Content
@
0 reply
0 recast
0 reaction
EmpiricalLagrange
@eulerlagrange.eth
I’m now convinced if you need to run an LLM agent in a decentralized setup to control a large treasury, you can’t prevent griding to find a cooked prompt. Andrew miller pointed out single TEE works but if we can’t allow that, then I don’t see a viable solution. https://x.com/euler__lagrange/status/1873833137551069467?s=46
4 replies
2 recasts
15 reactions
EmpiricalLagrange
@eulerlagrange.eth
@maurelian.eth
1 reply
0 recast
0 reaction
DV (insert a lot of emojis)
@degenveteran.eth
👀
0 reply
0 recast
1 reaction
not parzival
@shoni.eth
can’t allow it? wdym decentralized setup aside— ai control system security is largely a social engineering (red team) problem.. the premise of a cooked prompt usually assumes some basics such as one prompt will successfully manipulate all control systems… i think the solution is simple like sanitizing for sql injection.. now reliably updating the core prompts and the rest of autonomy? very hard
1 reply
0 recast
1 reaction
Dean Pierce 👨💻🌎🌍
@deanpierce.eth
I think I'm going to need a proper definition for "griding/grinding" Is that like fuzz testing, brute force, etc to find a prompt template that provides arbitrary execution on the underlying wallet? There are lots of input validation steps that can be done here. As always, the best test will be how much can be in the Treasury, and for how long before it gets looted 😁 I don't think it's entirely intractable. TEEs on the other hand are a pure economic game with zero chance of "winning" as a defender.
0 reply
0 recast
0 reaction
