Volume 1, No. 61 Sunday, May 3, 2026 AI News Daily

The AI Dispatch

“All the AI News That’s Fit to Compile”

Safety Theory

New Paper Argues Verifying AI Safety Is Computationally Intractable

Jasper Yao’s preprint “The Alignment Trap: Complexity Barriers” — circulated this week and gaining steady citations across the safety community — establishes that verifying the safety of AI systems above a critical capability threshold requires exponential time and is coNP-complete. The result formalizes a long-held intuition into a hard theoretical wall: sufficiently capable systems cannot be conclusively verified safe by any polynomial-time process, regardless of approach.

By AI Dispatch Desk · May 3, 2026 · Source: arXiv 2506.10304

For most of the past three years, the case for AI safety verification has rested on an implicit engineering optimism: that with sufficient cleverness, test coverage, and red-team effort, the safety of a frontier model could in principle be established before deployment. Jasper Yao’s newly circulated preprint, “The Alignment Trap: Complexity Barriers,” argues that this implicit optimism is mathematically misplaced. Above a definable capability threshold, the verification problem is not merely hard; it is coNP-complete, with verification cost growing exponentially in the system’s capability index.

The paper’s central construction defines a verifier as any procedure that, given an AI system and a safety specification, returns a sound certificate of whether the system satisfies the specification across its full input space. Yao demonstrates that for systems above the threshold — roughly, systems capable of compositional reasoning over open-ended input distributions — any sound verifier must in the worst case enumerate a search space whose size scales super-polynomially with capability. The proof proceeds by reduction from boolean satisfiability and is, by the standards of the field, unusually clean: it does not depend on any specific model architecture or training method.

What follows from the result is more consequential than the result itself. The most common framing of pre-release safety testing — that a sufficiently rigorous evaluation suite can certify a system is safe before it ships — is, on Yao’s analysis, structurally impossible above the threshold. Evaluations can establish the presence of specific known harms (an existence proof, in complexity-theoretic terms, which is tractable). They cannot establish the absence of unknown harms (a universal claim, which is not). The asymmetry is not a matter of effort or budget; it is a matter of computational class.

The political timing is sharp. The White House has, over the past three weeks, floated an FDA-style pre-release vetting regime for frontier AI systems — a proposal that depends implicitly on the assumption that a federal evaluator could meaningfully certify safety before approval. Industry voluntary commitments to “test before release” carry the same implicit assumption. Yao’s paper does not claim such regimes are useless; it claims they cannot do what their proponents say they do. A regulator can document the absence of known failure modes. It cannot, in any computationally meaningful sense, certify that no failure modes exist.

The paper has been received with a mixture of resignation and relief inside the alignment research community — resignation that the verification ceiling appears lower than many had hoped, relief that the result is now formalized rather than merely felt. Several prominent researchers, including those most associated with scalable oversight research, posted brief endorsements over the weekend. The harder downstream question, taken up in this edition’s Why It Matters feature, is what kind of safety regime survives the result intact.

Why It Matters

The Capability/Verification Gap, Explained

By AI Dispatch Desk · May 3, 2026 · Source: Editorial framing on arXiv 2506.10304

Most current AI “evaluation suites” — the ones cited in voluntary safety commitments, government-facing red-team reports, and industry safety cards — test for specific, named harms: CSAM generation, jailbreak resistance, biothreat-assistance refusals, election-disinformation behavior. These are existence checks. An evaluator runs a battery of prompts, observes whether the model produces the bad output, and reports the rate. The Alignment Trap argues that as capability grows, the space of possible harms grows super-polynomially while the verifier’s reach grows at most polynomially. Translation for policymakers: pre-release testing can flag known issues but cannot prove the absence of unknown ones.

What Evaluation Suites Actually Do

Every public evaluation suite is, in formal terms, a finite set of test cases drawn from a much larger threat space. The cases are chosen by humans, informed by past incidents and current adversarial research, and they grow over time as new failure modes are discovered. The growth is linear or low-polynomial: each new failure mode contributes a constant number of new test cases.

Capability grows differently. As a model becomes more compositional — better at combining concepts, longer at planning, more capable of using tools — the cross-product of capabilities and contexts in which they can be deployed grows multiplicatively. Yao’s argument is that this asymmetry is not an artifact of current methods; it is a property of the problem.

What This Leaves on the Table

Two things survive the result intact. The first is harm-specific evaluation: it remains tractable and useful to test whether a system produces a named class of bad outputs under adversarial prompting. The second is post-deployment monitoring: continuous observation of real-world behavior, with the ability to roll back or restrict capabilities when problems emerge.

What does not survive is the framing of pre-release certification as proof of safety. Regulators who wish to act on Yao’s result will need to either lower the bar for what pre-release review can claim, or accept that meaningful safety assurance is necessarily a continuous post-deployment process rather than a one-time gate.

Open-Source Infrastructure

The Inference Stack This Week

vLLM stabilizes the DeepSeek V4 path; llama.cpp lands comprehensive V4 support and a modality-aware adapter system; the engines beneath the engines keep shipping.

Infrastructure

vLLM v0.20.1 Patches DeepSeek V4 Stability and FP4 Conversion

Source: vLLM Releases

Released May 3 as a patch on the v0.20.0 milestone shipped April 27, vLLM v0.20.1 focuses almost entirely on DeepSeek V4 stabilization. The release adds multi-stream pre-attention GEMM, BF16/MXFP8 all-to-all paths for FlashInfer’s one-sided communication, and a PTX cvt instruction for faster FP32→FP4 conversion — the kind of low-level kernel work that turns a model that runs on V4 hardware into a model that runs efficiently on V4 hardware. The critical bug fixes address a persistent TopK cooperative deadlock at TopK=1024 and an inter-CTA race on RadixRowState that intermittently surfaced under high concurrency. Together the changes mark V4 inference as moving from experimental to stable in vLLM’s production track.

Inference Engines

llama.cpp DeepSeek V4 Integration Lands; Modality Adapters Follow

Source: Weekly llama.cpp Report

Work tracked in llama.cpp discussion #22376 culminates in the week of May 4–11 with comprehensive DeepSeek V4 support: a GGUF conversion pipeline, runtime graph and memory management for MoE routing, native FP4/FP8 quantization, and CUDA performance optimizations targeting the same V4 hardware that vLLM is now stabilizing on. A second landing — modality conditional adapters — automatically toggles LoRA adapters based on detected input modality (text, speech, vision) without requiring separate model boots. Initial support covers IBM Granite Speech and the Granite vision variants, with the architecture designed to accept arbitrary modality-adapter pairs going forward. Between the two releases, llama.cpp closes most of the feature gap that opened when V4 shipped.

Weekend Reading

Sunday Briefs

A quiet day on the regulatory wire; arXiv is in the pre-NeurIPS-deadline calm before the Monday flood. Two items worth flagging.

Mech Interp Theory Update: SAE Convergence Conditions

“A Unified Theory of Sparse Dictionary Learning” (arXiv 2512.05534) received a significant revision on May 2, formalizing convergence conditions for the sparse autoencoders that have become the standard tool in mechanistic interpretability work. The revised version clarifies when SAE training is expected to find globally optimal sparse dictionaries versus when it converges to spurious local minima — an issue that has shadowed published interpretability results since the technique’s rapid adoption. The practical upshot is that several earlier SAE-based feature claims now have a formal test for whether the underlying dictionary should be trusted; the theoretical upshot is that the community now has a shared mathematical vocabulary for talking about when interpretability artifacts are real.

Source: arXiv 2512.05534

Weekend Reading: A Quiet Sunday on the Wire

Sunday on the regulatory front is, mercifully, quiet. The EU AI Act omnibus collapse story has run its course for the week, the state legislative calendar is in weekend recess, and the federal agencies that drove most of the past two weeks of news are between announcements. arXiv is in the characteristic pre-NeurIPS-deadline calm: the next two weeks will bring a flood of preprints as the May submission window closes, but the weekend before is always thin. A good day, in other words, for the longer-form theoretical work that fills today’s lead.

Editorial note. No external source.

GitHub Trending

Sunday Snapshot — what the open-source world is starring on May 3, 2026.

GitHub Trending — Sunday Snapshot
Repo Language Stars What it does
colbymchenry/codegraph TypeScript New trending Pre-indexed code knowledge graph designed for Claude Code — trades index-time work for query-time speed.
NousResearch/hermes-agent TS/Python ~130K Self-hosted autonomous AI agent framework from Nous Research; v0.13.0 release expected May 7.
mattpocock/skills TypeScript +44.5K May Curated Claude Code skills collection — one of the fastest-growing agent-tooling repos this month.
ollama/ollama Go Trending Run LLMs locally — still the default first-stop for new local inference users.
astral-sh/uv Rust ~85K Fast Python package and project manager — the de facto replacement for pip-tools in 2026 ML stacks.