Fingerprinting All AI Cluster I/O Without Mutually Trusted Processors

This project prototypes an embedded off-switch for AI accelerators. The security block requires periodic cryptographic authorization to operate: the chip generates a nonce, an external authority signs it, and the chip verifies the signature before granting time-limited permission. Without valid authorization, outputs are gated to zero. The design was implemented in HardCaml and validated in simulation.

This paper develops a stylized game-theoretic model of cross-border AI training projects in which multiple states jointly train frontier models while retaining national control over compute resources. We focus on decentralized coordination regimes, where actors publicly pledge compute contributions but privately choose actual delivery, creating incentives to free-ride on a shared public good. To address this, the model introduces explicit verification mechanisms, represented as a continuous monitoring intensity that improves the precision of noisy signals about each actor's true compute contribution. Our findings suggest that policymakers designing international AI governance institutions face a commitment problem: half-measures in verification are counterproductive, and effective regimes require either accepting some free-riding or investing substantially in monitoring infrastructure.

The AI safety and governance community is making progress on defining red lines around existential risk from advanced AI systems, and building verification infrastructure to support this objective. However, this is only half the battle. Implementing these red lines requires unprecedented international coordination, and enforcing them requires credible commitments from national governments, all during a period of increased geopolitical tensions.

We present a whitepaper that makes the case that:

Implementation and enforcement of red lines is as much a political question as it is a technical one

While studies exist showing general public support for AI regulation, the depth of domestic political support among major powers for costly international AI regulation and willingness to make real sacrifices to enforce these red lines is understudied

Rigorous policy-credible surveys of public opinion in this area would both enhance the AI safety community’s efforts to prioritize scarce resources to the most effective action areas and provide advocates a valuable source of evidence to point to when lobbying national governments and international organizations

And therefore proposes and develops the methodology for AIRAS.