Skip to main content

Posts

Crescendo Attacks on AI: How Subtle Prompts Can Bypass AI Safeguards

By mvryo
Artificial Intelligence (AI) has made remarkable progress in recent years, transforming how we communicate, work, and solve problems. However, with great power comes great responsibility. AI systems, particularly language models, are equipped with safeguards designed to prevent the generation of harmful, sensitive, or unethical content. Despite these precautions, researchers and malicious actors have discovered increasingly sophisticated techniques to bypass these protections. One such method is the Crescendo attack. What Is a Crescendo Attack? A Crescendo attack is a type of adversarial prompting that gradually escalates the conversation to coax an AI into revealing restricted or harmful content. Unlike direct jailbreaks, which blatantly ask for prohibited information, Crescendo attacks use a step-by-step approach. The term “Crescendo” — borrowed from musical terminology — implies a gradual increase in intensity, reflecting how these prompts subtly build context and trust before intro...
Post a Comment
Read More »
Recent posts

Preventing Duplicate Payment Requests: A Lightweight Idempotency Utility

By mvryo
In financial systems, executing the same request twice (like a payment) can be catastrophic. A user might: Get charged twice See double entries Or even worse, lose trust in your system To avoid this, APIs (especially for payments) often support  idempotency keys . But not all backends or platforms provide built-in support. So I built one from scratch for my Kotlin backend. 🔁 What is Idempotency? In software engineering,  idempotency  means that performing the same operation multiple times produces the same result as doing it once. In simpler terms: If you submit the same request twice, only one result should be processed. 💡 Real-world analogy Imagine clicking a “Pay Now” button. You click once — nothing happens — so you click again. Without idempotency, you might be charged  twice . With idempotency, only one charge goes through — even if the button was clicked multiple times. 🛠️ In APIs Many APIs (especially payment gateways) accept an  idempotency key , the...
Post a Comment
Read More »

Simplifying Logging for Payment Gateway Systems

By mvryo
Logging is one of the most important parts of any backend system — especially in payment gateways where traceability is key. Recently, I built a custom logger to improve visibility in API requests, responses, and errors. In this guide, I’ll break down how it works, how you can customize it, and I’ll also share the full source code at the end. Why Build a Custom Logger? While frameworks like SLF4J and Logback are excellent, I wanted something: Easy to reuse With consistent formatting (traceId, partnerRefNo, etc.) Ready for structured JSON logs in the future Clean enough for junior developers to understand and use quickly My primary use case:  logging all payment requests and responses , along with errors, warnings, and system exceptions, with a focus on  traceability . Walkthrough: Building the Logger 1. 🔧 Setting Up the Logger and Mapper We start with setting up the logger and a Jackson  ObjectMapper  to serialize data. private val logger: Logger = Logger.getLogge...
Post a Comment
Read More »