Apart Research - Red Teaming A Narrow Path

Jun 14, 2025

Read Project

# Red Teaming A Narrow Path: ControlAI Policy Sprint

Gideon Daniel Giftson T

All six policies are red teamed step-by-step systematically. We initially corrected vague definitions and also found that

the policies regarding the capabilities of AI systems lack technical soundness and that more incentives are needed to entice states to sign the treaty. Further, we discover a lack of equity in the licensing framework, and a lack of planning for black-swan events. We propose an oversight framework right from the manufacturing process of silicon chips. We also propose calling for a moratorium on the development of general AI systems until the existing tools for analyzing them can catch up. Following these recommendations still won't guarantee the prevention of ASI for 20 years, but ensures that the world is on track to even tackle such a system if it is somehow created.

[Download](https://framerusercontent.com/assets/3rGS0Iw5l8WMPef0Lffa7Ki9qyA.pdf "Download File")

Download

Review Project

[View Related Sprint](https://apartresearch.com/sprints/red-teaming-a-narrow-path-control-ai-policy-sprint-2025-06-13-to-2025-06-13)

## Reviewer's Comments

![Arrow](https://framerusercontent.com/images/Tv5IAtqTPUFlm5NKiFSFBFRzCY.png?width=130&height=120)

Thoughtful analysis, points out a number of potential issues such as sandbagging, and the lack of incentives to join the treaty system as formulated in Phase 0

**Cite this work**

@misc {

title={

**(HckPrj) Moratorium on the development of general AI systems**

},

author={

Gideon Daniel Giftson T

},

date={

6/14/25

},

organization={Apart Research},

note={Research submission to the research sprint hosted by Apart.},

howpublished={https://apartresearch.com}

}

## Recent Projects

[Feb 2, 2026\\
\\
**Markov Chain Lock Watermarking: Provably Secure Authentication for LLM Outputs**\\
\\
We present Markov Chain Lock (MCL) watermarking, a cryptographically secure framework for authenticating LLM outputs. MCL constrains token generation to follow a secret Markov chain over SHA-256 vocabulary partitions. Using doubly stochastic transition matrices, we prove four theoretical guarantees: (1) exponentially decaying false positive rates via Hoeffding bounds, (2) graceful degradation under adversarial modification with closed-form expected scores, (3) information-theoretic security without key access, and (4) bounded quality loss via KL divergence. Experiments on 173 Wikipedia prompts using Llama-3.2-3B demonstrate that the optimal 7-state soft cycle configuration achieves 100\\% detection, 0\\% FPR, and perplexity 4.20. Robustness testing confirms detection above 96\\% even with 30\\% word replacement. The framework enables $O(n)$ model-free detection, addressing EU AI Act Article 50 requirements. Code available at \\url{https://github.com/ChenghengLi/MCLW}\\
\\
Read More](https://apartresearch.com/project/markov-chain-lock-watermarking-provably-secure-authentication-for-llm-outputs

... (truncated, 5 KB total)