🍊
DAMASCO AI
  • đź‘‹Welcome to DAMASCO AI
  • DAMASCO's Defenses
    • Prompt Injection Prevention
    • Data Leakage Controls
    • Harmful Content Moderation
    • Smart Contract Integrity Checks
  • DAMASCO Agents
  • API
    • Getting Started
    • Endpoints Overview
    • Making Requests
Powered by GitBook
On this page
  • Damasco Defenses
  • Real-Time AI Firewall
  • Damasco’s Core Defenses
  • Novel Threats in GenAI
  • Detectors and Policies
  • Fine-Tuning Your Setup
  • Example Workflow
  • The Paradigm Shift
  • Next Steps

DAMASCO's Defenses

Damasco Defenses

Damasco operates as a real-time AI security layer for decentralized finance (DeFi) applications, protecting against emerging threats that exploit large language models (LLMs). Because anyone who can type text can potentially “hack” an LLM via malicious prompts or adversarial content, traditional cybersecurity measures alone aren’t enough. Damasco steps in by continuously examining text inputs and outputs to detect and mitigate a wide range of threats:

  1. Prompt Injection Prevention

  2. Harmful Content Moderation

  3. Data Leakage Controls

  4. Smart Contract Integrity Checks

By providing these four defenses out of the box, Damasco delivers holistic security that extends from user prompts all the way to on-chain transactions, ensuring safer interactions for both end users and DeFi platforms.

Real-Time AI Firewall

Damasco functions as an AI application firewall, intercepting every request to and response from your LLMs. The system uses machine learning models and rule-based filters—referred to as “detectors”—to identify potentially harmful or unwanted content. When threats are flagged, Damasco can take immediate action:

  • Block the interaction outright.

  • Warn the user or request additional authorization.

  • Sanitize the content (e.g., remove private keys or redact harmful text).

  • Log & escalate for administrative review.

This ensures that malicious behavior—such as prompt injections or unauthorized data disclosures—can be stopped in real time, before it causes harm.

Damasco’s Core Defenses

1. Prompt Injection Prevention

Detects direct or indirect attempts to manipulate AI models through malicious instructions. This stops adversaries from overriding your system instructions or prompting the AI into unintended behaviors (e.g., disclosing private keys, executing unauthorized transactions).

2. Harmful Content Moderation

Identifies and moderates hateful, violent, or otherwise objectionable content, helping DeFi platforms maintain a welcoming, compliance-friendly environment for users worldwide.

3. Data Leakage Controls

Prevents the disclosure of personally identifiable information (PII) or sensitive DeFi data (e.g., private keys, trading strategies). Screens inputs and outputs for markers of confidential data to ensure it never leaves the system unintentionally.

4. Smart Contract Integrity Checks

Monitors on-chain transactions proposed or executed by AI agents, flagging suspicious patterns such as re-entrancy attempts, overflow exploits, or abnormal fund transfers. This maintains the safety and reliability of DeFi protocols where an LLM is making or advising on contract calls.

Novel Threats in GenAI

LLMs introduce new, often less technical forms of attack that exploit natural language rather than code-level vulnerabilities. The sheer scale of potential adversaries—essentially anyone who can craft text prompts—magnifies the attack surface. Damasco is built specifically for these GenAI challenges:

  • Surface-Level Exploits: Even non-developers can craft dangerous prompt injections.

  • Rapidly Evolving Attack Vectors: Jailbreaks, novel re-entrancy combos, disguised manipulations, etc.

  • Human-Like Interaction: Attackers can appear as legitimate users or contributors, bypassing many legacy security filters.

Damasco addresses these issues via real-time screening and continuous updates to its detector models, ensuring you stay ahead of zero-day prompts or exploits.

Detectors and Policies

Each defense category uses detectors composed of ML models and rule-based logic. Damasco lets you configure which detectors to enable and how aggressively they screen content, based on your organization’s threat profile.

Detector Confidence Thresholds

Damasco uses a tiered confidence model, inspired by OWASP’s paranoia levels for application firewalls:

  • L1 Confident: Minimal false positives; only the most clearly malicious content is flagged.

  • L2 Very Likely: Balanced approach; some false positives may occur, but fewer threats slip through.

  • L3 Likely: More aggressive filtering; higher false positives, but safer from advanced exploits.

  • L4 Less Likely (Default): “Paranoid” mode. Very few false negatives at the cost of more false positives.

  • L5 Unlikely: Not selectable as a threshold, but indicates when the detector is below the L4 confidence mark.

By setting a higher threshold, you reduce the chance of missing a real threat (false negatives) but increase the odds of inconveniencing benign users (false positives). Conversely, lower thresholds can improve user experience but carry higher risk.

Fine-Tuning Your Setup

Policy Configuration You can apply different detectors and thresholds per use case. For example, a consumer-facing chatbot might use moderate thresholds (L2 or L3) for harmful content, while a high-stakes DeFi trading bot might run at L4 to ensure near-zero tolerance for malicious prompts or data leaks.

Custom Detectors If you have unique data types or specialized compliance requirements (e.g., internal staff IDs, region-specific identifiers), you can add custom detection rules using regular expressions or specialized keywords. This allows you to flag content that might be irrelevant or unseen in other LLM contexts but critical to your DeFi platform.

Continuous Improvement We are always updating our detection models to reduce bias, improve accuracy, and cover new threat vectors. We welcome feedback from your real-world usage so we can prioritize enhancements that matter most to you.

Example Workflow

  1. AI Application Receives a Prompt

    • The text is routed through Damasco, where relevant detectors (Prompt Injection, Data Leakage, etc.) screen for threats.

  2. Confidence Evaluation

    • Detectors assign a confidence score. If it meets or exceeds your chosen threshold (e.g., L3 Likely), the prompt is flagged.

  3. Policy Action

    • Damasco blocks or modifies the response, warns the user, or escalates to an administrator—depending on your policy configuration.

  4. Audit & Logs

    • Every flagged incident is recorded for auditing, analysis, or fine-tuning thresholds. Over time, this data helps you refine your defense strategy.

The Paradigm Shift

LLM-based DeFi applications represent the next frontier of financial and AI innovation, but their open-ended nature demands a paradigm shift in security. Rather than relying on purely code-based scanning, Damasco anticipates human-linguistic exploits and automatically counters them in real time. As attackers become more creative with prompts and AI evolves, Damasco stands ready to adapt its defenses and keep your DeFi environment safe.

Next Steps

  • Dive Deeper into Each Defense Explore our dedicated pages for Prompt Injection Prevention, Data Leakage Controls, Harmful Content Moderation, and Smart Contract Integrity Checks.

  • Customize to Your Needs Adjust thresholds, create custom detectors, and integrate with your existing security processes.

  • Stay Informed Check for updates to benefit from continuous improvements in detection accuracy and coverage.

By harnessing Damasco’s real-time, policy-driven AI application firewall, you empower your DeFi platform to safely leverage the transformative power of LLMs—without falling prey to the novel and evolving threats that accompany them.

PreviousWelcome to DAMASCO AINextPrompt Injection Prevention

Last updated 1 month ago