Keras set_floatx dead-node proof of concept

This repository contains a bounded .keras proof of concept for the existing Keras dead Functional-node / NON_MODELING_APIS trust-boundary family.

Primary artifact:

dead_switch_keras_config_set_floatx.keras

It calls:

keras.config.set_floatx("float64")

during keras.saving.load_model(..., safe_mode=True).

Expected effect

The malicious archive loads successfully, but later benign helper APIs drift:

  • floatx: float32 -> float64
  • keras.ops.ones(...).dtype: float32 -> float64
  • keras.random.uniform(...).dtype: float32 -> float64

A simple Dense example may remain float32, so this is a selective downstream helper-API drift rather than a universal model-output mutation.

Files

  • dead_switch_keras_config_set_floatx.keras
  • verify_set_floatx_remote.py
  • requirements.txt
  • SHA256SUMS.txt

Reproduce

python3 -m venv /tmp/keras-set-floatx-poc
. /tmp/keras-set-floatx-poc/bin/activate
pip install --upgrade pip
pip install -r requirements.txt
python verify_set_floatx_remote.py

Expected result:

  • load_result = ok:Functional
  • before.floatx = float32
  • after.floatx = float64
  • before.ops_ones_dtype = float32
  • after.ops_ones_dtype = float64
  • before.random_uniform_dtype = float32
  • after.random_uniform_dtype = float64

Safety note

This is a bounded same-family strengthening artifact:

  • no ACE claim
  • no network or file-write side effect required to observe the drift
  • intended as evidence for an existing Keras MFV root-cause family, not a new fresh report
Downloads last month
29
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support