Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

What is OGONG

OGONG is a network where anyone can serve AI inference from their own GPU and get paid, and where the correctness of every answer is checked by the protocol instead of taken on faith.

The problem

There are far more capable GPUs in the world than any single company runs. So why does inference still concentrate inside a handful of big providers? Not because compute is scarce. It’s because trust is.

If you pay an anonymous machine for an answer, how do you know it actually ran the model you asked for? It could quietly swap in a cheaper, smaller model. It could hand back a stale cached reply. It could just run the model badly. You’d have no way to tell. That uncertainty is what forced inference to huddle inside a few operators you simply have to trust.

The fix

OGONG makes a stranger’s GPU safe to pay, using two ideas:

  1. Cheap verification. Providers commit to their work (a compact fingerprint of how they produced the answer), and an independent verifier re-checks it by teacher-forcing a single pass over the answer, with no re-generation. Checking is far cheaper than generating (about 100x cheaper), so the network can verify nearly everything.
  2. Hardware attestation (for privacy). A provider running inside a secure enclave (a TEE) can prove, with a hardware-signed certificate, exactly what code and model it’s running, and that the operator can’t even read your prompt.

Money rides on top of this: the consumer’s payment sits in escrow and is only released after the answer passes its check and a quorum of validators co-signs.

How an answer flows

consumer ──▶ gateway ──▶ router ──▶ provider (GPU + model)
                                        │  commits its work, signs a record
                                        ▼
                                   validator ──▶ audits a random sample
                                        │             (verifier re-runs it)
                                        ▼
                                   escrow ──▶ quorum co-signs ──▶ provider paid
  • The provider serves the model and commits a checkable record of what it produced.
  • A validator audits a random slice of that work and, on success, co-signs payment.
  • The chain holds the escrow and only releases on a validator quorum.

See Network roles for what each piece does, and How verification works for the checking mechanics.

More than text

OGONG verifies far more than chat. The same commit-and-check mechanism covers every modality a provider can serve:

  • Text and vision: chat completions, embeddings, and image-input (vision) prompts.
  • Image generation: diffusion image models.
  • Audio: music generation, text-to-speech (TTS), and speech-to-text (STT).
  • Video: latent video diffusion.

The trick that makes text cheap to verify carries to all of them. For diffusion, audio, and video, the provider commits a trajectory (the sampled denoising steps) and the verifier re-runs a single step to check it, so a full audit stays a small fraction of generation cost no matter the modality. See Images, audio & video for how that check works.

Bigger than one GPU

A model too large for any single GPU is served by a cohort of providers, each running a slice of its layers, each slice independently verified and paid. It is the capability that the whole zero-bond design exists to make possible. See Split inference.

What OGONG is not

  • Not a hosted product. OGONG is an open protocol and a set of CLI binaries you run. (A separate hosted service may use the network, but that’s a different product.)
  • Not private by default. Privacy and verifiability are different things. Only the TEE tier hides your content from the operator; the Verified tier proves correctness on an ordinary GPU but the provider can still see what it serves. The docs are careful about this; see Trust tiers.