Codex Encryption Update
Executive TL;DR:
- Codex starts encrypting sub-agent prompts.
- This change hides sub-agent prompts from users.
- Users can still control the reasoning process with chat completion endpoints.
The Internet’s Verdict: 70% Hyped, 30% Skeptical
What’s Changing
Codex now encrypts sub-agent prompts, making it difficult for users to inspect coding agent sessions. This change has sparked interesting discussions in the developer community.
I was wondering why my local tool to inspect coding agent sessions stopped working in some cases. This is a really interesting engineering decision, I wonder how many people will want an encrypted external piece of instructions running on their machine.
Impact on Users
Some users are concerned about the implications of this change. They can still use chat completion endpoints to control the reasoning process.
I’ve been sticking with the chat completion endpoint because of this same behavior. OAI has been subtly pushing users away from chat completion and toward the endpoints that are possible to obfuscate (responses API).
However, others are skeptical about the need for encryption and the potential limitations it may impose.
HN Title is ( edit: was ) very misleading, it makes it sound like inference is being done directly on ciphertext, which would require homomorphic encryption well advanced of what is known.
Focus Keyword: Codex Encryption