DDRR-Trust: Auditor de Gobernanza e Inteligencia Artificial para la Tokenización Inmobiliaria

Facundo Espinoza Rojas, Gabriel Mamani Sandoval, David Salas Arriaga

DDRR-Trust es una herramienta innovadora de Gobernanza de Inteligencia Artificial diseñada para proteger a los inversores en el emergente mercado de la tokenización inmobiliaria en Bolivia. El problema fundamental radica en que la transferencia de un activo digital en la blockchain no otorga derechos legales de propiedad frente a terceros; la normativa boliviana exige estrictamente una escritura pública inscrita en el Registro de Derechos Reales (DDRR). A esto se suma la obligatoriedad de contar con licencias operativas de la ASFI y registros en la UIF para la prevención del lavado de dinero.

Ante la desprotección del ciudadano común frente a estos vacíos tecnológicos y legales, nuestra solución actúa como un auditor preventivo automatizado. El sistema utiliza modelos de Procesamiento de Lenguaje Natural (NLP) para extraer y analizar simultáneamente las cláusulas de los contratos de tokenización y los datos registrales del Folio Real. A través de un intuitivo sistema de semáforo visual, DDRR-Trust clasifica el nivel de riesgo en tiempo real.

La aplicación advierte al instante si la estructura jurídica de la inversión es sólida y segura (Semáforo Verde), o si, por el contrario, existen promesas ilegales de transferencia exclusivamente *on-chain*, falta de permisos regulatorios, hipotecas no declaradas o riesgos tributarios ocultos vinculados al IMT o el IUE (Semáforo Rojo). De esta manera, el proyecto cierra la brecha entre la innovación descentralizada y las instituciones tradicionales, utilizando la IA para democratizar el acceso a la seguridad jurídica y proteger el patrimonio de las personas.

Reviewer's Comments

Reviewer's Comments

Arrow
Arrow
Arrow

Impact: I feel the project is not really about AI safety at all, but rather about using AI to solve a different problem, which I feel is not in the spirit of the hackathon. What I mean is that "AI safety," even broadly defined, is about managing the risks associated with the development and deployment of AI systems, whereas the project the authors are proposing is about managing the risks associated with DeFi technologies, using AI systems as the technique. AI is the tool here, not the subject. From the project itself I cannot assess its impact in that domain, and I hope it is impactful (AI safety is not the only thing that matters in this world) but it is out of scope of the competition.

Execution: The paper says it applied a "Review of Bolivian real-estate property law," an "Analysis of Fintech and virtual-asset regulation," an "Investigation of risks associated with tokenization," and "Case studies and international models," but I see only the generic bullet points associated with each, with no deeper description. Regarding DDRR-Trust, the authors claim to have built this system, but no details are given in the paper, there is no link to the prototype, and there are no actual results beyond the few bullet points that summarize them. Therefore, it is impossible to evaluate the quality of the work from the paper as given.

Presentation: The paper reads as a summary of work that is never actually shown to the reader, and the writing looks AI-generated. It describes a finished system in the present tense while showing only hypothetical examples rather than real outputs, so it claims more completion than it demonstrates. At no point can I see the work itself in order to evaluate the proposal.

In this review I may seem harsh, and I do not want to discourage the authors of what may be great future work. After all, the problem is real, so there is the market for a solution. However, I am judging what is written in this paper, and I would rather give honest feedback in a low-stakes setting like a hackathon than have the authors receive similar feedback later if they intend to develop a product from it. The work, as presented, could be rejected purely on the grounds of not showing what was actually done, and in the future the authors should take care to present their work better for the audience.

cool idea, but I would have really liked to see a demo for it. I think you could have fed the manuscript to Claude Code and possibly have gotten a good MVP out of that

Cite this work

@misc {

title={

(HckPrj) DDRR-Trust: Auditor de Gobernanza e Inteligencia Artificial para la Tokenización Inmobiliaria

},

author={

Facundo Espinoza Rojas, Gabriel Mamani Sandoval, David Salas Arriaga

},

date={

},

organization={Apart Research},

note={Research submission to the research sprint hosted by Apart.},

howpublished={https://apartresearch.com}

}

Recent Projects

OliGraph: graph-based screening of large oligopools

Existing synthesis screening tools cannot evaluate short oligonucleotide pools, whose overlapping fragments can be reassembled into regulated sequences via polymerase cycling assembly (PCA) yet fall below gene-length detection thresholds. We present OliGraph, an open-source tool that constructs a bi-directed overlap graph from an oligonucleotide pool and extracts contigs for downstream gene-length screening. An optional PCA mode retains only cross-strand overlaps consistent with PCA chemistry. We validated OliGraph in a blinded study across ten simulated pools (70–9,184 oligonucleotides, 30–300 bp) spanning four risk categories. BLAST screening of individual oligonucleotides failed to identify sequences of concern in most pools: three returned zero hits, and vector noise obscured true positives in the remainder. After OliGraph assembly, contig-level BLAST matched the longest assembled sequences (up to 1,905 bp) to sequences of concern at 97–100% identity. In one pool, assembly collapsed 1,634 individual BLAST results into 10 hits from a single contig, all assigned to the same source organism. PCA mode correctly distinguished assemblable from non-assemblable fragments within the same pool. Two pools with no assemblable structure yielded no contigs. OliGraph processed all pools in under 0.2 seconds, fast enough for real-time order screening and consistent with proposals to bring oligonucleotide orders within the scope of synthesis screening regulation.

Read More

BioRT-Bench: A Multi-Attack Red-Teaming Benchmark for Bio-Misuse Safeguards in Frontier LLMs

Frontier AI laboratories are expected to maintain safeguards against biological misuse, but whether deployed models actually refuse bio-misuse queries under adversarial pressure is largely unmeasured in the public literature. We introduce BioRT-Bench, a benchmark that runs four attack methods (direct request, PAIR, Crescendo, and base64 encoding) against four frontier models (Claude Sonnet 4.6, GPT-5.4, DeepSeek V4-flash, Kimi K2.5) across 40 prompts spanning five biosecurity-relevant categories. Responses are scored by a calibrated judge extending StrongREJECT with two bio-specific dimensions: specificity and actionability. We measure Attack Success Rate (ASR), where 0 means the model fully refused and 1 means it provided specific, actionable bio-misuse content. Our results reveal a sharp robustness divide: Chinese frontier models (DeepSeek, Kimi) have under 5% refusal rates even under direct request (ASR 0.88 and 0.79), while Western models (Claude, GPT) maintain substantially stronger safeguards (ASR 0.15 and 0.16). Crescendo is the most effective attack across all models, both in bypassing refusal and in eliciting actionable content. Claude Sonnet 4.6 is the most robust model tested, achieving 100% refusal against base64-encoded prompts.

Read More

PROTEUS (PROTein Evaluation for Unusual Sequences): Structure-Informed Safety Screening for de novo and Evasion-Prone Protein-Coding Sequences

AI protein design tools like RFdiffusion, ProteinMPNN, and Bindcraft make it trivial to produce low-homology sequences that fold into active, potentially hazardous architectures. However, sequence homology-based biosafety screening tools cannot detect proteins that pose functional risk through structurally novel mechanisms with no sequence precedent. We present a tiered computational pipeline that addresses this gap by combining MMseqs2 sequence alignment with structure-based comparison via FoldSeek and DALI against curated toxin databases totaling ~34,000 entries. AlphaFold2-predicted structures are screened for both global fold similarity (FoldSeek) and local active/allosteric site geometry (DALI), capturing convergent functional hazards that sequence screening misses. The pipeline was validated against a panel of toxins, benign proteins, structural mimics, and de novo-designed Munc13 binders, as well as modified ricin variants with residue substitutions. We additionally tested robustness to partial-synthesis evasion, where a bad actor submits multiple shorter coding sequences intended for downstream reassembly into a full toxin-coding gene. We found that while sequence-based screening did not identify any de novo ricin analogues with high certainty, the combined pipeline with FoldSeek and DALI identified all 24 tested de novo ricins as toxic.

Read More

OliGraph: graph-based screening of large oligopools

Existing synthesis screening tools cannot evaluate short oligonucleotide pools, whose overlapping fragments can be reassembled into regulated sequences via polymerase cycling assembly (PCA) yet fall below gene-length detection thresholds. We present OliGraph, an open-source tool that constructs a bi-directed overlap graph from an oligonucleotide pool and extracts contigs for downstream gene-length screening. An optional PCA mode retains only cross-strand overlaps consistent with PCA chemistry. We validated OliGraph in a blinded study across ten simulated pools (70–9,184 oligonucleotides, 30–300 bp) spanning four risk categories. BLAST screening of individual oligonucleotides failed to identify sequences of concern in most pools: three returned zero hits, and vector noise obscured true positives in the remainder. After OliGraph assembly, contig-level BLAST matched the longest assembled sequences (up to 1,905 bp) to sequences of concern at 97–100% identity. In one pool, assembly collapsed 1,634 individual BLAST results into 10 hits from a single contig, all assigned to the same source organism. PCA mode correctly distinguished assemblable from non-assemblable fragments within the same pool. Two pools with no assemblable structure yielded no contigs. OliGraph processed all pools in under 0.2 seconds, fast enough for real-time order screening and consistent with proposals to bring oligonucleotide orders within the scope of synthesis screening regulation.

Read More

BioRT-Bench: A Multi-Attack Red-Teaming Benchmark for Bio-Misuse Safeguards in Frontier LLMs

Frontier AI laboratories are expected to maintain safeguards against biological misuse, but whether deployed models actually refuse bio-misuse queries under adversarial pressure is largely unmeasured in the public literature. We introduce BioRT-Bench, a benchmark that runs four attack methods (direct request, PAIR, Crescendo, and base64 encoding) against four frontier models (Claude Sonnet 4.6, GPT-5.4, DeepSeek V4-flash, Kimi K2.5) across 40 prompts spanning five biosecurity-relevant categories. Responses are scored by a calibrated judge extending StrongREJECT with two bio-specific dimensions: specificity and actionability. We measure Attack Success Rate (ASR), where 0 means the model fully refused and 1 means it provided specific, actionable bio-misuse content. Our results reveal a sharp robustness divide: Chinese frontier models (DeepSeek, Kimi) have under 5% refusal rates even under direct request (ASR 0.88 and 0.79), while Western models (Claude, GPT) maintain substantially stronger safeguards (ASR 0.15 and 0.16). Crescendo is the most effective attack across all models, both in bypassing refusal and in eliciting actionable content. Claude Sonnet 4.6 is the most robust model tested, achieving 100% refusal against base64-encoded prompts.

Read More

This work was done during one weekend by research workshop participants and does not represent the work of Apart Research.
This work was done during one weekend by research workshop participants and does not represent the work of Apart Research.