pith. sign in

arxiv: 2601.21898 · v2 · pith:BIVISVASnew · submitted 2026-01-29 · 💻 cs.AI · cs.CR

Making Models Unmergeable via Scaling-Sensitive Loss Landscape

classification 💻 cs.AI cs.CR
keywords mergingmodelprotectionreleasedmakingmodelsre-scalingthey
0
0 comments X
read the original abstract

The rise of model hubs has made it easier to access reusable model components, making model merging a practical tool for combining capabilities. Yet, this modularity also creates a governance gap: downstream users can recompose released weights into unauthorized mixtures that bypass safety alignment or licensing terms. Because existing defenses are largely post-hoc and architecture-specific, they provide inconsistent protection across diverse architectures and release formats in practice. To close this gap, we propose Trap$^2$, an architecture-agnostic protection framework that encodes protection into updates during fine-tuning, regardless of whether they are released as adapters or full models. Instead of relying on architecture-dependent approaches, Trap$^2$ uses weight re-scaling as a simple proxy for the merging process. It keeps released weights effective in standalone use, but degrades them under re-scaling that often arises in merging, undermining unauthorized recomposition.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.