At FLock.io, we are sometimes asked: “Why do you need a blockchain for your technology? Is this traditional AI wrapped in a crypto buzzword?”.

The answer is: definitely not. Blockchain is essential to our delivery of collaborative but secure models, and it has little to do with crypto cliches. It’s so paramount that we’re named after it: FLock stands for Federated Learning on Blockchain. Here’s why decentralised FL (deFL) is infinitely more scalable and secure than centralised FL (ceFL). 

The concept of federated learning (FL) was invented by Google in 2016. Instead of collecting vast amounts of sensitive data into a single, central location, federated learning lets multiple entities collaboratively train a model by bringing the training process directly to the data – then just collecting the updates, not the raw data.

[ 👋 Hi there! If you’re here to find out more about FLock.io, follow us on X, read our docs and sign up to AI Arena on train.flock.io]

The weaknesses of ceFL: a selfish central server, security risks and biased model output

Traditional FL is presented as a cure-all for what centralised AI comes under fire for – but in reality, the ceFL of today is riddled with weaknesses, bottlenecks and ethical question marks.

CeFL is controlled by tech giants like Apple and Google, which are plagued by a black box problem of opaque decision-making. Trust in such corporations is faltering as they put profit margins before public good, and exclude the community in determining the direction of AI development. Updates are sent to a central server, which monetises everything and grants no ownership to contributing nodes.

Problematically, it is in fact technologically viable to expose the base ceFL node’s data. Just like with other kinds of centralised AI, there is also a single point of failure which carries hazards for data privacy and security.

In ceFL, the model output can end up being biased because the central server has the final say. A central server coordinates the entire training process, dictates which nodes can join, and determines the validation set (the “correct” outcome).

This is dangerous because the central server – not the collective participants – has the sole authority to decide if an aggregated model is an improvement. This can result in biased models aligned with the central server's objectives, a problem exacerbated by the fact that fewer people are allowed to join as training nodes.

In a cartoon strip, Google AI presents FL as a privacy-preserving technique that can win back a tech company’s users at a time when their “brand is in shambles” from a “privacy nightmare”. 

The best data lives right here at the source: on the devices we use every day. FL lets us train a smarter centralised model on decentralised data, without ever collecting your sensitive data. It trains on your data in just a few minutes, then sends its training results (not your raw data) to the central server.

In essence, a central supervising node orchestrates the collaborative training of a model across multiple client devices. The server distributes a global model, and clients train it locally on each device before sending model updates back to the server which aggregates them to create an improved model. The updates are encrypted, and secure aggregation enables the server to combine the encrypted results, and only decrypt the aggregate.

But as the cartoon confesses, a core security weakness remains with ceFL: it’s technologically possible for the server to access raw data from the individual nodes. In a ceFL system, the training nodes are isolated from each other but can be exposed to the central authority. While this is useful for catching out malicious actors, it creates a significant privacy risk.

The existence of such a weakness requires participants to simply trust the central entity for security. This prevents high-value data silos (e.g., competing banks, hospitals) from ever joining, severely limiting the quality and diversity of the model as the network cannot grow.

A common application of ceFL is the keyboard autocompletion feature. The danger is clear: the company managing the server could potentially see everything you type.

FLock’s deFL blockchain solution: decentralisation, validation by consensus and incentive mechanism tokenomics

That’s where blockchain comes in. Blockchain is a core security and decentralisation tool that closes a whole array of loopholes. It solves systemic flaws inherent in traditional federated learning, making it more advanced and scalable. Unlike ceFL, deFL avoids using a central server to coordinate training and aggregate the updates. Instead, clients communicate model updates with their neighbour, decentralising the supervising node.

FLock.io uses blockchain to both protect user privacy and prevent malicious activity through a system of crypto incentives. We have enough mechanisms with rewards and penalties to form our very own sophisticated tokenomics. Read our blog about crypto incentives in deAI to find out more about the difference between crypto incentives in deAI and cryptocurrencies, and how such tokens drive participation.

Blockchain is powerful at mitigating malicious trainers, stopping them from carrying out “lookup attacks” to poison the FL model. It enforces a “Proof of Quality” consensus, secured by clever incentives. The specific problem FLock solves is this: if you have meaningful data, you should not need permission to participate in FL. We use algorithms and the blockchain to decide publicly, transparently, and democratically whose data qualifies for training and whose is unqualified and should be discarded. Contributors are incentivised, while those providing poor data are slashed. Because this involves economic incentives and penalties, a decentralised consensus mechanism is essential – no single entity can have the final say.

In our system, FL training nodes are randomly assigned as proposers and voters across multiple training rounds. These randomised voters validate new model proposals using their own local data, ensuring model quality. Only a model confirmed to be better is aggregated and adopted as the new base model for subsequent rounds. If malicious actors are identified, their staked $FLOCK tokens are slashed (i.e., forfeited). Conversely, if a model is accepted for aggregation, the proposers are rewarded with $FLOCK tokens and other incentives.

FLock's deFL cycle

Phase 1: registration. Stake $FLOCK to register as an FL node.

Phase 2: random assignment. Randomly assign the proposers and validators.

Phase 3: local training & model aggregation. Aggregate local model parameters into a new model.

Phase 4: validation & voting. Validate new model with local data. Voting results are recorded on blockchain, determining if the new model is better than the consensus base model.

Phase 5: reward proposers & consensus. Reward proposers and replace base model for next round of FL (or slash tokens and restart if the model fails).

Key differences between ceFL and FLock’s blockchain-powered deFL are in this table:

In summary, the key differences that FLock’s blockchain-powered deFL brings include: 

• A decentralised peer-to-peer network instead of a hub-spoke model with a central server. 
• Control is distributed among participants rather than a single entity controlling the training process. 
• Replacing the central server to orchestrate the training are blockchain and smart contracts. 
• Trust is distributed and cryptographically secured, not placed in a central server. 
• It’s more resilient to attacks due to decentralisation and no single point of failure or attack, and it has community-driven, on-chain governance.

To be clear, FLock.io is not trying to push the entire world on-chain. Our solution involves leveraging ceAI efficiency as well as deFL equality, without sacrificing the speed and bandwidth of ceAI. We’re excited to see how the whole ecosystem grows over the coming years.

The scalability of FLock’s deFL in action: the network effect

FLock’s deFL doesn’t just solve immediate technical problems. It unlocks the door to massive scalability through network effects. Traditional FL struggles to scale because its centralised nature demands a high degree of pre-existing trust between organisations, limiting participation to small, siloed groups.

Domain-specific model use cases, powered by blockchain consensus and incentives, will drive the mass adoption of FL. The more users adopt FL, the faster it will get. It’s comparable to how with social media, the more people make profiles, the better the user experience. 

Our technology is crucial for industries with heightened data sensitivity and fiduciary duties, including healthcare, pharmaceuticals, finance, government, and technology. Organisations in these sectors often find centralized AI products like ChatGPT too risky. They face strict compliance regulations, such as GDPR and HIPAA, and cannot risk exposing trade secrets or confidential client data.

Investment banking provides a clear example of these risks. Banks have strict policies prohibiting any tool or method that could share client data. A centralised AI presents obvious dangers: an analyst might use a tool like ChatGPT to grammar-check a draft registration statement or periodic report, potentially exposing confidential financial information that could be used to front-run the market if observed by OpenAI. Similarly, communications between investment banking and trading desks could leak information that facilitates insider trading.

deFL solves these problems. By deploying models on local devices, all training occurs locally. Only the model’s updated parameters – not the raw data – are ever shared. This allows everyone to benefit from a smarter, collectively trained domain-specific model without ever exposing their sensitive information.

Ultimately, the goal is to ensure the final model accurately represents the consensus of all FL training nodes, not that of the central server. This system also grants ownership percentages of the resulting model, calculated based on the $FLOCK tokens held by each node post-training. Therefore, large conglomerates cannot steal the model built from the nodes’ contributions.

We are proud to work with a range of leading clients and partners, including but not limited to the United Nations Development Programme, the Hong Kong Generative AI R&D Centre, Qwen by Alibaba Cloud, University College London Hospitals, and Aigen Sciences.

More about FLock.io

FLock’s ecosystem consists of three key components: AI Arena, a platform for competitive model training; FL Alliance, a privacy-focused collaboration framework that enhances models while preserving data sovereignty; and Moonbase, our new rewards layer. We just launched our API Platform.

Find out more about FLock.io by reading our docs. See a sneak peak of new launches coming in Q3/Q4 2025.

For future updates, follow FLock.io on X.