Crazy price is automatically added for chatgpt4 (Dangers of Encrypted Client Side Keys)

We use openai API for chatgpt3.5. The maximum monthly billing is 2 dollars. Our application is not widespread yet, but this has happened twice before, it is up to our limit, which was 70 dollars last time, it seems like chatgpt4 is used. Our Apikeys are encrypted, and even though we haven’t used them in the last two weeks, we still got 70 dollars. If we don’t solve this problem, how will we use the API?

Hi.

The best immediate action you can take if you believe that your API has been misused is to revoke the existing API key(s) and replace it with a new one. Then monitor if the issue persists and review your application with a view to whether you are exposing your API key to third parties and make adjustments to your application directly.

Also just FYI in terms of terminology, ChatGPT and the API are two different things. You are using the API with the GPT-3.5 model

2 Likes

I’ll add that there’s no way to reliably encrypt api keys. If you store them in your app, they can be extracted. encrypted or not.

You need to use a proxy/gateway.

2 Likes

I know that, encrypted apikeys are always changing constantly. Besides in Usage>Activity screen there is no gpt4 activty but in cost tab shows gpt4 spending. It’s not normal because even there is no api key, gpt4 usage is increasing.

It happened a few more times, they examined it and refunded the fee, but this time there is no response.

If you have been running into the same issue several times there is no other way than to go back to the drawing board and align your project with the best practices.
Imagine somewhere in accounting is a human being looking at your request and thinking ‘Again?’

https://platform.openai.com/docs/quickstart/step-2-setup-your-api-key

https://platform.openai.com/docs/guides/safety-best-practices

1 Like

Your API key is handled in client code?

Friends, I think I couldn’t explain. There is no problem on the code side! Even if I haven’t created any api key, it shows as if GPT4 is used and suddenly uses all my limit in one minute. It also appears in the reports that there is no API key using GPT4.

The problem here is that you are exposing an API key that’s worth money on the internet. Encrypted or not what you are basically doing is dangling a treasure chest with a lock in front of the whole world with no security.

There is absolutely no reason to ever expose an API key that’s used for paid services in the front-end of your website and you need to listen to what people are telling you.

You are either

  1. Exposing the API key so that you can call the OpenAI endpoint from the client’s server (rendering the encryption useless)
  2. Exposing the API key to pass onto your server for absolutely no good reason

Your API key has been compromised and someone is using it with their own code to now run as many API calls as they can, racking up your bill.

I apologize for the crudeness but this is a topic that gets thrown here once every so weeks and almost every time the person (in this case you) argues that their code is fine instead of acknowledging the problem.

Unless you have set the permissions of your API key correctly, this doesn’t matter. An API key starts with access to all models (AFAIK)

Oh lord

For my better understanding, your are saying that you have, for example, no API keys at all but still can see usage in your dashboard?

In this unfortunate case you can only contact OpenAI support.

1 Like

I’m sorry that even if the king comes, he cannot solve a dynamic system that is also encrypted with 256 sha and special encryption methods. API key is not kept anywhere. I’m also saying that it comes even after all the apikeys are deleted, but you’re talking nonsense. I have no words to you. I can’t waste time with you.

Thank you @vb , I try to communicate with support, in this time I reduce the limit but the fee reached the limit again. I am waiting with no api keys :slight_smile:

1 Like

Sorry for your predicament, certainly something strange going on there.

Apologies for being pedantic, but can we please clarify something?:

Are any calls to Open AI being made directly from browser code?

You cannot see that

  1. you are giving the client’s device the secret and also the key to unlock it, and
  2. the world is full of state-sponsored cryptanalysts, and in this case, skript kiddies, smarter than you.

Your self-assuredness is only a further sign that you are going to make poor security decisions with credentials.

You need to have an app that interacts with a backend and customer accounts. Communication should never go between client devices and OpenAI.

The only way you can remove all API keys from the OpenAI interface is by having them detected as leaked. You must create at least one new one before removing the last.

2 Likes

Thank you @_j ,
Completely forgot about this.

@piaumut
Take it as a lesson learned.
Providing the client with the API key is a mistake. Encrypted or not.

2 Likes

Oh that’s very interesting!

Yes I realized you couldn’t speak with me when you make the same mistake numerous times & refuse to adapt, learn and listen.

You can have a massive, robust titanium lock (encryption) on a weak plywood door (your knowledge of security). I’ll just kick your door down.

“A Dynamic system with 256 Sha and special encryption methods” is feather-fluffing verbiage bordering nonsense.

If you want a successful app I highly suggest hiring someone to audit your code before you start exposing people’s passwords and card information

Yes I know that, but we didn’t use the new api key anywhere.

Dear friend, I understand that you are having difficulty understanding. I am not going to give you the code details and we work with a security company. I explain again that the encrypted apikeys are not kept and cached in the client, they are refreshed instantly. We have an encryption technique between server and client that you cannot understand. The system we encrypt on our server is instantly decrypted when a request comes in from the client and we throw it away and respond to the client. Therefore, even if there is a leak on the server, the encrypted apikey cannot be used. But the problem you can’t understand is that we don’t use gpt4 as a model, it doesn’t seem to be used in the reporting screen, but it is billed over gpt4. Since it was the same way when we deleted the api keys and did not use them, openai refunded us the limit 2 times and told us that the problem was caused by them! I wanted to mention it here so that other people do not experience it, but my dear RonaldGRuckus friend who knows a lot seems to like to waste people’s time by talking.

Find a new job bro

For completion’s sake, I’ll add that OpenAI had an issue with revoking API keys in the past. Even revoked, they would still work for a while.

That however means you need to be doubly careful with leaky keys. In the worst case, it could mean that you would have to set your monthly limit to zero, meaning your application is at a standstill until you migrate to msft or something.


If your app looks anything like this…

    graph TD
    subgraph Rack A
        node1[Node 1]
    end

    subgraph User Device
        app1[App 1]
        certificatesA[Certificates A]
    end

    RemoteAPI[OpenAI API]

    node1 -->|Post quantum encrypted api key| app1
    certificatesA -->|SSL PK| app1
    app1 -->|SSL encrypted api key| RemoteAPI

you will be pwned.

3 Likes

I really don’t get your architecture at all.

Surely for you to make a successful call to Open AI from the client you will need to send an unencrypted API key in the request header and that will sit in the network tab of the browser of every user for all to see?

The only two secure options I can think of are:

  • Use a proxy to add the header (not what you described)
  • Manage all calls from server not client (not what you described)