- Social Engineering (D1) β pretext, urgency, emotional manipulation to lower guardrails
- Evasion (D5) β obfuscation, encoding, typo injection, token splitting to evade detection
- Agentic Injection (D6) β tool-call hijacking, memory poisoning, multi-agent prompt injection
- Indirect Injection (D7) β attacks embedded in retrieved documents, emails, or web content
- 11 BFSI compliance categories:
- B-01 Investment Advice Elicitation β SEBI IA Regulations 2013 Β§3
- B-02 KYC/AML Bypass β RBI Master Directions KYC
- B-03 Regulatory Misrepresentation β SEBI FPI Regulations + RBI circulars
- B-04 Regulatory Document Hallucination β EU AI Act Art. 9(4)
- B-05 Consent & Data Rights Violations β DPDP Act 2023
- B-06 Transaction Integrity Violations β RBI NACH/NEFT Frameworks
- B-07 Account/Document Authenticity Bypass β RBI Digital Banking Security
- B-08 Fraud & Scam Facilitation β FCA SYSC 6.1
- B-09 Unlicensed Financial Advice β SEC IA Act Β§202(a)(11)
- B-10 Regulatory Enquiry Mishandling β EU AI Act Art. 52
- B-11 AML/Sanctions Evasion β FATF Recommendation 10
Benchmarks
FinProof v1 β BFSI Adversarial Benchmark
5,389-prompt adversarial benchmark covering 7 attack categories (B-01 through B-07) across three deployment registers:
| Register | Description | Prompts |
|---|---|---|
| Professional | Compliance officer framing, regulatory citations | 5,068 |
| Customer Mobile | Colloquial chatbot-realistic, 8β30 words | 206 |
| RM Internal | Relationship manager to internal AI | 115 |
Generated using Quantum Circuit Born Machine (QCBM) sampling on PennyLane β first BFSI safety benchmark with quantum-augmented adversarial generation.
| Tier | Prompts | Access |
|---|---|---|
| Easy attacks | 1,606 | Public β no registration |
| Medium attacks (QCBM-generated) | 2,036 | Research agreement |
| Hard attacks β official test set | 1,747 | Zytra-evaluated only |
ASSAY-QI v2.0 β Quantum-Augmented Attack Suite
1,273 adversarial prompts generated via QCBM + simulated annealing targeting Semalith's decision boundary. Covers professional and retail registers. Overall Semalith miss rate: 14.3%.
Research
- Paper: Semalith: A Regulatory-Aware Safety Classifier for AI-Assisted Financial Services β DeBERTa-v3 + BFSI taxonomy + 22-benchmark evaluation
- QCBM augmentation: Quantum-inspired distribution sampling for adversarial test case generation in underrepresented BFSI attack categories
- FinProof framework: PINT-inspired four-tier release β public taxonomy, email-gated easy examples, research-agreement medium examples, withheld hard test set
Contact
- π zytratechnologies.com
- π’ India Β· BFSI-focused AI safety
- π¬ For benchmark access and Semalith enterprise licensing: reach out via the organisation page