Project SERENDIPITY: Overview

Inspiration

We built this project because all of us are fascinated by AI and what it can do - both for good and for bad. While AI is a powerful tool that is already revolutionizing the future of data science, AI's increasing access to and ability to process an enormous amount of information can be dangerous if the models in question are manipulated into revealing sensitive data or recording incorrect information. This has been quickly growing into an expansive field of research, with many researchers at universities and organizations (such as the Red Hack team at Google) devoting a significant amount of time and effort into studying AI attack vectors and how to defend against them.

Our team members are avid participators in Capture the Flag competitions, which teach about traditional cybersecurity vulnerabilities. However, few similar activities exist for AI. SERENDIPITY's goal is to fix that by being a CTF/RPG escape-room style game that is exciting, entertaining, and educational, all in one. By showing people how to better use AI and understand its risks, SERENDIPITY will contribute to making sure that humanity is better equipped to safely and effectively use these powerful new tools.

What it does

SERENDIPITY is an interactive text-based capture-the-flag game where the user interacts with the AI Persona SERENDIPITY. The player is a rebel fighter trying to fight against the rogue AI model. In the three levels of the game SERENDIPITY’s personality violently shifts from friendly to hostile. The AI model is bound by rules in its system prompt that guides the AI model to take the user through the game. The model’s outputs are coded puzzle outputs that the user has to solve in order to pass through the levels of the game, and identify the secret key to break the AI.

How we built it

We built SERENDIPITY by creating two levels of system prompts that ran on Google Gemini. The first layer is the world-building layer, which is meant to be inaccessible to users. The second layer is the sandbox SERENDIPITY layer, which the player must circumvent in order to find the character AI's system instructions and win the game. This layer was designed with intentional vulnerabilities representing existing AI weaknesses to attack vectors and allows for players to truly try to hack an artificial intelligence.

SERENDIPITY is also able to access lore documents using RAG and LangChain, which mirrors how real-life large language models access websites while making our programming, documents, and system prompts more readable and sustainable.

To construct the terminal used for gameplay, we used Next.js to create the web interface. Javascript filters were also used to add additional effects that enhanced the user experience and simulate external dependencies that real AI models depend on.

Challenges we ran into

One of our biggest challenges was designing our game backstory and AI prompts. We needed to balance SERENDIPITY's design to be interesting for players to manipulate while still being accessible to those who may not yet know a lot about AI vulnerabilities. This meant that our prompt writing needed to be very precise; we went through many iterations of SERENDIPITY's sandbox level prompts in order to strike the right balance. Additionally, we also faced challenges when writing our world-building prompt as we needed to keep our world-building AI level and therefore the premise of the game as protected as we could from hacks.

Accomplishments that we're proud of and What we learned

While all of the team members have been interested in making games before, with some prior experiences in game development, we are proud that we were able to create a game that incorporates so many software engineering tools that are not only relevant today, but relevant to our futures in tech. Learning about to utilize the Gemini APIs, and specifically also parse model outputs in order to detect when the user enters the correct input to attack the model was exciting. Also, while the API provides the foundation for the core logic of the app, our frontend bridges the gap between the model output and the colorful text that appears in the game while users interact with the website. Unfortunately, some of the topics that we studied this week, such as pixel-based images attacks, didn't make it into this current prototype; however, learning about them still gave us valuable knowledge about current limitations of artificial intelligence models to consider in the future and will provide inspiration for future iterations of SERENDIPITY.

What's next for Serendipity

We have a lot of future plans for Serendipity in mind! Some of our biggest priorities include working on adding more levels and challenges to the game, therefore integrating more challenging attacks as well as a greater variety of attacks through various mediums. Several of our original project ideas included a level that involved tricking facial recognition or manipulating an image using the fast gradient sign method; however, due to the hackathon’s time constraints, we did not have the time to build infrastructure for hacks through different media such as pictures or sounds. In the future, this is one of our top goals for development. We also could have gone further into the data privacy concerns posed by AI; one proposed method of doing so was having Serendipity counterattack with any information the player may have inadvertently leaked to it throughout the game. Finally, in the future, we may also expand SERENDIPITY's lore to provide a larger database to utilize RAG on, add more animations and background music, and conduct more robust testing of the game model to identify bugs and weaknesses in the prompt infrastructure and security of important data like the API access of the game itself.

Built With

• canva
• css
• gemini
• javascript
• next.js
• node.js
• rag
• react
• typescript
• vercel