Can governments quickly and cheaply slow AI training?

A detailed technical analysis published on the AI Alignment Forum investigates a critical question for AI governance: Could governments implement technical measures to quickly and cheaply slow down the training of advanced AI models? The post, authored by 'joshc,' examines 'inference verification'—methods to ensure AI clusters are only running inference (generating outputs) and not the more computationally intensive training. The author concludes that current verification prototypes, which primarily restrict server communication, would likely be ineffective. This is because developers could potentially work around them, for instance, by using most of the verified compute for reinforcement learning (RL) rollouts and a small, covert portion for actual training updates.

However, the analysis identifies three far more aggressive technical measures that could substantially hinder training progress if implemented early. First, requiring proof-of-work or proof-of-memory that accounts for over 95% of a cluster's computation would leave insufficient resources for covert training. Second, enforcing memory wipes every few minutes would prevent the upload of new model checkpoints needed for continuous training. Third, mandating output recomputation to reduce 'covert channel' capacity below 0.01% would block secret data exfiltration. The author estimates that implementing any one of these three aggressive measures could make training with current algorithms infeasible, potentially buying regulators at least one year of crucial delay to develop more robust safety frameworks and oversight.