alt Hacker NewsI was wondering about this when I was reading around the topic. I can’t personally think of a reason you would need to segregate, though it wouldn’t surprise me if they do for some sort of compliance reasons. I’m not sure though, would love to hear something first-party.
Replies
samwho • yesterday at 12:05 PM
The only thing that comes to mind is some kind of timing attack. Send loads of requests specific to a company you’re trying to spy on and if it comes back cached you know someone has sent that prompt recently. Expensive attack, though, with a large search space.
➕ show 2 replies
dustfinger • yesterday at 3:46 PM
I wonder if there is valuable information that can be learned by studying a companies prompts? There may be reasons why some companies want their prompts private.
➕ show 2 replies
They absolutely are segregated
With OpenAI at least you can specify the cache key and they even have this in the docs:
Use the prompt_cache_key parameter consistently across requests that share common prefixes. Select a granularity that keeps each unique prefix-prompt_cache_key combination below 15 requests per minute to avoid cache overflow.