Remix.run Logo
iknownothow 5 hours ago

Gotcha and thank you! So the encryption is happening on the OpenAI backend and the agent's clear-text output designated to the sub-agent never reaches local.

Which is a real problem since you can't intercept/monkey patch the ciphertext to decrypt it locally to be able see the clear-text since we don't have the encryption key/algo/salt. No hacking :(

afzalive 3 hours ago | parent [-]

I wonder if you can just ask the model what it means.

Aachen 2 hours ago | parent [-]

No. They don't have the key and can't do encryption in the first place; they're still grand autocomplete engines under the hood. This could only work if the company deliberately builds a mechanism into the backend which runs the decryption function and injects the plaintext somewhere in the context. Which, sure, we can check if they did that, but the whole point is presumably hiding that info so why would they

nsingh2 44 minutes ago | parent [-]

Their models don't consume encrypted text, it would be absurd to train them to do so. Surely they decrypt the text before feeding it into the LLM, so the contents could get leaked out by asking it.