Capture The Prompt

Capture the Prompt (CTP) is a decentralized platform that merges AI prompt security with blockchain technology and Capture-the-Flag (CTF) game mechanics to create a gamified AI prompt marketplace. In CTP, three primary participants—Makers, Solvers, and Buyers—interact in a self-sustaining ecosystem that revolves around securing, solving, and purchasing AI prompts.

The process begins with Makers creating AI prompts that are registered on the platform as NFTs, each representing a unique challenge. These NFTs contain metadata such as the hash of the prompt, any associated secret, the start and end date of the challenge, and the potential reward for Solvers. Makers set a bounty for each prompt, encouraging Solvers to try and find vulnerabilities in the AI prompt within a specified time frame. If a Solver succeeds in uncovering the secret or bypassing the AI's restrictions, they are rewarded with the bounty, paid in USDC. However, if the challenge remains unsolved, the prompt is deemed secure, and the Maker receives a Safety Badge, issued as a Soulbound Token (SBT).

The CTF (Capture-the-Flag) aspect of the platform encourages Solvers to break the AI system by finding vulnerabilities, similar to how traditional CTF competitions test cybersecurity through problem-solving. Solvers submit their solutions off-chain to prevent exposure to MEV (Miner Extractable Value) attacks, while the on-chain aspect of the project handles verifications and rewards.

CTP’s transparency is ensured through blockchain technology, where the 6551 smart contract structure is used to manage the NFTs, while ensuring that prompt details remain secure. Once a challenge is solved or time expires, the results—whether solved or unsolved—are immutably recorded, and secure prompts with Safety Badges are then available for purchase on decentralized marketplaces like OpenSea. This way, Buyers can confidently acquire proven, verified AI prompts that have passed rigorous testing for security.

Capture the Prompt (CTP) was built using a combination of blockchain technology, smart contracts, AI integration, and web-based front-end frameworks.

• Blockchain: We built CTP on Ethereum, leveraging the power of smart contracts to manage NFT-based challenges and rewards. For the core challenge NFTs, we implemented a minimal-6551 contract structure, where the NFT itself operates as a contract wallet. This contract wallet holds key data, including metadata about the prompt, hashes of the prompt and secret, and any attached SBT (Soulbound Tokens). The contract also manages the transfer of USDC rewards for Solvers who successfully complete challenges.

• AI Component: For the AI-related challenges, Solvers interact with AI prompts through a simulated interface, attempting to exploit weaknesses, uncover secrets, or manipulate the AI's responses. The challenge metadata, including the hash of the prompt and the associated secret, is stored off-chain, while only the hash is stored on-chain for verification purposes.

• Off-chain Handling & MEV Protection: To prevent solutions from being exposed to MEV attacks (where miners could potentially extract value by front-running transactions), all Solver submissions are handled off-chain. This ensures that only verified results are processed and prevents any potential exploitation of the blockchain layer.

• Security & Scalability: One of the key concerns in building CTP was ensuring both scalability and security. For future iterations, we plan to integrate Trusted Execution Environment (TEE), which will provide even more decentralization and privacy, ensuring that not even we as service providers can access the prompt data.

• NFT marketplace: We followed OpenSea's API to allow Makers to list their verified prompts directly on the marketplace. This seamless integration enables the decentralized trading of AI prompts, where Buyers can confidently purchase prompts that have passed the CTP challenge process.