Supply Chain Attack

Embedding signals to prove model ownership.

Detecting unauthorized model outputs or data leaks.

Increasing model capacity via compute.

Increasing performance via more data.

Legal or policy requirement to explain AI decisions.

Recovering training data from gradients.

Inferring sensitive features of training data.

Extracting system prompts or hidden instructions.