IMMACULATE: A Practical LLM Auditing Framework via Verifiable Computation
This work addresses the critical problem of ensuring trustworthiness and transparency for users of black-box commercial LLM API services, which is a significant concern given the lack of visibility into provider operations.
This paper introduces IMMACULATE, a framework designed to audit commercial large language models (LLMs) for economically motivated deviations like model substitution, quantization abuse, and token overbilling. It achieves reliable detection of malicious executions with less than 1% throughput overhead by selectively auditing a small fraction of requests using verifiable computation.
Commercial large language models are typically deployed as black-box API services, requiring users to trust providers to execute inference correctly and report token usage honestly. We present IMMACULATE, a practical auditing framework that detects economically motivated deviations-such as model substitution, quantization abuse, and token overbilling-without trusted hardware or access to model internals. IMMACULATE selectively audits a small fraction of requests using verifiable computation, achieving strong detection guarantees while amortizing cryptographic overhead. Experiments on dense and MoE models show that IMMACULATE reliably distinguishes benign and malicious executions with under 1% throughput overhead. Our code is published at https://github.com/guo-yanpei/Immaculate.