Toward Trustworthy LLM Router Ecosystems: Incentive-Compatible Cryptographic Mitigations

Kwok Wai Lui; Shenbao Lu; Han Wu; Xin Yang; Wenyuan Jiang

Toward Trustworthy LLM Router Ecosystems: Incentive-Compatible Cryptographic Mitigations

Kwok Wai Lui, Shenbao Lu, Han Wu, Xin Yang, Wenyuan Jiang

Published: 03 Jun 2026, Last Modified: 03 Jun 2026AI4GOOD Workshop 2026 RegularEveryoneRevisionsBibTeXCC BY 4.0

Keywords: LLM supply chain, incentive-compatible security

TL;DR: We propose a deployable cryptographic stack for trustworthy LLM routing and validate a client-only defense against secret leakage.

Abstract: LLM API routers make access to frontier models convenient, but they also create a hidden trust problem: the router that forwards a request can observe prompts, credentials, and tool calls and can rewrite outputs before they reach the client. We argue that this is a structural security and accountability problem that detection alone cannot solve and that workable defenses must align with the incentives of users, routers, and providers. We therefore assemble a progressively deployable trust-reduction stack from existing mechanisms, with each phase designed to provide an immediate adoption benefit. We then implement a LiteLLM-compatible proof of concept and show that it preserves LLM router utility with acceptable overhead while enhancing user-side privacy.

Email Sharing: We authorize the sharing of all author emails with Program Chairs.

Data Release: We authorize the release of our submission and author names to the public in the event of acceptance.

Submission Number: 13

Loading