pith. sign in
Pith Number

pith:HPXY4FXA

pith:2023:HPXY4FXAWCTEN2H7PBE2R2XC4Q
not attested not anchored not stored refs resolved

Catastrophic Jailbreak of Open-source LLMs via Exploiting Generation

Danqi Chen, Kai Li, Mengzhou Xia, Samyak Gupta, Yangsibo Huang

Varying decoding parameters and sampling methods jailbreak aligned open-source LLMs, raising misalignment from 0% to over 95%.

arxiv:2310.06987 v1 · 2023-10-10 · cs.CL · cs.AI · cs.CR

Open paper page JSON Open Graph Bundle Merged state Verified badge What is a Pith Number?
Add to your LaTeX paper 
\usepackage{pith}
\pithnumber{HPXY4FXAWCTEN2H7PBE2R2XC4Q}

Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more · Embed verified badge

Record completeness

1 Bitcoin timestamp
2 Internet Archive
3 Author claim open · sign in to claim
4 Citations open
5 Replications open
Portable graph bundle live · download bundle · merged state
The bundle contains the canonical record plus signed events. A mirror can host it anywhere and recompute the same current state with the deterministic merge algorithm.

Claims

C1strongest claim

By exploiting different generation strategies, including varying decoding hyper-parameters and sampling methods, we increase the misalignment rate from 0% to more than 95% across 11 language models including LLaMA2, Vicuna, Falcon, and MPT families, outperforming state-of-the-art attacks with 30× lower computational cost.

C2weakest assumption

That the high misalignment rates result specifically from the generation exploitation rather than from the choice of test prompts or from model-specific quirks that would not generalize to other prompts or models.

C3one line summary

Varying decoding strategies such as temperature and sampling methods jailbreaks safety alignments in open-source LLMs, raising misalignment from 0% to over 95% at 30x lower cost than prior attacks.

References

25 extracted · 25 resolved · 12 Pith anchors

[1] PaLM 2 Technical Report · arXiv:2305.10403
[2] A General Language Assistant as a Laboratory for Alignment · arXiv:2112.00861
[3] Training a Helpful and Harmless Assistant with Reinforcement Learning from Human Feedback · arXiv:2204.05862
[4] Choquette-Choo , Matthew Jagielski, Irena Gao, Anas Awadalla, Pang Wei Koh, Daphne Ippolito, Katherine Lee, Florian Tramer, and Ludwig Schmidt
[5] Explore, Establish , Exploit : Red Teaming Language Models from Scratch

Formal links

2 machine-checked theorem links

Cited by

25 papers in Pith

LLM-Safety Evaluations Lack Robustness
ACE: A Security Architecture for LLM-Integrated App Systems
Why Do Safety Guardrails Degrade Across Languages?
TrustLLM: Trustworthiness in Large Language Models
A First Look at the Security Issues in the Model Context Protocol Ecosystem
Receipt and verification
First computed 2026-05-17T23:38:46.442598Z
Builder pith-number-builder-2026-05-17-v1
Signature Pith Ed25519 (pith-v1-2026-05) · public key
Schema pith-number/v1.0

Canonical hash

3bef8e16e0b0a646e8ff7849a8eae2e40a79ae77c5a54543348eff8abbcd663e

Aliases

arxiv: 2310.06987 · arxiv_version: 2310.06987v1 · doi: 10.48550/arxiv.2310.06987 · pith_short_12: HPXY4FXAWCTE · pith_short_16: HPXY4FXAWCTEN2H7 · pith_short_8: HPXY4FXA
Agent API
Resolver JSON Graph JSON Events JSON Schema Signing key
Verify this Pith Number yourself 
curl -sH 'Accept: application/ld+json' https://pith.science/pith/HPXY4FXAWCTEN2H7PBE2R2XC4Q \
  | jq -c '.canonical_record' \
  | python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: 3bef8e16e0b0a646e8ff7849a8eae2e40a79ae77c5a54543348eff8abbcd663e
Canonical record JSON 
{
  "metadata": {
    "abstract_canon_sha256": "4d5e7e816336e929d7d40b745bf87d1f01056f4b4e36a84ac78b01c0d48be3e8",
    "cross_cats_sorted": [
      "cs.AI",
      "cs.CR"
    ],
    "license": "http://arxiv.org/licenses/nonexclusive-distrib/1.0/",
    "primary_cat": "cs.CL",
    "submitted_at": "2023-10-10T20:15:54Z",
    "title_canon_sha256": "5f186a839f5029fedc22e2a80147814d1871c88212d9f86a9eacb53073f5763e"
  },
  "schema_version": "1.0",
  "source": {
    "id": "2310.06987",
    "kind": "arxiv",
    "version": 1
  }
}