We’ve created and released a Mobile App that uses the API, and have been keeping a close eye on usage and cost as our user base grows.
Everything was looking normal, and we were seeing very modest API cost, day over day, $0.05 $0.07 $0.06 etc.
Then, out of nowhere, it jumped to over $120 in a single day. The way our App is designed, a “Power” user could never input enough to generate a usage bill that high, especially considering we’re using 3.5-Turbo and not 4.
So the only logical explanation is that our API key was compromised. And is being used in an unauthorized way.
Does anybody else have experience with protecting their API keys in Apps? Having their API key compromised? Any recourse that can be taken? We’ve already revoked the key to stop current usage.
The only thing I could imaging is building our own API layer in front of access to OpenAI to be able to throttle and control which user consumption. Maybe this was the correct approach from the start, and I was ignorant to assume direct access to the API would be safe.
It sounds like they were able to monitor the network traffic and capture your key.
It’s just a bad idea having your API key exposed anywhere in the front-end of your service
Great thought. Maybe consider extending this further with serverless architecture such as Firebase, so that your database works as the API / Authentication / Database layer all together. With a nice configuration the user would only ever interact with your database (which has built-in authentication with Firebase)
I’d recommend you put your calls in a cloud. It protects your API key and the prompt. Serverless is perfect for this. You can actually ask GPT-4 to walk you through this, step-by-step, lol.
I’ve seen a few cases like this where Keys have been misused and it’s normally people embedding them in things that they then give out to users. From C#, iOS, Android etc., there is little you can’t break into and extract data from if you put your mind to it.
Can you explain how this is very easy? If you download a Signed IPA from Apple, and decompile it in a popular tool like MobSF, all the Strings are still obfuscated. I tested this myself. So now, how does one go about reverse engineering that? To actually extract entire Strings in their original format?
Something to think about. The ones I have seen have the generic “You shouldn’t include your API key in your code message” but they don’t provide an alternative and junior developers just build their entire apps around the package, then they are stuck an publish.
I think the creators know and published while they were testing out the API.
Update: Downloaded Charles Proxy on my Mac. Setup an HTTP Proxy, forwarded all my iPhone Traffic through it, and Downloaded the Charles Proxy SSL Cert, gave it root access on my iPhone, and was able to decrypt the HTTPS request from my iPhone. Took 10 minutes. In plain text, was my Authentication Header containing the full API Key. No library on GitHub that talks to the OpenAI API directly from any non-authenticated Front End Client (Web, Mobile, etc) is safe. Embarrassing I forgot how easy this was to do, but lesson learned.
This is classic mistake in API security. Many games have died from cheating and abuse because of this mistake, for example.
Any bits in the hands of a user, will be read by that user.
What you need to do in these cases, is run your own intermediate API service, which does rate limiting and user verification, and that in turn calls the upstream API (OpenAI in this case.)
If you don’t want to run servers, you could probably do this on top of Firebase or AWS Lambda.
I’m not saying that it’s impossible that my key was also compromised, in fact that is fully within the realm of possibility, however this is one of many examples i’ve found, like my own, that occured nearly overnight. It could have been some set of users who obtained a bunch of keys and used them in batches to process massive amounts of data- maybe to build their own LLMs/get loads of training data, but there’s also a chance that this could have been some sort of glitch or runtime error. I’m suggesting this is the case because in addition to the inordinate usage that i accrued over the past day and a half(ironically my personal API usage dramatically lowered this week) I am still unable to view my usage breakdowns. According to the Openai Status, this was a ‘known issue’ and then ‘dealt with’ shortly thereafter. Since I’m unable to view my usage still, I’m going to go ahead and say it’s actually not still dealt with, and if my usage was still high but that was the entire story, i’d be even more confused about not being able to view the breakdowns.
Moving forward, i plan on using an additional third party application, or personal private server method, to both keep my token secure and also get more robust monitoring information.
Hope we get some more information about what happened here shortly. My current use cases are limited but our customers were greatly benefiting from them, and I’ve been thoroughly enjoying the process of exploration into finding new ways of integrating AI for business and personal use.
The only way I can think of is, that your API key should be running in the backend, and not in the front end AJAX calls to the back end. That’s also mentioned in the docs to secure it. I am assuming you have done this?