## Model extraction and reproduction

### Extract parameters from a .pt file

In [1]:
import os
import torch
import random
import numpy as np
def seed_everything(seed=20):
    """set seed for all"""
    os.environ['PYTHONHASHSEED'] = str(seed)
    random.seed(seed)
    np.random.seed(seed)
    torch.manual_seed(seed)
    torch.cuda.manual_seed(seed)
    torch.cuda.manual_seed_all(seed)
    torch.backends.cudnn.deterministic = True
seed_everything()

In [2]:
# load the model
import torch
from torch import nn
sent_model = torch.load('saved_models/A_model_1.pt', map_location='cpu')
sent_model.eval()
for param in sent_model.parameters():
    param.requires_grad = False
print(sent_model)

Sequential(
  (0): BatchNorm1d(768, eps=1e-05, momentum=0.1, affine=True, track_running_stats=True)
  (1): Linear(in_features=768, out_features=128, bias=True)
  (2): GELU()
  (3): Linear(in_features=128, out_features=3, bias=True)
)


In [3]:
# get model structure
sent_model_structure = '|'.join([layer_str.split('): ')[1] for layer_str in str(sent_model).split('\n')[1:-1]])
print('\n'.join(sent_model_structure.split('|')))

BatchNorm1d(768, eps=1e-05, momentum=0.1, affine=True, track_running_stats=True)
Linear(in_features=768, out_features=128, bias=True)
GELU()
Linear(in_features=128, out_features=3, bias=True)


In [4]:
# get model parameters
with torch.no_grad():
    sent_model_parameters = {name:val.detach() for name, val in sent_model.named_parameters()}

In [5]:
# Since the model uses normalization, we also need to send the mean and variance
sent_model_parameters['0.running_mean'] = sent_model[0].running_mean
sent_model_parameters['0.running_var'] = sent_model[0].running_var

In [6]:
# print weight name and shape
sent_model_parameters_names = list(sent_model_parameters.keys())
sent_model_parameters_vals = list(sent_model_parameters.values())
for name, val in zip(sent_model_parameters_names, sent_model_parameters_vals):
    print(f'{name:8s}\t{val.__class__.__name__}\t{list(val.shape)}'.expandtabs(2))


0.weight  Tensor  [768]
0.bias    Tensor  [768]
1.weight  Tensor  [128, 768]
1.bias    Tensor  [128]
3.weight  Tensor  [3, 128]
3.bias    Tensor  [3]
0.running_mean  Tensor  [768]
0.running_var Tensor  [768]


### Test Reproductivity

In [33]:
# We will send 3 parameters to a client
'''
    sent_model_structure
    sent_model_parameters_names
    sent_model_parameters_vals
''';

import base
uploader = base.login("info@openmined.org", "changethis")

reciever = base.login("sheldon@caltech.edu","bazinga")


Anyone can login as an admin to your node right now because your password is still the default PySyft username and password!!!

Connecting to localhost... done! 	 Logging into my_network... done!
Connecting to localhost... done! 	 Logging into my_network... done!


In [34]:
uploader.privacy_budget
uploader.datasets


Idx,Name,Description,Assets,Id
[0],COVID19 Cases in 175 countries,Weekly data for an entire year,"[""Country 0""] -> Tensor [""Country 17""] -> Tensor [""Country 22""] -> Tensor ...",19f174a1-933d-44d1-9d37-b6e8c89f9f7c
[1],model parameter,"BatchNorm1d(768, eps=1e-05, momentum=0.1, affine=True, track_running_stats=True)|Linear(in_features=768, out_features=128, bias=True)|GELU()|Linear(in_features=128, out_features=3, bias=True)","[""3.bias""] -> Tensor [""1.bias""] -> Tensor [""3.weight""] -> Tensor ...",3b722121-11f0-4830-84d7-5fc6438a8395


In [11]:
base.upload(uploader,sent_model_parameters_names,sent_model_parameters,sent_model_structure)
#del uploader.datasets[1]


Converting PyTorch tensor to numpy tensor for internal representation...
Tensor annotated with DP Metadata!
You can upload this Tensor to a domain node by calling `<domain_client>.load_dataset` and passing in this tensor as an asset.
Converting PyTorch tensor to numpy tensor for internal representation...
Tensor annotated with DP Metadata!
You can upload this Tensor to a domain node by calling `<domain_client>.load_dataset` and passing in this tensor as an asset.
Converting PyTorch tensor to numpy tensor for internal representation...
Tensor annotated with DP Metadata!
You can upload this Tensor to a domain node by calling `<domain_client>.load_dataset` and passing in this tensor as an asset.
Converting PyTorch tensor to numpy tensor for internal representation...
Tensor annotated with DP Metadata!
You can upload this Tensor to a domain node by calling `<domain_client>.load_dataset` and passing in this tensor as an asset.
Converting PyTorch tensor to numpy tensor for internal represent

Uploading `0.weight`: 100%|[32m███████████████████████████████████████████[0m| 1/1 [00:00<00:00, 45.42it/s][0m
Uploading `0.bias`: 100%|[32m█████████████████████████████████████████████[0m| 1/1 [00:00<00:00, 66.47it/s][0m
Uploading `1.weight`: 100%|[32m███████████████████████████████████████████[0m| 1/1 [00:00<00:00, 15.08it/s][0m
Uploading `1.bias`: 100%|[32m█████████████████████████████████████████████[0m| 1/1 [00:00<00:00, 90.91it/s][0m
Uploading `3.weight`: 100%|[32m███████████████████████████████████████████[0m| 1/1 [00:00<00:00, 66.92it/s][0m
Uploading `3.bias`: 100%|[32m█████████████████████████████████████████████[0m| 1/1 [00:00<00:00, 76.87it/s][0m
Uploading `0.running_mean`: 100%|[32m█████████████████████████████████████[0m| 1/1 [00:00<00:00, 83.32it/s][0m
Uploading `0.running_var`: 100%|[32m██████████████████████████████████████[0m| 1/1 [00:00<00:00, 71.54it/s][0m


Dataset is uploaded successfully !!! 🎉

Run `<your client variable>.datasets` to see your new dataset loaded into your machine!


In [12]:
reciever.datasets[1]


Dataset: model parameter
Description: BatchNorm1d(768, eps=1e-05, momentum=0.1, affine=True, track_running_stats=True)|Linear(in_features=768, out_features=128, bias=True)|GELU()|Linear(in_features=128, out_features=3, bias=True)



Asset Key,Type,Shape
"[""3.bias""]",Tensor,"(3,)"
"[""1.bias""]",Tensor,"(128,)"
"[""3.weight""]",Tensor,"(3, 128)"
"[""0.weight""]",Tensor,"(768,)"
"[""0.bias""]",Tensor,"(768,)"
"[""1.weight""]",Tensor,"(128, 768)"
"[""0.running_var""]",Tensor,"(768,)"
"[""0.running_mean""]",Tensor,"(768,)"


In [13]:
# Stimulate a client who receives the parameter
received_model_structure= reciever.datasets[1].description


In [14]:
# initialize the model
received_model = nn.Sequential(
    *[eval('nn.' + layer) for layer in received_model_structure.split('|')]
)
# print part of the initial model weight
print(received_model[0].weight.detach()[:10])


tensor([1., 1., 1., 1., 1., 1., 1., 1., 1., 1.])


In [23]:
# request for weight
sent=reciever.datasets[1]
asset= sent.assets
for i in asset:
    result = sent[i['name']]
    result.request(reason='research')


In [25]:
# accept all request
for i in uploader.requests:
    i.accept()
uploader.requests

Unnamed: 0,Name,Email,Role,Request Type,Status,Reason,Request ID,Requested Object's ID,Requested Object's tags,Requested Budget,Current Budget
0,Sheldon Cooper,sheldon@caltech.edu,Data Scientist,BUDGET,denied,I want to do data exploration,<UID: 52f805d0a73f42ba9e27c3ba392947db>,,[],1000.0,100.0
1,Sheldon Cooper,sheldon@caltech.edu,Data Scientist,DATA,accepted,research,<UID: c52a1b380c9b449a8d487126e4199991>,<UID: 90b32eeeafb04bc78e33d72d4b67e48d>,[#Country 9],,
2,Sheldon Cooper,sheldon@caltech.edu,Data Scientist,DATA,accepted,research,<UID: 6b84c7bc2bc14b799b81aef4d5c1c482>,<UID: 00a2a813a90e4cb4a84955c2d3d005d6>,[#Country 0],,
3,Sheldon Cooper,sheldon@caltech.edu,Data Scientist,DATA,pending,research,<UID: df809f0e75454bd78bb7903242e6e059>,<UID: 3f6a1734b3a24da28174d0e6bcf91181>,[#Country 0],,
4,Sheldon Cooper,sheldon@caltech.edu,Data Scientist,DATA,accepted,research,<UID: 8cfc2e06362447d4911a168a3c13694c>,<UID: d78cdbb01112419ea3c7798f7be010f4>,[#Country 0],,
5,Sheldon Cooper,sheldon@caltech.edu,Data Scientist,DATA,accepted,research,<UID: 58dac92f84a7484c8f2d9c30e2b54b91>,<UID: d9d39c1fcfae4cb79998909f4648f4ab>,[#3.bias],,
6,Sheldon Cooper,sheldon@caltech.edu,Data Scientist,DATA,accepted,research,<UID: 6b32548f976547f88b66863c908db6a4>,<UID: 7235d7cc7a834db680c238f6041bda5a>,[#1.bias],,
7,Sheldon Cooper,sheldon@caltech.edu,Data Scientist,DATA,accepted,research,<UID: 1461c13a8ebf4f3c94aac62f78eabea9>,<UID: 6a311577724342c6aa5ae6a337f23399>,[#0.weight],,
8,Sheldon Cooper,sheldon@caltech.edu,Data Scientist,DATA,accepted,research,<UID: 4adc8fb959b04bdfa03f220612bbe356>,<UID: dac6b1041b0e46f6ab867cb6b81ec8eb>,[#1.weight],,
9,Sheldon Cooper,sheldon@caltech.edu,Data Scientist,DATA,accepted,research,<UID: 7c45e57005c94f45969dd3fc42026465>,<UID: af8b5ef0ee3047b08878b3922741b91e>,[#0.running_mean],,


In [37]:
for i in asset:
    name=i['name']
    result= sent[name].publish(sigma=10)
    name=f'[{name.split(".")[0]}].{name.split(".")[1]}'
    x=result.get()
    x=torch.tensor(x).to(dtype=torch.float32)
    exec(f'received_model{name} = nn.Parameter(x)')

In [38]:
# make sure the weight has been changed
print(received_model[0].weight.detach()[:10])


tensor([ 1.4488,  9.9912, -5.3708, -5.4453,  5.8399,  3.0429, -0.2868,  8.9607,
         0.6524, -4.5624])


### Make sure two models have the same output for a given input

In [17]:
# Random input for the model
random_input = torch.randn(32, 768)

In [18]:
# test the output of sent_model
sent_model.eval()
for param in sent_model.parameters():
    param.requires_grad = False
sent_model_output = sent_model(random_input)
sent_model_output[:5]

tensor([[ 0.6840, -0.6742, -0.8874],
        [ 0.4475, -0.3338, -1.1385],
        [ 0.6013, -0.7323, -0.7802],
        [ 0.4355, -0.3431, -0.8839],
        [ 0.5737, -0.6191, -0.7754]])

In [19]:
# test the output of received_model
received_model.eval()
for param in received_model.parameters():
    param.requires_grad = False
received_model_output = received_model(random_input)
received_model_output[:5]

tensor([[ 0.6840, -0.6742, -0.8874],
        [ 0.4475, -0.3338, -1.1385],
        [ 0.6013, -0.7323, -0.7802],
        [ 0.4355, -0.3431, -0.8839],
        [ 0.5737, -0.6191, -0.7754]])

In [20]:
if (sent_model_output == received_model_output).all():
    print('Success! Two models have the same output')
else:
    print('Fail! Please check if any of the parameters are different')

Success! Two models have the same output
