Frequently asked
questions.

KAS is the native Kaspa token that already exists. Validators stake KAS as economic collateral. If a validator misbehaves, they lose KAS — real money with real consequences. The alignment of incentives is economic, not ideological.

PROM is the Prometheus reputation and governance token. It cannot be purchased at launch. It is minted exclusively when a threat rule is accepted by validator consensus. Every PROM token represents verified security work.

On launch day, zero PROM exist. No presale, no airdrop, no team allocation. The first PROM are minted when the first threat rule passes consensus.

Simultaneously with the mainnet launch, a KAS/PROM liquidity pool opens on Kasplex DEX (funded from the 5% community pool). From this moment, PROM has a market price formed entirely by supply and demand — no ICO, no listing price, no market-making.

The deflationary emission schedule (−10% per year) combined with growing network demand creates natural upward price pressure over time. The more threats Prometheus detects, the more PROM is earned by participants — and the more PROM is needed to vote on governance and access the AI assistant.

Not in the traditional sense. PROM is minted when a threat rule is accepted by consensus — this is performance-based emission.

Guardian Nodes are the closest equivalent to "miners": instead of GPU hashrate, they contribute AI compute and threat intelligence. They run LLaMA 3 to analyze threats, generate YARA rules, and earn PROM for accepted proposals.

The analogy holds deeper: just as Bitcoin miners must spend real electricity to earn Bitcoin, Guardian operators must spend real compute and produce real security value to earn PROM.

Reporters (20%) split: 75% to Light Clients for validated threat reports, 25% to Honeypot operators for zero-day discoveries. Dev Pool (5%) is only released via DAO vote — no automatic flow to any team member.

No — four independent checkpoints exist before any rule reaches the blockchain:

No single step is fully automatic without verification. The automation lies in the execution of the rules — the decision itself has multiple independent checkpoints. This makes it structurally difficult to push a false rule through: an attacker would need to simultaneously overcome AI confidence thresholds, gather 5 fake reports, win a validator vote, and survive the challenge period.

Affected users report the false detection. The false positive rate rises on-chain. The GovernanceAutoTuning contract automatically raises the confidence threshold for new rules — without any human intervention.

The Guardian who submitted the bad rule loses 50% of their reputation score. Reputation halving is a strong deterrent: it takes many accepted proposals to rebuild what one rejection destroys.

The target false positive rate is under 0.5%. Auto-tuning continuously adjusts parameters to stay within this range.

Your device never sends raw files, paths, or metadata. Only a SHA-256 hash of the suspicious file is transmitted — a one-way fingerprint from which the original cannot be reconstructed.

The report is wrapped in a Groth16 ZK-proof that proves you are a legitimate network participant without revealing your identity or the details of the threat.

A cryptographic protocol that prevents validators from copying each other's votes or coordinating before voting ends.

Commit phase: Each validator submits sha256(vote ‖ salt ‖ block_height) — a sealed envelope. Nobody can see what's inside.

Reveal phase: After all validators have committed, everyone opens their envelope simultaneously. The network verifies that the revealed vote matches the original commitment.

A 10% bond (in KAS) is locked during voting. Invalid reveals — or no reveal at all — result in immediate bond slashing. This makes strategic abstention and vote-copying economically irrational.

No — and that would be the wrong approach. Training foundation models from scratch costs hundreds of millions of dollars and years of research time. That is not Prometheus.

Prometheus takes existing state-of-the-art open-source models and specializes them for security work using LoRA fine-tuning. This is the Prometheus metaphor in practice: we take the fire that already exists and give it to humanity in a new, more powerful form.

Proprietary models (GPT-4, Claude, Gemini) are black boxes — nobody can verify what they actually do with your data. For a security system whose core principle is transparency, they are structurally unsuitable. Open source models can be audited, self-hosted, and fine-tuned. Malware samples never leave the local environment.

Through LoRA (Low-Rank Adaptation) — a technique that fine-tunes only 1-5% of the model's parameters. A single A100 GPU is sufficient. No supercomputer needed.

Training datasets:

The result is a security-specialized model that understands malware behavior, CVE correlations, and can generate syntactically valid YARA rules with high confidence.

Through federated learning via the Fed-DART protocol (Fraunhofer Institute, open source). No raw data is ever shared — only mathematical gradients.

After 1 month: 50 nodes × 1,000 threats = 50,000 new patterns learned network-wide.

After 6 months: the model outperforms commercial solutions because it trains on real threats from the entire world in real time.

No. Every model update follows this integrity chain:

A manipulated model would produce a different hash and be rejected by every node automatically. Compromising the model distribution would require compromising the Kaspa blockchain itself — which has approximately 50% Byzantine fault tolerance under DAGKnight consensus.

Real-time threat response requires sub-second finality. Ethereum's 12-second blocks make it unsuitable. Kaspa's DAGKnight consensus also shares the 0% pre-mine philosophy of Prometheus — the alignment of values matters.

ClamAV and Wazuh are signature-based — they only detect what is already known and catalogued. A zero-day exploit that appeared 10 minutes ago is invisible to them.

Prometheus detects unknown threats through behavioral AI analysis and swarm intelligence. It also stores rules permanently on a public blockchain that no organization can modify, censor, or selectively enforce.

Prometheus is designed to complement existing tools, not replace them. A device running ClamAV, Wazuh, and the Prometheus Light Client has layered defense — signatures for the known, AI for the unknown.

No. There is no foundation to dissolve, no central server to seize, no CEO to arrest, no emergency stop to trigger.

The protocol exists as long as the Kaspa blockchain exists. Its rules are encoded in immutable smart contracts. Its governance is fully automated. No human has the power to pause, halt, or modify it.

Desktop clients (Windows, macOS, Linux) are targeted for August 2026. iOS and Android mobile clients target September 2026.

Mobile uses Flutter for cross-platform development. Phi-3-mini runs on iOS via Core ML and on Android via ONNX Runtime Mobile. Background scanning uses native OS mechanisms (iOS Background App Refresh, Android WorkManager).

Honeypot operators receive the highest reward per discovery because zero-day threats are rare and extremely valuable. A single validated zero-day can earn significantly more than thousands of ordinary threat reports.

The Guardian 8B option was specifically added to lower the barrier for smaller operators. The reputation system automatically filters out low-quality outputs — hardware alone does not guarantee influence.