How AI Gets Hacked.
How H33 Stops It.
Four real attacks. Each one runs through the full H33 stack — Upstream, Root, Q-Sign, Agent-Zero, FHE,
H33-74, Verifier. Every verdict on this page came back from real cryptographic code: the H33-Root gate,
the BFV encryption engine, three families of post-quantum signatures, and the independent verifier.
Nothing here is hand-rolled for the demo.
The meta-message
H33 separates information from authority. The AI can read the attack.
It cannot obtain authority from the attack.
The H33 stack participates in every defense
Normal AI Architecture
Userrequest
↓
LLMinterprets / acts
↓
Actionno verification
H33 Architecture
User Requestsigned request
↓
H33-UpstreamProvenance · Claims · Scope
↓
H33-RootAuthority & Instruction Lineage
↓
H33-Q-SignGovernance & Policy Evaluation
↓
H33-Agent-ZeroEncrypted Decision Engine
↓
FHE ProcessingData Never Exposed
↓
H33-74PQ Attestation Artifact
↓
Actioncryptographically bound
Pick an attack All evidence below is real