brypto

I’m now convinced if you need to run an LLM agent in a decentralized setup to control a large treasury, you can’t prevent griding to find a cooked prompt.

Andrew miller pointed out single TEE works but if we can’t allow that, then I don’t see a viable solution.

I’m not sure how you could prevent grinding a decentralized AI model.

if you run a deterministic model in consensus, the state has to be public (nodes have to be able to enter and exit the network), you can always grind a prompt outside of the protocol.

How do you prevent this…

EulerLagrange.eth - bank/acc (Hersh)

I’m now convinced if you need to run an LLM agent in a decentralized setup to control a large treasury, you can’t prevent griding to find a cooked prompt.

Andrew miller pointed out single TEE works but if we can’t allow that, then I don’t see a viable solution.

https://x.com/euler__lagrange/status/1873833137551069467?s=46

Pragmatism (Security) at OP Labs.
Prev: ConsenSys & Coinbase.

Attribs: Friendly, curious, introverted, mid-witted.
Chans: /eth-security /maurelian /stoicism




Working on building zkTLS infra/products. A ruthless empiricist and meme connoisseur.

/opacity
/eulerlagrange

I think I'm going to need a proper definition for "griding/grinding" 

Is that like fuzz testing, brute force, etc to find a prompt template that provides arbitrary execution on the underlying wallet?

There are lots of input validation steps that can be done here. As always, the best test will be how much can be in the Treasury, and for how long before it gets looted 😁  I don't think it's entirely intractable. TEEs on the other hand are a pure economic game with zero chance of "winning" as a defender.