API Key Leakage

1# { "Depends": "py-genlayer:15qfivjvy80800rh998pcxmd2m8va1wq2qzqhz850n8ggcr4i9q0" }2​3from genlayer import *4​5# Module 3 (Vulnerable) -- API key leakage.6# Anti-pattern: a third-party API key embedded in contract source AND7# state. Validators don't have to "read" anything special -- the contract8# bytecode and storage are public on-chain, so anyone reading the explorer9# sees the secret. Also, web.render to a real third-party API is wasteful10# when GenLayer validators already have first-class LLM access.11​12# WARNING: this is a deliberate anti-pattern. The value below is NOT a real13# key -- it's a clearly-fake placeholder shaped to avoid matching any14# provider's secret-scanning regex. The lesson is structural, not literal.15LEAKED_API_KEY = "FAKE-demo-key-do-not-use-visible-on-chain-0000"16OPENAI_URL = "https://api.openai.com/v1/chat/completions"17​18​19class VulnerableAPI(gl.Contract):20    api_key: str21    last_summary: str22​23    def __init__(self):24        # Storing a secret in state is the bug.25        self.api_key = LEAKED_API_KEY26        self.last_summary = ""27​28    @gl.public.write29    def summarize(self, text: str) -> None:30        # web.request with an external auth token is doubly bad:31        #   - the secret is visible to anyone reading the deployed code32        #   - the call will return 401 because the key is fake,33        #     producing a clean FINISHED_WITH_ERROR on Bradbury.34        bounded = text[:512]35​36        def _call() -> str:37            url = OPENAI_URL + f"?demo_key={self.api_key}&q={bounded}"38            resp = gl.nondet.web.request(url, method='GET')39            if resp.status_code >= 400:40                raise Exception(f"api returned {resp.status_code}")41            return resp.body.decode("utf-8", errors="replace")[:200]42​43        self.last_summary = gl.eq_principle.strict_eq(_call)44​45    @gl.public.view46    def get_api_key(self) -> str:47        # Even worse: a public getter for the secret.48        return self.api_key

1# { "Depends": "py-genlayer:15qfivjvy80800rh998pcxmd2m8va1wq2qzqhz850n8ggcr4i9q0" }2​3from genlayer import *4​5# Module 3 (Patched) -- Safe summarisation.6# No third-party API, no secret. Validators run the LLM themselves via7# gl.nondet.exec_prompt and reach consensus through prompt_comparative.8# If you genuinely need a private API, the right pattern is an off-chain9# proxy that signs/authenticates separately and is referenced by URL only.10​11​12class SafeAPI(gl.Contract):13    last_summary: str14    config_proof: str15​16    def __init__(self):17        self.last_summary = ""18        self.config_proof = ""19​20    @gl.public.write21    def summarize(self, text: str) -> None:22        # Bound input to keep prompts predictable across validators.23        bounded = text.strip().replace("```", "ʼʼʼ")[:1000]24​25        def _llm() -> str:26            prompt = (27                "Summarise the following text in one sentence (max 25 words). "28                "Output the summary only, no preface.\n"29                f"```\n{bounded}\n```"30            )31            return gl.nondet.exec_prompt(prompt).strip()32​33        self.last_summary = gl.eq_principle.prompt_comparative(34            _llm,35            principle="Summaries must convey the same key information.",36        )37​38    @gl.public.write39    def demonstrate_fix(self) -> None:40        """Deterministic proof that no third-party API key lives in this41        contract -- the set of storage fields does not include one."""42        self.config_proof = "NO_API_KEY_IN_STATE; validators run LLM directly"43​44    @gl.public.view45    def get_last_summary(self) -> str:46        return self.last_summary47​48    @gl.public.view49    def get_config_proof(self) -> str:50        return self.config_proof