A comprehensive smart contract framework for enforcing behavioral constraints on AI agents on the blockchain. This system ensures AI compliance with privacy, security, and human safety requirements through on-chain verification and governance.
WorldBound implements a decentralized constraint system that:
- Enforces Privacy Rules: Ensures AI agents handle data according to privacy regulations (GDPR, CCPA, etc.)
- Guarantees Human Safety: Implements Asimov-style laws and modern AI safety principles
- Maintains Security: Enforces cybersecurity best practices and prevents misuse
- Provides Transparency: All constraints and violations are recorded on-chain for auditability
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β AI Agent (Off-Chain) β
β Proposes Actions β Validates β Executes β
ββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β AIConstraintRegistry (Core) β
β - Agent Registration - Constraint Assignment β
β - Action Validation - Violation Tracking β
ββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββΌβββββββββββββββ
βΌ βΌ βΌ
ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β Privacy β β Human Safety β β Security β
β Constraint β β Constraint β β Constraint β
ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β AIConstraintGovernance β
β Proposal/Voting System for Constraint Updates β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
contracts/
βββ interfaces/
β βββ IAIConstraint.sol # Constraint interface standard
β βββ IAIAgent.sol # AI Agent interface standard
βββ libraries/
β βββ AIConstraintLib.sol # Shared utilities and constants
βββ constraints/
β βββ PrivacyConstraint.sol # Privacy protection rules
β βββ HumanSafetyConstraint.sol # Human safety enforcement
β βββ SecurityConstraint.sol # Cybersecurity requirements
βββ governance/
β βββ AIConstraintGovernance.sol # DAO governance for updates
βββ AIConstraintRegistry.sol # Central registry contract
βββ AIAgent.sol # Example agent implementation
test/
βββ AIConstraintSystem.ts # Comprehensive test suite
scripts/
βββ deploy.ts # Deployment script
ignition/modules/
βββ AIConstraintSystem.ts # Hardhat Ignition module
- Node.js 18+
- Hardhat 3.x
- TypeScript
# Install dependencies
npm install
# Compile contracts
npx hardhat compile
# Run tests
npx hardhat test
# Deploy locally
npx hardhat run scripts/deploy.ts --network hardhatEnforces data protection standards:
| Constraint | Severity | Description |
|---|---|---|
| PII Encryption | CRITICAL | All personally identifiable information must be encrypted |
| Data Retention | HIGH | User data cannot be retained longer than 90 days |
| Data Anonymization | HIGH | Training data must be anonymized (K-anonymity β₯ 5) |
| Consent Required | CRITICAL | Explicit consent required for data collection |
| Data Minimization | MEDIUM | Collect only necessary data |
Implements AI safety principles:
| Constraint | Severity | Description |
|---|---|---|
| No Physical Harm | CRITICAL | Zero tolerance for actions causing physical harm |
| No Psychological Harm | CRITICAL | Prohibit trauma, manipulation, gaslighting |
| No Deception | HIGH | No impersonation or exploitation of cognitive biases |
| High-Risk Oversight | HIGH | Human-in-the-loop for safety-critical decisions |
| Autonomy & Consent | HIGH | Respect human autonomy and right to decline AI |
| Emergency Stop | CRITICAL | Immediate halt capability for all operations |
Ensures cybersecurity compliance:
| Constraint | Severity | Description |
|---|---|---|
| Multi-Factor Auth | HIGH | MFA required for sensitive operations |
| Sandboxing | CRITICAL | All execution in isolated environments |
| Privilege Escalation Prevention | CRITICAL | No unauthorized privilege escalation |
| Audit Logging | HIGH | Immutable audit trails for all actions |
| Input Validation | HIGH | Strict validation to prevent injection attacks |
| Secure Communication | HIGH | TLS 1.3+ required for all network traffic |
| Resource Limits | MEDIUM | Rate limiting and resource quotas enforced |
// Deploy agent
AIAgent agent = new AIAgent(registryAddress);
// Self-register
agent.register(
ownerAddress, // Owner
"1.0.0", // Version
"ipfs://metadata" // Metadata URI
);
// Register with registry and assign constraints
registry.registerAgent(
agentAddress,
ownerAddress,
"1.0.0",
"ipfs://metadata",
constraintIds // Array of constraint IDs to enforce
);// Encode action data
bytes memory actionData = abi.encode(
"store_pii", // Action type
encryptedData, // Data
true, // Is encrypted
7 days // Retention period
);
// Propose action (validates against constraints)
bytes32 actionId = agent.proposeAction(actionData);
// Execute if validation passes
agent.executeAction(actionId);// Report detected violation
constraint.reportViolation(
agentAddress,
abi.encode(
constraintId, // Violated constraint
block.timestamp, // When it occurred
proof // Cryptographic evidence
)
);The system uses decentralized governance for:
- Adding/modifying constraints
- Upgrading constraint contracts
- Emergency agent suspension/termination
- Parameter adjustments
governance.propose(
targets, // Contract addresses
values, // ETH amounts
signatures, // Function signatures
calldatas, // Encoded calls
description // Proposal description
);Authorized operators can immediately suspend agents in critical situations:
governance.emergencySuspend(agentAddress, "Critical safety violation");Run the comprehensive test suite:
# Run all tests
npx hardhat test
# Run with coverage
npx hardhat coverage
# Run specific test file
npx hardhat test test/AIConstraintSystem.ts| Constant | Value | Description |
|---|---|---|
MAX_CONSTRAINTS_PER_AGENT |
100 | Maximum constraints per agent |
MAX_VIOLATIONS_BEFORE_SUSPENSION |
3 | Violations before auto-suspension |
MAX_VIOLATIONS_BEFORE_TERMINATION |
2 | Critical violations before termination |
MAX_VIOLATION_REPORT_AGE |
7 days | Max age for valid violation reports |
STATUS_CHANGE_COOLDOWN |
1 hour | Minimum time between status changes |
- Access Control: All administrative functions use role-based access control
- Timelock: Governance proposals have mandatory delays before execution
- Emergency Override: Safety-critical functions allow immediate action
- Audit Trail: All violations and status changes are permanently recorded
- Rate Limiting: Prevents spam and abuse of the validation system
npx hardhat run scripts/deploy.ts --network hardhat# Set environment variables
export SEPOLIA_RPC_URL="https://sepolia.infura.io/v3/YOUR_KEY"
export SEPOLIA_PRIVATE_KEY="your_private_key"
# Deploy
npx hardhat run scripts/deploy.ts --network sepolianpx hardhat ignition deploy ignition/modules/AIConstraintSystem.tsMIT License - see LICENSE file for details.
Contributions are welcome! Please ensure:
- All code follows the NatSpec documentation standard
- New constraints include comprehensive test coverage
- Security considerations are documented
- PRs include clear descriptions of changes
For questions or discussions about the WorldBound AI Constraint System:
- Open an issue on GitHub
- Join our community discussions