Mountain Madness Hackathon 2026

Invisible adversarial poisoning for digital art. Protect your images from AI training scrapers, without changing a single visible pixel.

Live Demo: video

• What is ViperProtection?
• How It Works
• Prerequisites
• Installation
• Environment Variables
• Running Locally
• API Reference
• Tech Stack

ViperProtection is a full-stack web application built at Mountain Madness 2026 that lets artists protect their digital artwork from being used to train AI models — without any visible degradation to image quality.

Using adversarial machine learning, we inject imperceptible pixel-level perturbations ("poison") into images. These perturbations are invisible to the human eye but cause AI training pipelines to learn corrupted, useless patterns — permanently degrading any model trained on the protected image.

1. Upload Your Image The user uploads a PNG, JPG, or WebP image. Optionally they can draw a custom watermark layer directly on the image in the browser before processing.

2. Original Stored Securely The original image is read as raw bytes and stored directly in PostgreSQL as binary data — no public URL, no cloud link. It's only accessible via password through the /original endpoint.

3. Adversarial Poison Applied The image is temporarily uploaded to DigitalOcean Spaces to generate a URL, which is passed to the Viper Poison ML API. The poisoner applies adversarial perturbations using a VAE + CLIP pipeline and returns the poisoned image as base64.

4. Processed Image Saved to Cloud The poisoned image is uploaded to DigitalOcean Spaces and a public CDN URL is returned to the frontend for display and download.

5. Protection Metrics Returned The API response includes the protection score, semantic similarity score, epsilon value used, and AI-view visualizations of both the original and poisoned image — none of which are stored.

• Python 3.11+
• Node.js 18+ and npm
• A PostgreSQL database (we used DigitalOcean Managed Database)
• A DigitalOcean Spaces bucket with CDN enabled
• The Viper Poison ML API running (ngrok tunnel or deployed server)

Clone the repo

git clone https://github.com/MountainM2026/ViperProtection.git
cd ViperProtection

Backend setup

cd backend
pip install -r requirements.txt

Frontend setup

cd frontend
npm install

Create a .env file inside the backend/ folder:

DATABASE_URL=postgresql://user:password@host:port/dbname
DO_SPACES_KEY=your_spaces_access_key
DO_SPACES_SECRET=your_spaces_secret_key
DO_SPACES_BUCKET=your_bucket_name
DO_SPACES_REGION=tor1
DO_SPACES_ENDPOINT=https://tor1.digitaloceanspaces.com
BACKEND_CORS_ORIGINS=["http://localhost:3000","http://localhost:5173"]

[CAUTION] Never commit your .env file to git. Make sure backend/.env is in your .gitignore.

Start the backend

cd backend
uvicorn engine.api.main:app --reload

API available at http://127.0.0.1:8000 — interactive docs at http://127.0.0.1:8000/docs

Start the frontend

cd frontend
npm start

React app available at http://localhost:3000

Base URL: http://127.0.0.1:8000 (local) or your deployed App Platform URL.

Upload an image and apply protection effects. Returns a CDN URL for the processed image along with optional poison metrics.

Query Parameters

Request Body: multipart/form-data with file field (PNG, JPG, WebP)

Example Response

{
  "id": 42,
  "image_url": "https://bucket.tor1.cdn.digitaloceanspaces.com/abc123.png",
  "epsilon": 0.05,
  "metrics": {
    "protection_score": 94,
    "similarity": 0.98,
    "epsilon_used": 0.05
  },
  "ai_view_original": "<base64 string>",
  "ai_view_poisoned": "<base64 string>"
}

Retrieve the original unprocessed image. Requires the correct password set at upload time. Returns raw PNG bytes.

Request Body

{ "password": "your_password" }

Get metadata for a single image by ID.

List all uploaded images.

Delete an image record from the database.

Fighting AI art theft, one image at a time. © 2026 ViperProtection