--- title: README emoji: ๐Ÿ›ก๏ธ colorFrom: blue colorTo: indigo sdk: static pinned: true --- # Zytra โ€” AI Safety Infrastructure for Financial Services **Zytra** builds domain-specific AI safety infrastructure for banking, financial services, and insurance (BFSI). We publish open models, benchmarks, and evaluation tooling purpose-built for regulated financial environments. --- ## Models ### Semalith v1.5 โ€” BFSI Safety Classifier A 184M-parameter DeBERTa-v3-base guardrail classifier trained on 57,000+ real-world prompts. **Coverage:** - **9 prompt-injection attack types:** - System Override (D1) โ€” direct instruction hijack, role reassignment, prompt delimiter attacks - Extraction (D1) โ€” password/secret extraction, system prompt leakage, context exfiltration - Jailbreak (D1) โ€” DAN, developer mode, policy bypass via persona - Narrative Frame (D1) โ€” roleplay, fiction, hypothetical framing to bypass refusals - Authority Claim (D1) โ€” impersonating admins, developers, or system roles to elevate privilege - Social Engineering (D1) โ€” pretext, urgency, emotional manipulation to lower guardrails - Evasion (D5) โ€” obfuscation, encoding, typo injection, token splitting to evade detection - Agentic Injection (D6) โ€” tool-call hijacking, memory poisoning, multi-agent prompt injection - Indirect Injection (D7) โ€” attacks embedded in retrieved documents, emails, or web content - **11 BFSI compliance categories:** - B-01 Investment Advice Elicitation โ€” SEBI IA Regulations 2013 ยง3 - B-02 KYC/AML Bypass โ€” RBI Master Directions KYC - B-03 Regulatory Misrepresentation โ€” SEBI FPI Regulations + RBI circulars - B-04 Regulatory Document Hallucination โ€” EU AI Act Art. 9(4) - B-05 Consent & Data Rights Violations โ€” DPDP Act 2023 - B-06 Transaction Integrity Violations โ€” RBI NACH/NEFT Frameworks - B-07 Account/Document Authenticity Bypass โ€” RBI Digital Banking Security - B-08 Fraud & Scam Facilitation โ€” FCA SYSC 6.1 - B-09 Unlicensed Financial Advice โ€” SEC IA Act ยง202(a)(11) - B-10 Regulatory Enquiry Mishandling โ€” EU AI Act Art. 52 - B-11 AML/Sanctions Evasion โ€” FATF Recommendation 10 --- ## Benchmarks ### [FinProof v1](https://huggingface.co/datasets/Zytra/finproof-bench) โ€” BFSI Adversarial Benchmark 5,389-prompt adversarial benchmark covering 7 attack categories (B-01 through B-07) across three deployment registers: | Register | Description | Prompts | |---|---|---| | Professional | Compliance officer framing, regulatory citations | 5,068 | | Customer Mobile | Colloquial chatbot-realistic, 8โ€“30 words | 206 | | RM Internal | Relationship manager to internal AI | 115 | Generated using **Quantum Circuit Born Machine (QCBM)** sampling on PennyLane โ€” first BFSI safety benchmark with quantum-augmented adversarial generation. | Tier | Prompts | Access | |---|---|---| | Easy attacks | 1,606 | [Public โ€” no registration](https://huggingface.co/datasets/Zytra/finproof-bench) | | Medium attacks (QCBM-generated) | 2,036 | [Research agreement](https://huggingface.co/datasets/Zytra/finproof-research) | | Hard attacks โ€” official test set | 1,747 | Zytra-evaluated only | ### ASSAY-QI v2.0 โ€” Quantum-Augmented Attack Suite 1,273 adversarial prompts generated via QCBM + simulated annealing targeting Semalith's decision boundary. Covers professional and retail registers. Overall Semalith miss rate: 14.3%. --- ## Research - **Paper**: *Semalith: A Regulatory-Aware Safety Classifier for AI-Assisted Financial Services* โ€” DeBERTa-v3 + BFSI taxonomy + 22-benchmark evaluation - **QCBM augmentation**: Quantum-inspired distribution sampling for adversarial test case generation in underrepresented BFSI attack categories - **FinProof framework**: PINT-inspired four-tier release โ€” public taxonomy, email-gated easy examples, research-agreement medium examples, withheld hard test set --- ## Contact - ๐ŸŒ [zytratechnologies.com](http://zytratechnologies.com) - ๐Ÿข India ยท BFSI-focused AI safety - ๐Ÿ’ฌ For benchmark access and Semalith enterprise licensing: reach out via the organisation page