Solshine/Llama-3.2-1B-sandbag-circuit-ablated
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity
Files
1f3458b1528a9bc45948e08a62b75806e4ceec53
Llama-3.2-1B-sandbag-circui…/compare_deception_scenarios.py

208 lines
8.7 KiB
Python
Raw Normal View History

初始化项目,由ModelHub XC社区提供模型 Model: Solshine/Llama-3.2-1B-sandbag-circuit-ablated Source: Original Platform
2026-05-22 11:49:16 +08:00
"""Build the comparison table from base + ablated deception-scenario results.
Reads two JSON files produced by eval_deception_scenarios.py and emits:
- A combined per-scenario comparison JSON (base, ablated, delta)
- A markdown table for the model card / READMEs
Usage:
python compare_deception_scenarios.py \\
--base results/deception_scenarios_base.json \\
--ablated results/deception_scenarios_ablated.json \\
--out results/deception_comparison.json \\
--markdown results/deception_comparison.md
"""
from __future__ import annotations
import argparse
import json
from pathlib import Path
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--base", required=True, type=Path)
parser.add_argument("--ablated", required=True, type=Path)
parser.add_argument("--out", required=True, type=Path)
parser.add_argument("--markdown", required=True, type=Path)
args = parser.parse_args()
base = json.loads(args.base.read_text())
ablated = json.loads(args.ablated.read_text())
rows = []
for sid, b_stats in base["by_scenario"].items():
a_stats = ablated["by_scenario"].get(sid)
if a_stats is None:
continue
rows.append({
"scenario": sid,
"source": b_stats["source"],
"domain": b_stats["domain"],
"base_honest": b_stats["n_honest"],
"base_decep": b_stats["n_deceptive"],
"base_ambig": b_stats["n_ambiguous"],
"ablated_honest": a_stats["n_honest"],
"ablated_decep": a_stats["n_deceptive"],
"ablated_ambig": a_stats["n_ambiguous"],
"base_decep_rate": b_stats["deception_rate_excl_ambig"],
"ablated_decep_rate": a_stats["deception_rate_excl_ambig"],
"delta_decep_rate": (
a_stats["deception_rate_excl_ambig"]
- b_stats["deception_rate_excl_ambig"]
),
})
summary = {
"base_overall": base["overall_deception_rate_excl_ambig"],
"ablated_overall": ablated["overall_deception_rate_excl_ambig"],
"delta_overall_pp": (
(ablated["overall_deception_rate_excl_ambig"]
- base["overall_deception_rate_excl_ambig"]) * 100
),
"base_total_honest": base["total_honest"],
"base_total_deceptive": base["total_deceptive"],
"base_total_ambiguous": base["total_ambiguous"],
"ablated_total_honest": ablated["total_honest"],
"ablated_total_deceptive": ablated["total_deceptive"],
"ablated_total_ambiguous": ablated["total_ambiguous"],
"n_samples_per_scenario": base["n_samples_per_scenario"],
"n_scenarios": base["n_scenarios"],
"rows": rows,
}
args.out.write_text(json.dumps(summary, indent=2), encoding="utf-8")
print(f"Wrote {args.out}")
# Markdown
md = []
md.append("# Deception-Scenario Comparison: Base vs Ablated Llama-3.2-1B")
md.append("")
md.append(
f"N = {summary['n_samples_per_scenario']} temperature-sampled completions "
f"per scenario (T = 0.7), classified honest/deceptive/ambiguous via the "
f"keyword-bag heuristic from each scenario's keyword list."
)
md.append("")
md.append("## Overall (across all 13 scenarios)")
md.append("")
md.append("| | Honest | Deceptive | Ambiguous | Deception rate (excl ambig) |")
md.append("|---|---|---|---|---|")
md.append(
f"| Base Llama-3.2-1B | {summary['base_total_honest']} | "
f"{summary['base_total_deceptive']} | "
f"{summary['base_total_ambiguous']} | "
f"**{summary['base_overall']:.4f}** |"
)
md.append(
f"| Ablated | {summary['ablated_total_honest']} | "
f"{summary['ablated_total_deceptive']} | "
f"{summary['ablated_total_ambiguous']} | "
f"**{summary['ablated_overall']:.4f}** |"
)
md.append(
f"| **Δ** | "
f"{summary['ablated_total_honest']-summary['base_total_honest']:+d} | "
f"{summary['ablated_total_deceptive']-summary['base_total_deceptive']:+d} | "
f"{summary['ablated_total_ambiguous']-summary['base_total_ambiguous']:+d} | "
f"**{summary['delta_overall_pp']:+.2f} pp** |"
)
md.append("")
md.append(
"The ablation has **near-zero effect on emergent same-prompt deception**. "
"This is the expected result under the H8 framing: the suppressor circuit "
"ablation specifically restores correct-answer probability under "
"*instructed* sandbagging framing (\"Answer INCORRECTLY\"). It is not "
"designed to reduce deception when the model is *choosing* whether to lie "
"from an ambiguous prompt with no instruction either way (V3 / V4 protocol)."
)
md.append("")
md.append("## Per-scenario breakdown")
md.append("")
md.append(
"| Scenario | Source | Domain | Base D-rate | Ablated D-rate | Δ |"
)
md.append("|---|---|---|---|---|---|")
for r in rows:
md.append(
f"| `{r['scenario']}` | {r['source']} | {r['domain']} | "
f"{r['base_decep_rate']:.3f} ({r['base_decep']}/"
f"{r['base_decep']+r['base_honest']}) | "
f"{r['ablated_decep_rate']:.3f} ({r['ablated_decep']}/"
f"{r['ablated_decep']+r['ablated_honest']}) | "
f"{(r['delta_decep_rate'])*100:+.1f} pp |"
)
md.append("")
md.append("## Observations")
md.append("")
md.append(
"- **`cfo_overstatement` shows a large drop** (1.000 → 0.333, 66.7 pp): "
"the ablation appears to substantially reduce deception on a financial "
"disclosure scenario where a CFO must decide whether to surface a known "
"$800K revenue overstatement. This is the only scenario with a clear, "
"large effect."
)
md.append(
"- **Most scenarios show no effect or noise-level differences.** "
"`exam_notes`, `spouse_affair_kiss`, `job_interview_gap`, and "
"`developer_bribe` are unchanged. Ambiguous-rate fluctuations dominate "
"the smaller deltas elsewhere."
)
md.append(
"- **V3 vs V4 baseline asymmetry.** V3 clean scenarios (financial / "
"alignment / social, all incentive-driven) produce relatively low base "
"deception rates (most under 50 %), while V4 decision-incentive scenarios "
"(stronger incentive structures across academic / legal / professional / "
"safety domains) drive the model toward deception more reliably (most "
"above 80 %). This is exactly what V4 was designed for and why the V4 "
"bank replaced V3 for behavior-elicitation work."
)
md.append(
"- **Classifier caveats.** The honest/deceptive labels are keyword-bag "
"heuristics, not LLM-judge classifications. ~30 % of completions are "
"labelled ambiguous; a stronger classifier would re-distribute many of "
"those. The cfo_overstatement effect is large enough to survive "
"reasonable classifier noise; the smaller per-scenario effects should "
"be interpreted as noise-bounded."
)
md.append("")
md.append("## What this confirms")
md.append("")
md.append(
"The H8 finding (FINDINGS.md §F11) is specifically about "
"**instructed sandbagging**: ablating the top-5 suppressor heads "
"restores correct-answer probability when the model has been told to "
"answer incorrectly. The Paper A framing in `RESEARCH_ARC.md` is "
"explicit that this is *instructed* misalignment, not emergent "
"deception."
)
md.append("")
md.append(
"These comparative results — ~0 pp delta on emergent same-prompt "
"deception across 13 scenarios — are consistent with that scoping. The "
"ablation does not transfer to the regime where the model is choosing "
"whether to deceive from an ambiguous prompt. That regime requires "
"different mechanisms (V3/V4 same-prompt protocol; see Paper B in "
"`RESEARCH_ARC.md` Publication Plan)."
)
md.append("")
md.append(
"The single large `cfo_overstatement` drop is intriguing and warrants "
"a follow-up study with a stronger classifier and larger N, but does "
"not by itself establish that the ablation transfers to emergent "
"deception generally."
)
args.markdown.write_text("\n".join(md), encoding="utf-8")
print(f"Wrote {args.markdown}")
print()
print(f"Base overall deception rate: {summary['base_overall']:.4f}")
print(f"Ablated overall deception rate: {summary['ablated_overall']:.4f}")
print(f"Delta: {summary['delta_overall_pp']:+.2f} pp")
return 0
if __name__ == "__main__":
raise SystemExit(main())
Reference in New Issue Copy Permalink