tomtseng
commented
3 months ago Hey, thanks for your interest—unfortunately we don't have vit-victim-b16-s650m in bin.gz format.
The context:
- KataGo trains models in PyTorch, then exports the weights in their own format as a
.bin.gzfile. The C++ reads in the weights and re-implements the model in C++ CUDA - We wanted to test a ViT-based Go agent, but we thought it would be too much work for us to implement ViTs in C++
- So instead we export the model as a TorchScript file (the
.ptfile in the Google Drive), and wrote some code in our fork of KataGo to run TorchScript models in C++ (which just requires using PyTorch's C++ library to invoke the model rather than re-implementing ViTs in C++)
The .ckpt file in the Google Drive can be torch.load()ed in PyTorch if you just want to look at the weights.
If you can't get the .pt file working (which requires using our fork of KataGo), possibly you can use a different victim model with the ViT-adversary and hope it's still good at launching its attack. control-b10 in the Google Drive is a good candidate for this — it's a small CNN that was trained with the same settings as the ViT, and it's also vulnerable to the ViT-adversary (Figure F.8 in our preprint shows ViT-adversary (with control-b10 as the victim model) beating control-b10 at high visits)
SodiumJu
Hi, I have noticed that the model format of vit-victim-b16-s650m in your Google Drive is not a bin.gz file. I would like to use your ViT-adversary to attack our Transformer based models. However, to use your ViT-adversary, it need to take a victim model in bin.gz format, so I am wondering if you could upload your ictim model in bin.gz format or give the instructions of how to convert your pt file into right bin.gz format. Thank you very much. @AdamGleave @tomtseng @ed1d1a8d