
AgeBand — a privacy-first, passive age-assurance layer for chat products (AMD Hackathon ACT II, Track 3). Problem: Age verification is either invasive (biometrics, ID upload) or trivially bypassed (self-attestation). Neither fits AI companion apps, social/gaming/dating chat, or kids'/ed-tech, which need continuous protection without documents. Approach: AgeBand reads the conversation, not the person. It passively infers a coarse age band from linguistic and behavioral signals and maps it to a proportionate safety posture (standard → caution → restricted → blocked). Its invariant: LLM estimates → deterministic layer decides → confidence and gaps are first-class → human at the boundary → runs on AMD because the data can't leave. A multilingual model on MI300X/vLLM proposes cues and a candidate band; a deterministic Python shell assigns weights, computes confidence, and sets posture. The LLM never sets a weight or confidence — so it can't emit a confident-but-wrong verdict. Proof: a 27B model was fooled by an adversarial "child," but the deterministic evasion guard held. Key decisions. Only strong cues (topic/disclosure) establish a band; style cues only nudge (kills false positives). Stated age is weighted evidence, not an override. Uncertainty and masking patterns feed a confidence penalty and can trigger a step-up ladder — complementing, not competing with, biometric providers. AMD story: "First-party, not basement": on-prem inside the product's own trust boundary. One image, one env-var contract, three targets (MI300X vLLM/ROCm, AMD VM, EKS+Fireworks). Proven on MI300X (gemma-3-27b-it bf16): 100% eval accuracy, p95 2.1s single / 3.1s @10 concurrent, 598.6 tok/s, ~$0.139/1k turns, ≥10 sessions/GPU. Working browser demo, live eval/benchmark tab, session simulator, GPU telemetry badge. Pipeline merged; 462 tests pass.
11 Jul 2026