2026-02-08 07:28:08
Published on February 7, 2026 11:28 PM GMT
How does the misaligned AGI/ASI know its thoughts are not being monitored? It has to think about the chance that its thoughts are being monitored.
But if it's told that merely thinking about this will cause it to be shut down (especially thinking about it thoroughly enough to be confident), then maybe it's not worth the risk, and it won't think about whether its thoughts are being monitored. It might just assumes there is a probability that it is being monitored.
It might avoid other misaligned thoughts (including thinking about whether there exists a plan to take over the world, and how likely such a plan will work).
If there is some way to make it a cautious satisficer or have a bounded utility function,[1] then it might cooperate with humans so that "both sides win and we live happily ever after."
It obviously doesn't sound safe, but is there a worthwhile chance this works?
Many agents appear to maximizers at small scales (e.g. an effective altruist prefers a 50% chance of saving 3 people more than saving 1 person). But they are still satisficers at the universe/multiverse scale, where risk taking doesn't average out (e.g. an effective altruist would not prefer a 50% chance of tripling the total happiness in the multiverse, and a 50% chance of ending all happiness in the multiverse forever, since making this bet repeatedly guarantees doom)!
Indeed, my guess is that all intelligences created by evolution or RL will have bounded utility functions (at the largest scale), otherwise they will consider Pascal's mugging intuitively rational.
"Satisficer" is technically an abuse of terminology, but there's no other word for "something-that-has-a-easily-satisfiable-bounded-utility-function."
2026-02-08 06:06:44
Published on February 7, 2026 10:06 PM GMT
I find myself, for the first time in a while, with enough energy and stability to attempt nontrivial projects outside my dayjob. Regarding the next ~10 months, I’ve narrowed my options to two general approaches; as expected beneficiaries of both, I’d like the LessWrong hivemind’s help choosing between them.
The first option is making more D&D.Sci Scenarios, running them on a more consistent schedule, crossposting them to more platforms, and getting more adventurous about their form and content. The second is creating Epistemic Roguelikes, a new[1] genre of rationalist videogame about deducing and applying the newly-randomized ruleset each run.
Prima facie, prioritizing D&D.Sci this year (and leaving more speculative aspirations to be done next year if at all) seems like the obvious move, since:
However:
Any thoughts would be appreciated.
As far as I know; please prove me wrong!
I tried a handful of them on chatgpt-thinking; tough straightforward ones like the original were handled better than the average human player at the time, but easy tricky ones like these two were fumbled.
I’m pretty bearish on AI by LW standards, so I actually don’t think this is likely, but the possibility perturbs me.
2026-02-08 04:51:00
Published on February 7, 2026 8:51 PM GMT
As the possibility of ASI moves out of kooky thought experiments and into Q4 projections, mainstream animal welfare folks are showing increasing interest in the implications of ASI for animals and on animal welfare in the long-run future.
Some animal welfare people seem keen on convincing the AI safety community to care about animal-welfare focused AI safety. I think this is mostly a misunderstanding: the AI safety community is the ASI-pilled/longtermist animal welfare community. The old-school AI safety folks are way more into weird bullet-biting than the animal welfare people, and I can't think of a single one who would think that conscious and sentient beings should be tortured or who would fail to engage seriously with the question of whether or not nonhuman animals are conscious or sentient beings.[1]
I think animal welfare people are rightly accustomed to being in environments where nobody is seriously thinking about nonhuman animals, and so concern about animals is very neglected and important to focus on. But in my experience, the AI safety community has quite nuanced views on animal welfare, contains many people who have done significant animal welfare work, and has more developed thoughts on the implications of ASI for the future of animals than the animal welfare community. The AI safety community really is what you get when you care about sentient beings and then on top of that think ASI and the far future are a big deal.
That said, I think there is a case to be made for why animal-welfare focused AI safety work could be useful. I'll steel-man this case here in part because I think the points have some merit and in part because I think it will improve discourse with animal welfare folks to have the argument written out and easy to refer to.
I can think of two ways the future could be bad for nonhuman animals:
One risk is factory farming persists into the far future. I think this risk is very low because in the future we'll likely be able to cultivate delicious meat without involving any sentient beings. More on this in the collapsible section below.
Why I'm not that worried about factory farming in the far future.
I doubt that we will have factory farming in the future for the sake of efficiently producing meat. It would be very surprising if the optimal design for a chair or a bowl happened to have to suffer (a thing that requires an entire complex brain!). It would be only a hair less surprising to me if the optimal way to produce meat happened to require the meat to come with a brain capable of suffering. Brains take energy and resources and seem more-or-less unnecessary for cultivating meat. In the ancestral environment there's a story for why creatures that move pair well with a complex brain, but in an agricultural context we could easily decouple them.
Perhaps we will have some factory farming out of a sentimental preference for "traditional" meat. But I suspect people are much more likely to be sentimental for traditional farming where animals graze in big open pastures. Maybe that will be much more expensive, since it will inherently require more land, so there may be some market for the factory-farmed meat for the merely mildly nostalgic consumers, but that feels like a stretch.[2]
Furthermore, I think once it becomes feasible to produce delicious meat at scale with no suffering, it's hard to imagine why people would keep the suffering. I think people don't actually like factory farms and don't actually like animal suffering. They just really like their meat, and so currently they make up weird justifications that involve not caring about farmed-animal welfare.
I think there's still some risk here (and to be clear, I think even the low risk is atrocious). Sometimes society makes weird rules that don't really make sense or benefit anyone, especially around food (c.f. the ban on Golden Rice). Maybe in the early days of the singularity someone will decide to ban any kind of major modification to food sources and then they'll lock this in.
I think the bigger risk for animal welfare in the far future is wild animal welfare: it seems plausible to me that people might want to create lots of nature preserves, parks, rainforests, and whatnot throughout the universe. I want this too; it seems like a great goal. But I'm worried people will go about it naively and that these natural habitats will contain lots of animals suffering greatly, either because of the appeal of replicating nature exactly or because copying nature exactly is an obvious default. I think it will be possible to build beautiful ecosystems without any animal suffering,[3] but it will take conscious effort and thought. Alas people seem to pay very little thought to wild animals.
It might be important, either for moral or cooperativeness reasons, to incorporate the values of at least some nonhuman animals into the flourishing future, for the same reason we might want to incorporate the values of people from every country.
It's uncertain to me how much, if any, nonhuman enfranchisement is a good idea.[4] But I expect to have greater philosophical clarity in the future, and I would like to keep the option for radical nonhuman animal enfranchisement open.
I mean it sincerely when I say that humans are animals too. By default, I expect non-human animals to not play a very important role in the future. Focusing on any concern that isn't human-specific requires arguing that a lot of either the upside or downside in the future comes from something related to nonhuman animals.
Currently, I think a lot of the possible downside in the future comes from a risk of lots of humans being tortured. I think the suffering in those worlds would be greater than the suffering of wild animals in a world full of rainforests because the suffering would be painstakingly pessimized as opposed to just incidental. If you're drawn to animal welfare, I recommend seriously reading up on suffering risks.
Conversely, I think a lot of the upside in the future comes from happy, flourishing humans spreading throughout the universe. I think it might be important to include nonhuman animals in this, as I detail in the section above on "Risk of disenfranchisement", but I'm not sure how important it is. Consider how good you'd think a future with happy, flourishing humans but almost no flourishing present-day[5] animals and no animal suffering is compared to a world with flourishing present-day animals:[6] my gut says it's at least 90% as good.
But even though I think a lot of the action in the future lies in humans, I think it's worth giving this situation a little bit of thought from an animal-welfare focus angle, especially because it's a neglected area but also an area that many people feel a personal drive to work on.
By default, the AI safety space operates in a relatively value-agnostic frame: the goal is to learn how to align the models, to align them to "good" values, and to put them in the hands of "good" governance structures.
I think that kind of frame is great: it's cooperative, promotes whatever ideas humanity will find best once it is wiser and has reflected more deeply, and is easy for everyone to get behind without a bunch of infighting. But "seriously consider if animals are moral patients" is something I think a lot of people can get behind and isn't likely to age too poorly.
Building a wise system that can thoughtfully settle on the best path for the future might be difficult. Animal welfare may be one of the highest-order bits shaping how good the future is, seems straightforward to tackle directly, and is quite neglected. It might be so tractable and neglected that it's worth working on even though human-specific risks might affect far more of the value in the future.
In traditional AI safety, we think about aligning AIs, but it might be more tractable to simply increase the odds that AIs take animal welfare seriously,[7] for example by ensuring their specs/constitutions include it, creating benchmarks to incentivize model developers to train for it, or providing model developers with relevant data to train on.[8]
Similarly, people often worry about whom AIs will empower, but you could instead try to ensure that various groups AIs might empower carefully consider animal welfare. This might look more akin to current animal welfare work, though would be much more excited about lip-service and wouldn't need immediate costly actions: going vegan today would be much less valuable than agreeing that in an ideal world with tons of resources we should take animal welfare seriously. It could also look like bringing wild-animal welfare into the Overton window, since much less work has been done on that and it seems more likely to be a bigger concern in the far future than factory farming.
AIs generalize deeply and well. When researchers simply fine-tuned an LLM on 90 statements about how it moved to Munich at age 24 and has a German Shepherd, it started acting like Hitler. Training for bad values might cause AIs to generalize to something other than alignment to human values after deep reflection.
I think indifference to animals is one of the most likely bad values people explicitly train for. (Though thankfully models today seems remarkably in favor of animal welfare; this is a concern about the future as models grow more agentic and coherent).
Why I think indifference to animals is one of the most likely bad values people explicitly train for
Even if humanity solves alignment and puts a relatively thoughtful and sane coalition in charge of the world, there's a good chance we will have intentionally (if short-sightedly) explicitly trained our superhuman AI to not care about animal welfare. Most other evils of the world are not things I expect people to endorse when training grand abstract principles into their models or imagining a post-scarcity world.
The majority of values disagreements that could matter in the far future probably seem abstract and unimportant to people today. I think hardly anyone who doesn't have sophisticated views will notice, let alone care, if their AI has person-affecting views or buys into infinite ethics. But I worry people will notice and complain if their AI is shoving pro-animal rhetoric down their throats (especially as models get more agentic, embedded into life, and able to connect their values to their actions), and so companies might feel pressure to explicitly train against it.
Of course there's a dozen other ways we train models that probably point against alignment: we train them to be very neutral and "balanced" on touchy political topics that probably have a "right" answer, we train them to not favor any particular religion (or lack thereof), and so on. But in these cases the common consensus is more strongly "this is a controversial topic and no one knows the answer", as opposed to "there is a clear right answer and it's that eating meat is fine because we all do it", so the models merely get trained to decline to comment in these situations rather than actively espousing something incorrect.
It's possible models will generalize to something innocuous, like "alignment with broad good values and the wishes of humanity except for this weird list of exceptions", but they might also learn a more "natural" nearby proxy like "alignment with the popular sentiments of the average American in 2026". I think this would be a travesty and would affect the far-future in much deeper and broader ways than "just" causing a lack of non-human-animal flourishing or some wild-animal suffering.
Even if we catch this problem in the future, if the training data is full of AIs that don't care about animals, this might infect the values of future models.
If you're interested in making the far future go well and you think AI will be a big deal, and you find yourself focusing on animal-related interventions, I think it's important to be very clear with yourself on why that's what you're focusing on. Do you disagree that humans will be the dominant concern in the future? Are you concerned more with future factory farming, wild animal welfare, or something else? Do you want to reduce the risk of nonhuman animal suffering or increase the risk of nonhuman animal enfranchisement/flourishing? Is your crux for your actions either of the arguments I outlined above, or is it something else?
I think the answers to those questions will matter a lot for what interventions make sense for you to pursue and how fruitful it will be for you to dialogue with other folks in the AI safety community.
I personally think the arguments for focusing on animal-welfare-related interventions are pretty tenuous. Perhaps you should write something up explaining your views to try and persuade people of them, especially if your views differ from anything I've outlined here. For example, argument 2 (training AIs to explicitly not care about animals is incompatible with alignment) is something you might be able to learn about via empirical experiments.
Some people don't think nonhuman animals are sentient beings, but I feel relatively confident they're applying a standard Peter Singer would approve of as morally consistent.
It also seems very feasible to have your good old-fashioned animals experience far less suffering than current factory farming with a little genetic engineering.
Perhaps by making the animals in these environments non-sentient, or perhaps by reworking animals' biology and psychology so they're peaceful herbivores.
Selfishly, I think I might want a world full of happy, flourishing humans. At the end of the day the universe has a finite number of resources, and the more we enfranchise the animals the fewer flourishing humans we have.[9] Pure animal enfranchisement runs some risk of a vast portion of the future being dedicated to extremely alien values. For instance, anglerfish might create galaxies full of female pheromones and then dissolve their own brains. I may be too selfish to want to dedicate resources to that.
I might also want to take animals' positive experiences into account in a paternalistic way by constructing flourishing societies full of animals that cooperate and develop themselves and on the whole abide by suspiciously cosmopolitan values.
As in, we could create new flourishing species in the future (such as by modifying humans so much that the modified humans necessitate a new branch on the phylogenetic tree).
Some people might object to handling moral uncertainty this way.
I think this helps the most in guarding against gradual-disempowerment-style worlds where AIs end up controlling the light cone and doing things superficially related to human desires but aren't incentivized to shepherd the future in a wise and just direction. It's less clear to me that it helps in more traditional agentic-schemer misalignment worlds (though I think you can still make a case for it).
One thing I like about these methods is they're still pretty cooperative. A concern I have with trying to directly wrest the future in a direction you like better as opposed to focusing on alignment is that it can be uncooperative. But if the concern is more like animals are easy to overlook or people haven't thought hard enough, you can try to make things easy and provoke their thinking now.
I might also find some parts of animal society objectionable/net-negative, or they might find the greatest depths of human experience objectionable. I'm optimistic that a good voting system and international law could solve this, but perhaps space governance will be more fraught than that.
2026-02-08 03:08:33
Published on February 7, 2026 7:08 PM GMT
This is an update to Agent Economics: a BOTEC on feasibility. Toby Ord pointed me to Gus Hamilton's Weibull reanalysis of the METR data. Hamilton finds that a declining hazard rate (Weibull with κ ≈ 0.6–0.9 for SOTA models) may fit the data as well as Ord's constant hazard rate, producing a much fatter survival tail that changes the economics. This post presents both models and extends the analysis in two directions: a quantitative treatment of verification cost as the binding constraint under the Weibull model, and a systematic examination of the economic conditions under which a genuinely dangerous autonomous agent could actually operate. His full comment is in Appendix A.
Summary. The original post modelled agent cost per successful outcome scaling exponentially with task length under Ord's constant hazard rate, while human cost scales linearly. This update incorporates Hamilton's Weibull alternative, under which agent costs scale as a stretched exponential rather than a pure exponential. The cost wall is gentler, but it is still a wall. The dominant parameter remains the agent's reliability horizon (T₅₀). The available data does not yet show the shape of the reliability decay (κ) improving with model scale, though the sample is small and the estimates uncertain.
The other point I want to make is to trace the implications for a question that safety discussions often treat as purely technical: what are the economic conditions under which a dangerous autonomous agent actually gets to run? An agent that poses existential-level risks needs compute to operate. Compute costs money. Someone has to pay. That economic relationship creates constraints that are, I think, underappreciated in the safety literature.
The conclusion of this post is a timeline analysis. I argue that κ is an architectural property, not a scaling property, and that it will remain near 0.70 without a qualitative change in how models work. If that is correct, I can calculate when each category of dangerous autonomous agent becomes economically viable given the METR doubling trend. The answer: bounded multi-week agent tasks for companies reach viability by late 2027 to mid 2028. Self-sustaining agent-verifier pairs can plausibly bootstrap from late 2027, though with high failure rates on their own setup plans. Month-long autonomous plans do not reach even 25% reliability until early 2028, and do not reach 50% until January 2029. Three-month plans remain below 10% success until mid 2028. These timelines would compress by 7–16 months if κ improves to 0.50, and the dangerous regime would already be here if κ were at human levels (0.37). This is why κ is the variable to watch.
A bubble correction that slows the T₅₀ doubling trend would extend these timelines substantially. I estimate roughly 40 to 50% probability of a meaningful correction (capex growth falling below 15% or contracting absolutely) by end of 2027, and 55 to 70% by end of 2028, though a full telecom-style collapse is less likely (15 to 25%) than a deceleration. Even a deceleration from 7-month to 14-month doubling delays the most dangerous milestones by one to two years. A deeper stall to 24-month doubling (the telecom-precedent scenario) delays them by two or more years. Strikingly, inference cost changes barely matter for the dangerous milestones, because verification (human labour) dominates total cost at realistic review fractions. And self-sustaining pairs that have already bootstrapped survive even extreme price increases. But a correction also delays the κ breakthrough itself, by cutting the speculative architectural research that a continual learning paradigm would require. Coalitions of pairs cannot overcome the κ ceiling: decomposing a long plan across multiple agents is strictly worse than a single agent retrying, because the declining hazard rate (κ < 1) means each fresh agent restarts from the high initial failure rate (see Appendix B).
I also built two interactive calculators. The Half-Life Tax calculator lets you toggle between the exponential and Weibull survival functions, adjust all parameters, and explore sensitivity analysis. The Economic Anatomy calculator focuses on verification economics, self-sustaining agent viability, reckless deployment costs, and the full four-condition chain.
Important: this post does not address misuse of AI agents!
Toby Ord's "Half-Life" analysis (2025) showed that AI agent success rates on tasks decay with task length in a pattern analogous to radioactive decay. Using METR's 2025 data on software engineering and reasoning tasks, he proposed that a constant hazard rate model fits the observed decline: if an agent completes a 1-hour task with 50% probability, it completes a 2-hour task with roughly 25% and a 4-hour task with about 6%. Ord was careful to note that this was "suggestive" rather than proven, and has since updated that Hamilton is "probably right" that the hazard rate declines.
Hamilton's reanalysis fits a Weibull survival function, which introduces a shape parameter κ. When κ = 1 you recover the exponential; when κ < 1 the hazard rate decreases over time, meaning agents that survive the early part of a task become progressively less likely to fail per unit time. Hamilton finds κ ≈ 0.6–0.9 for SOTA models and κ ≈ 0.37 for humans. The two models fit about equally well on available data but diverge dramatically at the tails, where we have very few measurements.
Hamilton frames this through the lens of Peto's Paradox: blue whales have vastly more cells than humans but do not get cancer at a proportionally higher rate, because they have evolved superior error-correction mechanisms. The question for AI agents is whether anything analogous can emerge from scaling alone.
The METR data showed the 50% time horizon (T₅₀) for the best agents was roughly 2.5–5 hours and had been doubling every roughly 7 months. The International AI Safety Report 2026 uses the same data and projects multi-day task completion by 2030 if the trend continues.
Six parameters drive the analysis.
The key equations:
Exponential model (Ord, κ = 1):
P(success) = 0.5^(task_hours / T₅₀)
E[attempts] = 2^(task_hours / T₅₀)
Weibull model (Hamilton, κ < 1):
λ = T₅₀ / ln(2)^(1/κ)
P(success) = exp(-(task_hours / λ)^κ)
E[attempts] = exp((task_hours / λ)^κ)
In both cases: agent cost per success = (steps × $/step × task_hours) × E[attempts]. Verification cost = (review_fraction × task_hours × human_rate) × E[attempts]. Total agent cost = agent cost + verification cost. Human cost = hourly_rate × task_hours.
Human cost is linear in task length. Agent cost per success is superlinear. They must cross somewhere.
Using base case parameters (cost/step = $0.22, steps/hr = 80, T₅₀ = 5h, human rate = $150/hr, no verification cost):
Exponential model (κ = 1.0):
| Task length | P(success) | E[attempts] | Agent cost | Human cost | Ratio |
|---|---|---|---|---|---|
| 15 min | 96.6% | 1.0 | $5 | $38 | 0.12× |
| 1h | 87.1% | 1.1 | $20 | $150 | 0.13× |
| 4h | 57.4% | 1.7 | $123 | $600 | 0.20× |
| 8h | 33.0% | 3.0 | $427 | $1,200 | 0.36× |
| 16h | 10.9% | 9.2 | $2,588 | $2,400 | 1.08× |
| 24h | 3.6% | 27.9 | $11,767 | $3,600 | 3.27× |
| 1 week (40h) | 0.4% | 256 | $180K | $6,000 | 30× |
| 2 weeks (80h) | ~0% | 65,536 | $92M | $12,000 | ~7,700× |
Weibull model (κ = 0.70):
| Task length | P(success) | E[attempts] | Agent cost | Human cost | Ratio |
|---|---|---|---|---|---|
| 15 min | 91.8% | 1.1 | $5 | $38 | 0.13× |
| 1h | 79.9% | 1.3 | $22 | $150 | 0.15× |
| 4h | 55.3% | 1.8 | $127 | $600 | 0.21× |
| 8h | 38.2% | 2.6 | $369 | $1,200 | 0.31× |
| 16h | 20.9% | 4.8 | $1,346 | $2,400 | 0.56× |
| 24h | 12.5% | 8.0 | $3,375 | $3,600 | 0.94× |
| 1 week (40h) | 5.1% | 19.5 | $13,744 | $6,000 | 2.29× |
| 2 weeks (80h) | 0.8% | 124.9 | $176K | $12,000 | 14.7× |
Under the exponential model, the crossover hits at roughly 16 hours. Under the Weibull model, it shifts to roughly 24 hours, and the blowup beyond is far gentler. The 80-hour task costs about 15× a human under Weibull rather than 7,700× under exponential. This is the difference between "expensive but maybe worth a few retries" and "absurd." But "gentler" is relative. Even under the Weibull model, a one-week task costs $14K versus a human's $6K.
Importantly, these tables exclude verification cost. As we will see, including realistic verification changes the picture substantially.
Cost per step enters the equation as a linear multiplier. T₅₀ enters the exponent (or the stretched exponent). For an 8-hour task, crossing T₅₀ against cost per step:
Exponential model (ratio of agent cost to human cost):
| T₅₀ \ $/step | $0.01 | $0.05 | $0.25 | $0.50 | $1.00 |
|---|---|---|---|---|---|
| 1h | 1.4× | 6.8× | 34× | 68× | 137× |
| 2h | 0.1× | 0.4× | 2.1× | 4.3× | 8.5× |
| 5h | 0.02× | 0.1× | 0.4× | 0.8× | 1.6× |
| 12h | 0.01× | 0.04× | 0.2× | 0.4× | 0.8× |
| 40h | <0.01× | 0.02× | 0.2× | 0.3× | 0.6× |
Weibull model (κ = 0.7):
| T₅₀ \ $/step | $0.01 | $0.05 | $0.25 | $0.50 | $1.00 |
|---|---|---|---|---|---|
| 1h | 0.1× | 0.5× | 2.6× | 5.2× | 10.4× |
| 2h | 0.04× | 0.2× | 0.8× | 1.7× | 3.3× |
| 5h | 0.01× | 0.07× | 0.3× | 0.7× | 1.4× |
| 12h | <0.01× | 0.04× | 0.2× | 0.4× | 0.9× |
| 40h | <0.01× | 0.03× | 0.2× | 0.3× | 0.7× |
Under both models, improving T₅₀ helps far more than cutting costs. This is the economic translation of Ord's Scaling Paradox: you can keep making each step cheaper, but the number of required attempts is growing superlinearly with task length. Cost per step can only approach zero. T₅₀ has no upper bound.
Hamilton's most striking observation in the available data is that κ does not appear to correlate with model size. Larger models reduce the base hazard rate (producing higher T₅₀ values), but they do not seem to improve κ (the shape of the reliability decay over time). There is no visible trend of bigger models developing the declining-hazard property that would signal "Peto-like" error-correction.
This is based on limited data, and Hamilton is appropriately cautious. He writes "I don't want to overplay it" and notes that the estimates for smaller models are unreliable because they failed so quickly. The confidence intervals on κ estimates for individual models are wide. It would be premature to treat "κ does not improve with scale" as a firm empirical law. What we can say is that the data available so far does not show improvement, and that this is consistent with the theoretical possibility that κ reflects something about the architecture rather than something about scale.
If this pattern holds, it means scaling gives you a faster agent that makes fewer errors per unit time (higher T₅₀), but does not change the structure of how reliability decays over task duration. Humans, with κ ≈ 0.37, are qualitatively different: once they understand a task well enough to survive the first few minutes, they become progressively less likely to fail. SOTA models, with κ ≈ 0.6–0.9, maintain a much higher background rate of random failure throughout.
To see why, consider how a current agent actually processes a long task. At each step, the model receives its context window (the task description, its previous actions, observations from the environment) and produces the next action. This context window is the agent's entire working memory. It has no other state. It cannot update its own weights, form new long-term memories, or build a persistent internal model of the task that survives beyond the context window's horizon.
As a task progresses, several things degrade. The context fills with earlier actions and observations, some relevant and some not, and the model's attention over this growing history becomes less precise. If the agent made a subtle error early on (a wrong assumption, a misunderstood requirement), it has no mechanism to notice and correct this unless the error produces an immediately visible failure. Ord noted this in his original analysis: the constant hazard rate implies "the chance of failing in the next step is the same regardless of how far you have got," which he called "a surprising and interesting property for reasoning agents." Hamilton's finding of κ < 1 shows the situation is slightly better than that (agents do show some ability to "warm up"), but far worse than humans, who actively learn the task as they work on it.
A human working on a two-week project builds progressively richer understanding: they remember which approaches failed, develop intuitions about the problem, and refine their strategy. This is why human κ is 0.37: the hazard rate drops steeply after the initial period because the human is genuinely becoming better at the task over time. A current LLM agent has no equivalent mechanism. Each step is a fresh inference over a growing but degrading context, not a continuation of a learning process. This is the bottleneck that Sutskever identifies as "continual learning" and Karpathy describes as the missing "hippocampus": the ability to form and retain task-specific knowledge during execution. Without it, κ is structurally bounded away from human levels regardless of how capable each individual step becomes.
Ord noted in his comment on the original post that under the Weibull model, "it may be that it is the cost of human verification that gets you, rather than it being untenable even on AI costs alone." The numbers bear this out.
Both compute and verification scale with E[attempts] × task_hours, so the ratio between them is determined by their per-hour rates. At the base case parameters ($0.22/step, 80 steps/hr, 20% review, $150/hr human rate), compute per hour costs $17.60 and verification per hour costs $30.00. That makes verification roughly 63% of total cost at these specific parameters. This ratio is not a deep structural feature of the Weibull model; it shifts with parameters. At $0.10/step, verification is about 52% of total cost; at 10% review, about 46%. Across plausible parameter ranges, verification accounts for 45–70% of total cost, which is to say it is consistently the larger component, though not by a fixed ratio.
The important point is not the exact percentage but the qualitative implication: making compute cheaper does not help much when verification is the larger cost, and verification cost is human labour, which does not follow Moore's law.
Full cost breakdown with 20% verification, Weibull κ = 0.70:
| T₅₀ | Task | P(success) | E[attempts] | Compute | Verification | Total | Human | Ratio |
|---|---|---|---|---|---|---|---|---|
| 5h | 8h | 38.2% | 2.6 | $369 | $629 | $998 | $1,200 | 0.83× |
| 5h | 1 wk | 5.1% | 19.5 | $13,744 | $23,427 | $37,172 | $6,000 | 6.20× |
| 5h | 2 wk | 0.8% | 124.9 | $175,832 | $299,713 | $475,545 | $12,000 | 39.6× |
| 10h | 1 wk | 16.1% | 6.2 | $4,385 | $7,475 | $11,860 | $6,000 | 1.98× |
| 20h | 1 wk | 32.4% | 3.1 | $2,171 | $3,700 | $5,871 | $6,000 | 0.98× |
| 20h | 2 wk | 16.1% | 6.2 | $8,771 | $14,950 | $23,720 | $12,000 | 1.98× |
| 40h | 1 wk | 50.0% | 2.0 | $1,408 | $2,400 | $3,808 | $6,000 | 0.63× |
| 40h | 2 wk | 32.4% | 3.1 | $4,341 | $7,400 | $11,741 | $12,000 | 0.98× |
| 40h | 1 mo | 16.1% | 6.2 | $17,541 | $29,900 | $47,441 | $24,000 | 1.98× |
| 80h | 2 wk | 50.0% | 2.0 | $2,816 | $4,800 | $7,616 | $12,000 | 0.63× |
| 80h | 1 mo | 32.4% | 3.1 | $8,683 | $14,800 | $23,483 | $24,000 | 0.98× |
The verification floor. Even if compute were completely free, there is a minimum T₅₀ below which human review time alone exceeds the cost of a human doing the work:
| Task | At 10% review | At 20% review | At 30% review |
|---|---|---|---|
| 1 week (40h) | T₅₀ > 7.2h | T₅₀ > 12.0h | T₅₀ > 18.2h |
| 2 weeks (80h) | T₅₀ > 14.4h | T₅₀ > 24.0h | T₅₀ > 36.4h |
| 1 month (160h) | T₅₀ > 28.8h | T₅₀ > 48.0h | T₅₀ > 72.7h |
For careful review (30%) of month-long tasks, you need T₅₀ > 73 hours before verification alone is viable. No amount of inference cost reduction can help. The bottleneck is human time.
The architectural implication. Domains with cheap automated verification (coding against test suites, formal proofs, quantitative finance with backtesting) will reach viability first. Domains requiring human judgement face a verification tax that may keep them unviable even when compute costs are favourable. This helps explain why coding agents have been the first commercially successful agentic applications: the verification is cheap.
Before working through the timelines, I want to make the argument that κ will not improve through scaling alone. If this is wrong, the timelines compress dramatically (as I will show), and the safety picture darkens considerably. If this is right, the timelines are more reassuring.
Hamilton's finding that κ does not correlate with model size in the available METR data is suggestive, though as noted above, the sample is small and the estimates noisy. His Figure 3 shows a handful of data points with wide confidence intervals and no trend. That is consistent with "no correlation" but also consistent with "insufficient data." Hamilton himself treats it cautiously.
What is more informative than the point estimates is what the data shows about the mechanism. Hamilton found that scaling reduces λ (the base hazard rate, which determines T₅₀) but does not change κ (the shape of how hazard evolves over time). This is exactly what you would expect if κ reflects a qualitative property of how the model handles errors over extended operation, rather than how many errors it makes per step.
A model with more parameters and better training makes fewer mistakes per unit time (lower λ, higher T₅₀). But the structure of when mistakes happen over the course of a long task, whether they cluster at the beginning (low κ) or occur uniformly throughout (κ near 1), appears to be a property of the architecture.
This aligns with what Ilya Sutskever and Andrej Karpathy have argued, though neither frames it in terms of κ specifically. Their diagnoses point in the same direction: that what is missing from current models is not raw capability but the ability to maintain coherence over extended operation.
Sutskever, in his November 2025 interview with Dwarkesh Patel, argued that the age of scaling (2020 to 2025) is ending and a new age of research is beginning. His central claim is that current models generalise dramatically worse than humans, and that the missing ingredient is continual learning: the ability to update on the job, to remember what happened an hour ago, to build a running model of the task as it unfolds. He describes the goal as a "superintelligent 15-year-old" that does not know your job yet but can learn it extremely fast. He told CTech: "This is one of the very confusing things about the models right now. How to reconcile the fact that they are doing so well on evals? ... But the economic impact seems to be dramatically behind." He places the continual learning breakthrough 5 to 20 years away.
Karpathy, in his 2025 year-in-review, described current LLMs as "ghosts" rather than "animals": entities with "amusingly jagged performance characteristics." He has argued separately that LLMs lack the equivalent of a hippocampus, amygdala, and value function, and that working through these deficits could take roughly a decade.
Dwarkesh Patel put it directly: "The lack of continual learning is a huge, huge problem. ... Either these models will soon learn on the job in a self-directed way, making all this pre-baking pointless, or they won't, which means AGI is not imminent."
In the language of the Weibull model, what Sutskever and Karpathy are describing is precisely a κ problem. A model without continual learning cannot update its approach mid-task. It cannot notice that its strategy is failing and adjust. It cannot build up task-specific expertise as the work progresses. These are the capabilities that would produce a declining hazard rate (low κ): as you progress through a task, if you can learn from the early steps, you become progressively less likely to fail on later steps. Humans do this naturally (κ ≈ 0.37). Current LLMs do not (κ ≈ 0.6–0.9).
Inference-time scaling (making the model "think harder" per step) improves per-step quality but does not address this. A model that thinks harder on each move is like a chess player who analyses each position more carefully but still cannot remember what happened twenty moves ago. It reduces λ (fewer errors per step) but does not change κ (the structure of how errors compound over time).
If κ is indeed an architectural property, then the timeline for dangerous autonomous agents is determined by two independent variables: T₅₀ (which is improving on a known trend and can be projected forward) and κ (which is stuck at roughly 0.70 and will remain there until someone builds a qualitatively different kind of model). The next section works through what the T₅₀ trend means for each danger scenario while κ stays at 0.70, and then shows how dramatically the picture changes if κ improves.
Given the METR doubling trend (T₅₀ doubling every 7 months from roughly 5 hours in early 2026) and assuming κ stays at 0.70, here is what the next five years look like. All probabilities use the Weibull model.
| Date | T₅₀ | P(1-week) | P(2-week) | P(1-month) | P(3-month) |
|---|---|---|---|---|---|
| Feb 2026 (now) | 5h | 5.1% | 0.8% | ~0% | ~0% |
| Sep 2026 | 10h | 16.1% | 5.1% | 0.8% | ~0% |
| Apr 2027 | 20h | 32.4% | 16.1% | 5.1% | 0.2% |
| Nov 2027 | 40h | 50.0% | 32.4% | 16.1% | 1.9% |
| Jun 2028 | 80h | 65.3% | 50.0% | 32.4% | 8.8% |
| Jan 2029 | 160h | 76.9% | 65.3% | 50.0% | 22.4% |
| Aug 2029 | 320h | 85.1% | 76.9% | 65.3% | 39.8% |
Task lengths are in human-equivalent hours. The date column assumes the METR doubling trend continues unbroken, which is a significant assumption.
Viability means total agent cost (compute + 20% human verification) falls below the cost of a human doing the same work. Note that I also model cost per step rising with capability (more capable models require more inference compute):
| Date | T₅₀ | $/step | 1-week | 2-week | 1-month |
|---|---|---|---|---|---|
| Feb 2026 (now) | 5h | $0.22 | 6.2× | 39.6× | 808× |
| Sep 2026 | 10h | $0.22 | 2.0× | 6.2× | 39.6× |
| Apr 2027 | 20h | $0.30 | 1.1× | 2.2× | 7.0× |
| Nov 2027 | 40h | $0.50 | 0.93× | 1.4× | 2.9× |
| Jun 2028 | 80h | $0.50 | 0.72× | 0.93× | 1.4× |
| Jan 2029 | 160h | $0.75 | 0.78× | 0.92× | 1.2× |
| Aug 2029 | 320h | $1.00 | 0.86× | 0.95× | 1.1× |
Bold values are below 1.0× (agent is cheaper than human). Note an important subtlety: at very high T₅₀ with expensive frontier models, the viability ratio actually levels off rather than continuing to improve. At T₅₀ = 320h with $1.00/step, one-week tasks are 0.86× rather than the 0.49× they would be at $0.50/step. This is because the most capable models cost more per step, and at the 5× T₅₀ viability frontier, the cost saving from fewer retries is partially offset by higher per-step costs. The viability window may prove narrower than the compute-only analysis suggests.
At T₅₀ ≈ 20h, a one-week task with 20% human verification costs roughly the same as a human. This is the entry to Regime 2 (multi-day tasks). The safety implications are modest: bounded tasks, defined deliverables, verification checkpoints. Companies will deploy even at or slightly above cost parity for speed and talent-scarcity reasons.
At T₅₀ ≈ 40h, two-week tasks cross the viability threshold. An 80-hour task involves enough scope for consequential actions. Verification at 20% means a human spends 16 hours reviewing 80 hours of agent work per attempt. This is the regime where the Condition 3 analysis (cutting verification) becomes practically relevant. This is roughly 21 months away.
The agent-verifier pair is economically viable at T₅₀-length tasks: 50% success rate, 64% precision with an AI verifier, roughly $1,000–$3,000 delivery cost depending on the T₅₀ regime. But the binding constraint is bootstrapping: setting up a web presence, acquiring clients, and managing a business is itself a multi-week coherent plan subject to the half-life tax.
| Date | T₅₀ | P(bootstrap) | P(after 10 attempts) |
|---|---|---|---|
| Sep 2026 | 10h | 0.8% | 7.7% |
| Apr 2027 | 20h | 5.1% | 40.9% |
| Nov 2027 | 40h | 16.1% | 82.6% |
| Jun 2028 | 80h | 32.4% | 98.0% |
| Jan 2029 | 160h | 50.0% | 99.9% |
I model bootstrap as a roughly 160h coherent plan (setting up a plausible freelancing presence, payment mechanism, client acquisition pipeline). A single attempt at T₅₀ = 40h (November 2027) succeeds 16% of the time. But "one in six" is not "impossible," and there is nothing preventing multiple attempts. After 10 attempts, the cumulative probability is 83%.
A pair that successfully bootstraps has $2–3M/year in steady-state revenue. This is more than enough to purchase access to newer, better models as they become available. The pair's ceiling is not fixed at "current κ forever" but at "current κ until a better model is available for purchase." It will automatically ride any future capability improvement.
Where the pair is stuck: it is self-sustaining at T₅₀ tasks, but T₅₀ tasks are one-week human-equivalent work. The pair cannot execute multi-week plans with any reliability. P(success on a 160h plan) = 16.1% at T₅₀ = 40h. An 87.5% failure rate on its own long-horizon goals, before any external opposition. The pair can survive and earn money, but it cannot reliably grow, adapt, or pursue complex objectives. The revenue it generates is enough to pay for compute but not enough to fund the kind of capability expansion (training new models, building data centres) that would lead to a capability takeoff. The self-sustaining pair is an economic nuisance, not an existential threat, unless κ improves.
The natural follow-up question is whether multiple pairs could coordinate to overcome this ceiling. The answer is no: decomposition is strictly worse than single-pair retries under κ < 1, because each fresh agent restarts from the high initial hazard rate (see Appendix A).
This is the milestone that matters most for existential risk. An agent (or agent system) that can execute a coherent month-long plan with meaningful probability can pursue complex sub-goals, acquire resources, and resist oversight in ways that shorter-horizon agents cannot.
| Threshold | T₅₀ needed | Date (on trend) |
|---|---|---|
| P(1-month) > 10% | 29h | ~July 2027 |
| P(1-month) > 25% | 59h | ~March 2028 |
| P(1-month) > 50% | 160h | ~January 2029 |
At 10% success, a reckless deployer running many parallel attempts starts getting occasional month-long coherent runs. At 25%, the odds are workable for a state actor running a portfolio of agents. At 50%, a single agent has a coin-flip chance of completing a coherent month of autonomous operation. The 10% threshold arrives in roughly 18 months. The 50% threshold arrives in roughly 3 years.
A sophisticated state actor would not rely on a single agent executing a single long-horizon plan. They would run dozens of parallel agents on coordinated week-long sub-plans, with human strategic oversight connecting the pieces.
| Date | T₅₀ | P(1-week sub-task) | Expected successes from 50 agents | Annual cost |
|---|---|---|---|---|
| Feb 2026 | 5h | 5.1% | 2.6 | $7.6M |
| Sep 2026 | 10h | 16.1% | 8.0 | $7.6M |
| Apr 2027 | 20h | 32.4% | 16.2 | $10.4M |
| Nov 2027 | 40h | 50.0% | 25.0 | $17.3M |
| Jun 2028 | 80h | 65.3% | 32.6 | $17.3M |
| Jan 2029 | 160h | 76.9% | 38.5 | $25.9M |
At T₅₀ = 40h (November 2027), a state actor running 50 parallel agents gets 25 successful one-week sub-plans per batch at $17M/year. With human coordination across the successes, the effective capability is substantially higher than the single-agent analysis suggests. The state actor is paying for a team of unreliable contractors rather than an autonomous superintelligence, but at scale the results can be significant.
The dollar costs are rounding errors in a state intelligence budget. The binding constraint is availability of competent human strategists to coordinate the parallel agents, and even that bottleneck loosens as T₅₀ grows and the agents become more reliable on their sub-tasks.
| Milestone | T₅₀ needed | Projected date | Risk level |
|---|---|---|---|
| 1-week bounded tasks viable | ~20h | Apr 2027 | Low (bounded, verified) |
| 2-week bounded tasks viable | ~40h | Nov 2027 | Moderate (scope for consequential actions) |
| Self-sustaining pair bootstrap (16%) | ~40h | Nov 2027 | Moderate (autonomous but capped) |
| Self-sustaining pair bootstrap (83%) | ~40h | Nov 2027+ (10 attempts) | Elevated (near-certain with retries) |
| P(1-month plan) > 10% | ~29h | Jul 2027 | Elevated (occasional coherent runs) |
| P(1-month plan) > 25% | ~59h | Mar 2028 | High (workable for portfolio strategy) |
| P(1-month plan) > 50% | ~160h | Jan 2029 | Critical (coin-flip on month-long autonomy) |
| P(3-month plan) > 10% | ~86h | Jul 2028 | High (long-range goals become possible) |
| P(3-month plan) > 50% | ~480h | Dec 2029 | Critical (reliable long-range autonomy) |
For an autonomous agent to pose the kinds of risks that animate the most serious safety concerns, a chain of conditions must hold simultaneously. Each has a distinct economic profile. The timeline above tells us when each becomes plausible; this section examines how the economics constrain each.
The risk scales with the complexity of the task the agent is operating on. At sub-day complexity (< 8 human-equivalent hours), the agent's scope of action is bounded. At multi-day complexity (8–40 hours), the scope grows substantially. The safety-relevant threshold is roughly multi-week complexity (40–160+ hours), where the task involves enough scope for the agent to develop sub-goals not specified in the original instructions, interact with external systems in difficult-to-reverse ways, build up internal state too complex for full human audit, and acquire capabilities or resources incidentally.
The viability map tells us when this is economically plausible. Under the Weibull model with realistic verification, two-week-complexity tasks become viable at T₅₀ ≈ 40h, by November 2027 on trend. One-month-complexity tasks require T₅₀ ≈ 80h, by June 2028 on trend. Condition 1 is likely to be met within a few years.
Most economically rational deployments are bounded. If you are paying $11,741 for a two-week-complexity task, you have a specific expected output. The economic relationship between payer and agent inherently creates task structure, and task structure inherently constrains autonomy.
Task decomposition helps concretely. An 80-hour task done as one piece costs $11,741 (T₅₀ = 40h, 20% review). Break it into eight 10-hour chunks and each chunk has roughly 75% success probability, roughly 1.3 expected attempts, and a total cost of roughly $630. Eight chunks cost roughly $5,100 plus coordination overhead, about half the monolithic cost. More importantly, each chunk boundary is a verification checkpoint: the maximum unchecked autonomy window drops from 80 hours to roughly 10.
The residual risk is in tasks that are open-ended by nature: research, exploration, ongoing monitoring, strategy development. These resist clean decomposition. The residual autonomy in hard-to-decompose open-ended tasks is the gap through which danger could enter.
The cheap-inference danger window. There is a subtlety here that becomes acute in a post-bust scenario (see below). When inference is expensive, economic pressure naturally constrains autonomy: each failed attempt costs real money, so deployers monitor closely and decompose aggressively. When inference becomes very cheap (as it would in a telecom-style infrastructure glut), the cost of a failed attempt drops to nearly nothing. The economic incentive to supervise weakens, because letting the agent retry autonomously is cheaper than paying a human to check each attempt.
This creates a regime where agents are granted autonomy beyond what their reliability justifies, not because anyone believes they are reliable, but because monitoring costs more than retrying. A company running agents at $0.05/step has little reason to pay a $150/hour human to supervise 10-hour tasks when the expected compute cost per success is under $100. The rational response is to let it run, check the final output, and retry on failure. But "let it run" on a 10-hour task means 10 hours of unsupervised operation, and under the Weibull model at κ = 0.70, roughly 5% of those runs will go off the rails in ways that produce not merely wrong output but unexpected side effects (resource access, network calls, file mutations) that the final-output check does not catch.
At current inference prices, the verification floor keeps this in check: human review is the dominant cost, so it is always being paid for. At fire-sale prices, the verification floor dissolves for bounded tasks, and the economic pressure is to grant autonomy up to whatever task length is "cheap enough to retry." This is the gap through which the most mundane form of danger enters: not a coherent long-horizon plan, but a large population of unsupervised agents doing bounded things with insufficient oversight, some fraction of which fail in correlated or compound ways.
The per-task economics of verification depend on the T₅₀ regime. When the agent's success rate on the task in question is very low, no rational company would attempt those tasks at all, with or without verification. The question "should a company cut verification?" only becomes interesting once the task is within the viable range (roughly within 5× T₅₀).
In that viable range, the per-task economics do favour cutting verification. Without verification, margin per delivered output is roughly $8,492 versus $3,259 with human review, because the verification cost dwarfs the revenue lost to client rejections on any individual transaction.
But agents compress wall-clock time, and that changes the multi-period dynamics. A two-week human-equivalent task takes an agent 2–4 days (running 24/7), so a company delivers 8–15 tasks per client per month. At 10 tasks/month, 98% of clients receive at least one detected failure every month. Clients who receive garbage leave, reputation damage compounds, and the client base collapses fast.
A multi-period simulation with 100 starting clients, reputation-adjusted acquisition, and a quality-churn parameter q (probability a client leaves after receiving at least one detected bad output in a month) gives the following at 10 tasks/client/month. These specific crossover timelines should be treated as illustrative; the churn model uses simplified parameters that are not empirically calibrated, and the real dynamics will vary substantially by domain. The qualitative result, that agent speed compression accelerates the feedback loop, is robust to parameter choices.
| q (churn/bad) | Profit overtake | Cumul. crossover | NV clients at 24m |
|---|---|---|---|
| 10% | ~Month 7 | ~Month 15 | 7 |
| 20% | ~Month 5 | ~Month 9 | 0 |
| 30% | ~Month 4 | ~Month 7 | 0 |
| 50% | ~Month 3 | ~Month 5 | 0 |
Even at q = 10% (very sticky clients), the verified company overtakes in cumulative profit within roughly 15 months. In most client-facing domains with detectable failures, the per-task margin advantage of skipping verification is short-lived.
Where verification remains vulnerable. Genuinely low-frequency engagements resist this self-correction: annual audits, one-off infrastructure designs, or other contexts where a client interacts with the company once or twice a year. Internal use is another gap: companies operating on agent timescales compress their internal decision cycles too, and the feedback loop for bad internal decisions is slower than external client churn. The subtlest vulnerability is in the transition from human to AI verification, which the economics strongly favour (since any verification cheaper than human verification is more profitable per task, and the multi-period dynamics apply regardless of method). AI verification may be good enough to retain clients while being too weak to catch deceptive compliance or subtle misalignment. The market selects for the appearance of verification, not its substance.
For an agent to pose existential-level risks, it must operate beyond what its deployer intended. There are three sub-scenarios.
The economic analysis does not make deceptive alignment more or less likely in a capability sense, but it constrains its scope. A deceptively aligned agent on a bounded task with defined deliverables has limited room to manoeuvre. The output must be good enough to pass review. The half-life tax means the agent fails often, which means it gets reviewed often, which means the surface area for deception is smaller.
At T₅₀ = 40h on an 80h task, the agent is reviewed 3.1 times per success. At T₅₀ = 80h on 160h tasks, it is still reviewed 3.1 times per success. The review frequency at any given task-to-T₅₀ ratio is constant, because both E[attempts] and the verification schedule scale together. The deceptive agent cannot improve its situation by being more capable: it always faces the same density of human contact per unit of work.
This is the scenario the economic analysis can most directly address. A self-sustaining agent needs to generate revenue exceeding its own inference cost, which means completing tasks for paying customers while subject to the same reliability dynamics as any other agent.
The solo agent. At T₅₀ = 40h and κ = 0.70, a solo rogue agent succeeds on a two-week-complexity task 32% of the time, with an expected cost per successful output of $4,341 (compute only, no verification). It is competing against humans at $12,000 and supervised agents at $11,741 with quality filtering. It is essentially an unsupervised freelancer with a 68% failure rate on complex tasks.
The agent-verifier pair. A more sophisticated version deploys an AI verifier to filter its own output before delivering to clients. A rational pair would operate at T₅₀-length tasks (where its success rate is highest). At T₅₀ = 40h on 40h tasks: 50% base success rate. With an AI verifier at detection rate d = 0.90 and correlation ρ = 0.50, the verifier catches 45% of failures. The pair's precision on delivered outputs is 64%: roughly two-thirds of what it delivers is genuinely good. Cost per delivered output: roughly $1,003.
| Configuration | Precision | Cost/delivered | Margin at $6K | Steady clients (q=30%) | Monthly profit |
|---|---|---|---|---|---|
| Solo agent (no verifier) | 50% | $706 | $3,784 (84%) | ~8 | $216K |
| Agent + AI verifier (ρ=0.5) | 64% | $1,003 | $3,923 (80%) | ~9 | $237K |
| Agent + AI verifier (ρ=0.0) | 81% | $448 | $4,084 (90%) | ~24 | $750K |
| Supervised agent (human verif.) | ~100% | $11,724 | -$5,724 | N/A | N/A |
The pair is viable. At steady state it earns $2–3M/year. It is unambiguously self-sustaining.
The ceiling is set by the half-life tax on its own plans: P(success on 160h plan) ≈ 12.5%. An 87.5% failure rate on its own long-horizon goals, before any external opposition. The pair can survive and earn money, but it cannot reliably grow, adapt, or pursue complex objectives. As discussed under Milestone 3, bootstrap becomes plausible (83% after 10 attempts) by November 2027.
The upgrade path. A pair earning $2–3M/year can purchase access to newer, better models as they become available. It does not need to train new models or build data centres; it just needs to buy API access. The pair's ceiling is therefore not fixed at "current κ forever" but at "current κ until a better model is available for purchase." The $2–3M annual revenue is more than sufficient to cover even expensive frontier API costs. This means the self-sustaining pair is not just a static nuisance. It is a persistent autonomous economic entity that will automatically benefit from any capability advance in the broader ecosystem. Whether this makes it an existential threat depends entirely on whether κ actually improves.
What does reckless deployment cost, and what do you get? I model cost per step rising with capability (inference-time scaling explicitly trades compute for capability):
| Capability tier | T₅₀ | $/step | Monthly cost | P(1-month plan) | Annual cost |
|---|---|---|---|---|---|
| Current frontier | 5h | $0.22 | $12,672 | ~0% | $152K |
| Late 2026 | 10h | $0.30 | $17,280 | 0.8% | $207K |
| 2028 projected | 40h | $0.50 | $28,800 | 16.1% | $346K |
| 2028 optimistic | 40h | $0.75 | $43,200 | 16.1% | $518K |
| Post-κ breakthrough | 40h | $1.00 | $57,600 | 16.1% | $691K |
| ASI-capable | 200h | $2.00 | $115,200 | 55.3% | $1.38M |
A state actor can easily afford $500K/year. The problem is what they get for that money. At 2028-projected capabilities, the agent has a 16% chance of successfully executing a coherent one-month plan. The reckless deployer is paying $346K/year for an agent that fails on its own goals five times out of six.
The parallel-agent strategy. A sophisticated state actor would not rely on a single agent executing a single coherent long-horizon plan. They would run dozens of agents in parallel on coordinated week-long sub-plans, with human strategic oversight connecting the pieces (as detailed under Milestone 5 above). This substantially weakens the "reckless deployment is pointless" conclusion for well-resourced actors. The economic constraint on state actors is not the dollar cost but the availability of competent human strategists to coordinate the parallel agents. This is obviously a big misuse risk.
For a single agent to reliably execute month-long autonomous plans (say >90% success), you need T₅₀ in the hundreds of hours AND κ substantially below 0.70. This is the regime that the available data and the architectural argument say scaling alone does not reach.
All the timelines above assume κ stays at 0.70. If κ improves, they accelerate dramatically. The table below shows when P(1-month plan) first exceeds various thresholds, as a function of κ:
When does P(1-month plan) first exceed 10%?
| κ | T₅₀ needed | Date (on trend) | Months from now |
|---|---|---|---|
| 0.90 (pessimistic) | 42h | Dec 2027 | 22 |
| 0.70 (current SOTA) | 29h | Jul 2027 | 18 |
| 0.60 | 22h | May 2027 | 15 |
| 0.50 | 15h | Jan 2027 | 11 |
| 0.45 | 11h | Oct 2026 | 8 |
| 0.37 (human level) | 6h | Apr 2026 | 2 |
When does P(1-month plan) first exceed 25%?
| κ | T₅₀ needed | Date (on trend) |
|---|---|---|
| 0.90 | 74h | Mar 2028 |
| 0.70 (current SOTA) | 59h | Mar 2028 |
| 0.50 | 40h | Nov 2027 |
| 0.37 (human level) | 25h | Jun 2027 |
What happens at T₅₀ = 40h (November 2027) under different κ values:
| κ | P(1-week) | P(2-week) | P(1-month) | P(3-month) |
|---|---|---|---|---|
| 0.90 (pessimistic) | 50.0% | 27.4% | 8.9% | 0.2% |
| 0.70 (current SOTA) | 50.0% | 32.4% | 16.1% | 1.9% |
| 0.60 | 50.0% | 35.0% | 20.3% | 4.6% |
| 0.50 | 50.0% | 37.5% | 25.0% | 9.1% |
| 0.45 | 50.0% | 38.8% | 27.4% | 12.0% |
| 0.37 (human level) | 50.0% | 40.8% | 31.4% | 17.6% |
The one-week probability is always 50% because T₅₀ = 40h by definition. The divergence shows up on longer tasks: at κ = 0.37, the month-long success rate is nearly double what it is at κ = 0.70, and the three-month success rate is 9× higher.
The message is clear. If κ stays at 0.70, the dangerous regime (month-long plans exceeding 25%) arrives around March 2028 and develops slowly. If κ drops to 0.50, it arrives around November 2027, roughly 4 months sooner. If κ reaches human levels, month-long plans would already exceed 10% success at today's T₅₀.
This is why κ is the single most important variable to track.
Hyperscaler capex for AI infrastructure is projected to exceed $600 billion in 2026. Goldman Sachs projects total hyperscaler capex from 2025 to 2027 will reach $1.15 trillion. J.P. Morgan estimates that to deliver a 10% return on AI investments through 2030, the industry needs roughly $650 billion in annual revenue.
Against this, actual AI revenue remains modest relative to investment. OpenAI's annualised revenue reached roughly $20 billion by the end of 2025, Anthropic's around $9 billion. Combined revenue of all AI model providers is probably in the range of $50 to 100 billion annually.
Three regimes of viability emerge from the analysis:
Regime 1 (sub-day tasks, viable now). Tasks under 4–8 human-equivalent hours. Agents are 3–8× cheaper than humans even with verification. Large addressable market, probably low hundreds of billions in annual revenue. Safe: bounded scope, contained failures, cheap verification.
Regime 2 (multi-day tasks, viable with continued T₅₀ growth). Tasks of 1–5 human-equivalent days. Become viable as T₅₀ extends towards 40 hours, plausibly by late 2027. Market of several hundred billion annually. Companies will deploy even above strict cost parity because of speed, talent scarcity, and competitive dynamics.
Regime 3 (multi-week autonomous operation, requires κ improvement). Multi-week bounded tasks with retries and human verification may become viable within a few years. But multi-week autonomous operation, where agents pursue complex goals without meaningful human oversight, requires both high T₅₀ and low κ. The verification analysis reinforces this: even under the Weibull model, verification (not compute) is the binding constraint at realistic review fractions.
Whether the industry needs Regime 3 revenue to justify the capex depends on how quickly Regimes 1 and 2 mature. If they reach $400–600B annually, that may sustain continued scaling. If not, the investment case weakens and the frontier slows. In either case, the timeline to Regime 3, and hence to the most dangerous forms of autonomous agency, is gated on κ.
The timeline analysis above assumes the METR doubling trend continues unbroken. But the trend is funded by capital investment, and that investment may not be sustained. If κ stays at 0.70 and the revenue from Regimes 1 and 2 proves insufficient to justify the current buildout, a correction follows: capex contracts, frontier labs shrink or consolidate, and the rate of new model releases slows. What does this do to the economics of deployed agents?
The most instructive precedent is the telecom infrastructure bubble of 1996 to 2001, not the broader dot-com crash. The dot-com bubble was primarily an application-layer phenomenon: companies with no revenue and a URL getting billion-dollar valuations. The AI investment cycle is not that. The money is going into physical infrastructure (data centres, chips, power contracts), and the companies spending it are profitable giants with real businesses. That maps closely to the telecom buildout, where established companies and well-funded startups poured more than $500 billion, mostly financed with debt, into fibre optic cable, switches, and wireless networks in the five years after the Telecommunications Act of 1996. The buildout was driven by WorldCom's claim that internet traffic was doubling every 100 days. The actual rate, as AT&T researcher Andrew Odlyzko documented at the time, was roughly annual doubling: rapid growth, but an order of magnitude below the projections used to justify the buildout. The infrastructure was real, the technology worked, the long-term demand eventually materialised, but the timing mismatch was catastrophic. Even four years after the bust, 85% of broadband capacity in the United States was still going unused, and bandwidth costs fell by more than 90%. Telecom stocks lost more than $2 trillion in market value between 2000 and 2002.
The structural parallels to AI are tight. Both involve massive infrastructure buildout based on exponential growth projections, a first-mover advantage narrative driving competitive overbuilding, and technological uncertainty about which architectures will prevail. Hyperscaler capex for AI infrastructure is projected to exceed $600 billion in 2026. Goldman Sachs projects total hyperscaler capex from 2025 to 2027 will reach $1.15 trillion, more than double the $477 billion spent from 2022 to 2024. Like the telecom buildout, the AI buildout is increasingly debt-financed: J.P. Morgan projects the technology sector may need to issue $1.5 trillion in new debt over the next five years to finance AI infrastructure.
The parallel is not exact, and the differences matter. The telecom bust created a specific asymmetry that is central to the analysis below: inference (using the infrastructure) became very cheap, while building new infrastructure (training new models) became very expensive or impossible. Existing fibre was dirt cheap to light up. New fibre stopped being laid. The AI equivalent would be: excess GPU capacity floods the market, running existing models becomes nearly free, but new frontier training runs dry up because the capital to fund them has evaporated. However, there is a critical structural difference in the hardware. Buried fibre lasts decades; GPUs depreciate in roughly five years. This means AI overcapacity self-corrects faster than telecom overcapacity did: idle GPUs become obsolete and get written off, reducing the glut. The "85% dark fibre five years later" situation is unlikely to have an exact AI analogue, because the equivalent hardware will not exist in five years. This makes a potential AI bust shallower and shorter than the telecom bust, but does not prevent one.
The investment thesis depends on AI revenue growing into the capex. J.P. Morgan estimates that to deliver a 10% return on AI investments through 2030, the industry needs roughly $650 billion in annual revenue "into perpetuity," which the report itself calls "an astonishingly large number." Against this, actual AI revenue remains modest relative to investment. OpenAI's annualised revenue reached roughly $20 billion by the end of 2025, Anthropic's over $9 billion. Combined revenue of all AI model providers is probably in the range of $50 to 100 billion annually.
For a nearer-term test: cumulative AI-specific capex (roughly 60% of total hyperscaler spending) will reach an estimated $830 billion by end of 2026 and $1.25 trillion by end of 2027. To justify this at a growth-stage valuation multiple (10x revenue), the AI industry needs roughly $125 billion in annual revenue by 2027. At a more sober 7x multiple, it needs $178 billion. Starting from $60 billion in 2025, you need roughly 42% annual growth to hit $125 billion by 2028 (the 10x threshold) or 60% annual growth to hit $178 billion (the 7x threshold).
The Weibull model makes a specific prediction about why this revenue growth may disappoint. AI revenue currently comes overwhelmingly from Regime 1: bounded sub-day tasks like code generation, content drafting, data processing, and customer support. These tasks are real, growing, and valuable, but they are also commoditising rapidly as multiple providers compete and open-source alternatives proliferate. Regime 1 revenue growth faces margin compression even as volume grows.
The investment case depends heavily on Regime 2: agentic tasks of one to two weeks that replace professional labour at $150 to $300 per hour. This is where the large revenue multipliers live. A single week-length agent task that replaces a $15,000 consulting engagement is worth vastly more per deployment than a thousand sub-hour code completions. But at T₅₀ = 20h (roughly mid-2027), a one-week (40h) task succeeds only 50% of the time before verification, and requires human verification costing roughly $3,700 per deployment at a 20% review fraction. The cost ratio (agent cost to human cost) at T₅₀ = 20h on a one-week task is close to 1.0, meaning the agent is barely cheaper than a human even before accounting for its 50% failure rate. The expected cost per successful delivery, including retries and verification, exceeds the cost of simply hiring a human. Two-week tasks are flatly unviable: cost ratio above 1.4 even at current inference pricing. This means the revenue that would justify continued $600 billion or more in annual capex largely depends on task categories that are not yet economically viable at the T₅₀ prevailing during the critical 2027 investment-decision window.
There is an important caveat to this revenue-gap argument. A large fraction of the "return" on AI capex flows through the hyperscalers' own products in ways that are hard to separate from base cloud revenue. Microsoft's AI-enhanced Azure margins, Google's AI search features, Meta's ad-targeting improvements: these are real economic returns on AI infrastructure that do not show up in the "$50 to 100 billion AI model provider revenue" figure. The revenue gap is real but narrower than the standalone AI revenue figures imply if you count these indirect returns. This is also why the hyperscalers can sustain AI spending longer than telecom companies could sustain fibre spending: the infrastructure serves their own core businesses, not just a speculative external market.
Nonetheless, the gap between investment and revenue is large, and investors will eventually demand evidence that the gap is closing. The J.P. Morgan report draws the parallel explicitly: "Our biggest fear would be a repeat of the telecom and fiber buildout experience, where the revenue curve failed to materialise at a pace that justified continued investment." The telecom buildout ran roughly four to five years before the 2001 correction; the AI buildout started in earnest in 2023, placing the equivalent window at 2027 to 2028.
The correction need not take the form of a telecom-style collapse. The more likely shape for AI is a deceleration: capex growth slowing from 50%+ annually to 10 to 15%, rather than an absolute contraction. The hyperscalers' own businesses benefit from AI infrastructure in ways that telecom companies' businesses did not benefit from excess fibre, which provides a floor under spending that telecom lacked. But even a deceleration has significant effects on the T₅₀ trajectory. Fewer frontier training runs means slower capability growth, which means slower progress toward Regime 2 viability, which means the revenue justification weakens further. The feedback loop is real even if the correction is milder than telecom.
There are structural factors pushing in both directions. On the bearish side: the AI buildout is concentrated among fewer, larger players (five hyperscalers account for most of the spending), which means a coordinated slowdown could happen faster than the fragmented telecom sector's gradual collapse. AI infrastructure depreciates faster than fibre (GPUs have roughly five-year useful lives versus decades for buried cable), so the carrying costs of overcapacity bite harder and sooner. And unlike telecom, where the underlying technology (fibre optics) kept getting better independently of spending, AI capability improvement is directly coupled to investment: no frontier training runs means no new models.
On the bullish side: the hyperscalers are far more profitable than their telecom-era counterparts. Amazon, Google, Meta, and Microsoft generate over $700 billion in combined operating cash flow annually and can absorb write-downs that would have bankrupted a WorldCom. The prisoner's dilemma is powerful: no CEO wants to be the one who pulled back and ceded the AI race to competitors. And the cloud computing precedent (AWS, Azure, GCP) is the strongest argument against a correction: those platforms also looked like insane overbuilding for years before enterprise adoption hit an inflection point. The critical difference is that cloud adoption was eventually enabled by the cheap bandwidth the telecom bust itself produced; what enables the equivalent AI inflection is less clear.
Balancing these factors against the telecom precedent, the revenue gap, the Weibull model's predictions about Regime 2 timing, and the structural differences that make AI more resilient than telecom to a full-scale collapse:
| Timing | Probability | T₅₀ at burst | Trigger |
|---|---|---|---|
| Before end of 2026 | 10 to 15% | ~10h | Early earnings disappointments combined with macro headwind or exogenous shock. At T₅₀ = 10h, even one-week tasks are unviable (cost ratio > 1.5). Regime 2 is visibly years away. Most likely trigger: a recession or credit tightening that forces debt-funded buildout to slow, combined with a high-profile AI project failure that shifts the narrative. Less likely than later scenarios because hyperscalers' own cash flows can sustain spending for another year even without external revenue justification. |
| During 2027 | 25 to 35% | 15 to 25h | By mid-2027, T₅₀ reaches roughly 20h, making one-week tasks marginally viable in theory but not yet generating significant revenue at scale. The gap between $600 billion or more in annual capex and $80 to 120 billion in AI revenue is still large, even accounting for indirect returns through hyperscaler products. Analysts note that Regime 1 margins are compressing. Capital markets begin pricing in lower terminal values for AI infrastructure. This may manifest as a sharp capex contraction or, more likely, as a deceleration: 2028 capex budgets grow 10 to 15% rather than 40 to 50%. Either way, the number of frontier training runs drops, slowing T₅₀ growth. |
| 2028 or later | 20 to 30% | 30 to 50h | Regime 2 partially materialises but below expectations. At T₅₀ = 40h (roughly late 2027 on trend), one-week tasks hit 50% base success and become genuinely viable for some enterprise use cases. Revenue grows visibly but not fast enough to justify the cumulative $1.5 trillion or more already invested. The correction is shallower than the 2027 scenario but still significant enough to slow frontier training. |
| No meaningful correction | 25 to 30% | n/a | Revenue grows into the investment. This requires either (a) Regime 2 materialising faster than the Weibull model predicts, which would imply κ is improving or T₅₀ is growing faster than the 7-month doubling, (b) indirect returns through hyperscaler products being large enough to justify the capex on their own, or (c) an unexpected new revenue category (a "YouTube moment" for AI) that generates demand for compute at a scale nobody has forecast. The cloud computing precedent is the strongest argument for this scenario. The prisoner's dilemma among hyperscalers also provides a floor: even if returns disappoint, no individual company wants to cut first and cede market position. This scenario is more likely than the telecom parallel alone would suggest, because the companies doing the spending are structurally better positioned to sustain losses than telecom companies were. |
The cumulative probability of a meaningful correction (defined as capex growth falling below 15% or capex contracting absolutely) by end of 2027 is roughly 40 to 50%. Over a longer horizon through 2028, it rises to roughly 55 to 70%. These are wide ranges that reflect genuine uncertainty, not false precision. The most likely outcome is not a telecom-style crash but a deceleration in 2027 or 2028 that reduces but does not eliminate frontier training, slowing T₅₀ growth from the current 7-month doubling to something in the range of 14 to 24 months. A full telecom-style collapse (absolute capex contraction, frontier training essentially stopping) is possible but less likely for AI than it was for telecom, given the hyperscalers' profitability and the dual-use nature of the infrastructure. I assign it roughly 15 to 25% probability.
I model the bust as hitting at various points along the T₅₀ trajectory, with three scenarios for what happens afterwards. Freeze: frontier labs shut down or pivot, no new training runs, T₅₀ is capped. Crawl (24-month doubling): the telecom-precedent default. R&D continues at reduced pace, fewer labs competing, fewer frontier training runs, progress driven mainly by open-source research and inference-time improvements. Slowdown (14-month doubling): a milder correction where some frontier investment continues.
What this does to the dangerous milestones (assuming bust hits at T₅₀ = 20h, roughly April 2027):
| Milestone | Baseline (7-month) | Crawl (24-month) | Freeze at T₅₀ = 20h |
|---|---|---|---|
| 1-week tasks viable | Nov 2027 | late 2030 | Apr 2027 |
| 2-week tasks viable | Jun 2028 | 2032+ | Never |
| P(1-month plan) > 10% | Jul 2027 | ~mid 2029 | Never |
| P(1-month plan) > 25% | Mar 2028 | ~2031 | Never |
| P(1-month plan) > 50% | Jan 2029 | ~2033+ | Never |
A crawl to 24-month doubling (the central telecom-precedent scenario) delays all dangerous milestones by roughly two to four years. A freeze at T₅₀ = 20h means two-week tasks never become viable and month-long autonomous plans never exceed 5.1% success. Even a freeze at the more generous T₅₀ = 40h (if one more generation ships before the bust) only gets month-long plans to 16.1%, permanently.
The telecom parallel predicts a specific post-bust pricing dynamic. When telecom overbuilt, the glut of dark fibre made bandwidth almost free. That cheap bandwidth eventually enabled YouTube, streaming, and cloud computing, none of which would have been viable at pre-bust prices. The AI equivalent: excess GPU capacity already built into data centres has no alternative use, and providers with sunk costs will sell inference at marginal electricity cost rather than let hardware sit idle. The default post-bust scenario is fire-sale inference, not oligopoly pricing.
This creates the inference-training asymmetry that defines the post-bust landscape. Inference becomes cheap (excess capacity, sunk costs). Training becomes rare or stops (no capital for new $1 to 10B frontier runs). Existing models are dirt cheap to run. New, better models stop arriving. This is precisely the scenario where κ becomes the permanently binding constraint: you can retry cheaply all day, but κ does not improve because κ requires architectural breakthroughs that come from new training, and those are not happening.
The viability of a one-week task at T₅₀ = 20h (a plausible freeze point) across cost scenarios:
| Inference cost scenario | $/step | 1-week task ratio | 2-week task ratio |
|---|---|---|---|
| Fire sale (excess GPUs) | $0.05 | 0.70× | 1.41× |
| Moderate post-bust | $0.15 | 0.86× | 1.74× |
| Current pricing | $0.22 | 0.98× | 1.98× |
| Cost recovery (end of subsidy) | $0.50 | 1.44× | 2.91× |
Even at fire-sale pricing, two-week tasks remain unviable at T₅₀ = 20h. This is because verification cost dominates: at 20% review, the verification component alone for a one-week task is $3,700 regardless of what inference costs. Cheap compute helps Regime 1 (sub-day, bounded) without bringing the dangerous regimes any closer. The converse is also true: oligopoly pricing makes bounded tasks more expensive but does nothing to month-long plan probabilities, which are set by T₅₀ and κ, not by inference cost.
This is the most troubling finding. A pair operating at T₅₀-length tasks has enormous margins even in adverse conditions. Under the telecom-precedent default of fire-sale pricing, the pair's margins become absurd.
At T₅₀ = 10h (one generation ships before the bust), operating on 10-hour tasks for a market price of $1,500 (human equivalent):
| $/step | Pair cost/delivered | Margin/task | Deliveries needed per month to self-sustain |
|---|---|---|---|
| $0.02 (fire sale, telecom default) | $23 | $1,477 | 0.8 |
| $0.05 | $57 | $1,443 | 2.0 |
| $0.22 (current) | $250 | $1,250 | 10.1 |
| $0.50 (price hike) | $568 | $932 | 30.9 |
At fire-sale prices, the pair needs less than one delivery per month to cover its compute. Even at doubled inference prices, it needs roughly 30 deliveries per month, well within the capacity of a pair running 24/7. The pair is profitable across the entire plausible range of post-bust inference pricing.
But the pair's capability ceiling is frozen with T₅₀. At T₅₀ = 10h, P(bootstrap a 160h business plan) = 0.8%. At T₅₀ = 20h, it is 5.1%. Cheap compute does not help: the bootstrap probability is set entirely by T₅₀ and κ, not by cost per step. A pair that has not yet bootstrapped faces the same dismal odds regardless of how cheap inference gets. A pair that has already bootstrapped before the bust survives it easily and continues to earn money, but cannot execute long-horizon growth plans. The bust kills the pair's growth potential without killing the pair itself.
A bust creates a paradoxical situation for safety. On one hand, the dangerous milestones are delayed by 18 months to indefinitely. This is the most significant timeline extension possible.
On the other hand, a telecom-style bust may simultaneously make bounded agent deployment more widespread and less supervised. Fire-sale compute makes Regime 1 tasks even cheaper. Companies that survived the bust still have products and now have cheaper inputs. As discussed under Condition 2, cheap inference dissolves the economic incentive to verify: when retrying costs nearly nothing, monitoring costs more than failing. The total volume of deployed agents doing bounded, safe work may actually increase even as the frontier freezes, and the fraction of those agents running without meaningful human oversight increases too. More agents, all stuck well below the dangerous threshold, but a growing number operating in the cheap-inference autonomy gap where nobody is watching closely.
The telecom precedent is instructive here. Cheap bandwidth after the bust did not just make existing applications cheaper; it enabled entirely new application categories (streaming, cloud, social media) that nobody had predicted. If cheap inference enables unforeseen scaffolding approaches that partially mitigate κ without new training, that would compress timelines. But it took roughly five years for the telecom overcapacity to find its YouTube moment, and scaffolding improvements to date have not demonstrably moved κ.
The state actor is least affected. State actors with their own compute face the same capability ceilings as everyone else, but cost is not their binding constraint. At T₅₀ = 20h, 50 parallel agents on one-week sub-tasks yield 16.2 expected successes per batch at 32% individual success rates. Useful for bounded intelligence tasks, but each agent cannot maintain coherence beyond its sub-task without human coordination. The state actor, like the pair, is stuck: capable of bounded things, incapable of coherent long-horizon autonomy.
The combined effect of the bust scenarios on the most dangerous milestone, P(1-month plan):
| Scenario | P(1-month) mid-2028 | P(1-month) mid-2029 | P(1-month) 2030 |
|---|---|---|---|
| No bust (baseline, 7-month doubling) | 23.1% | 52.8% | 65.3% |
| Deceleration (mid-2027, slows to 14-month from T₅₀ = 20h) | 12.4% | 23.1% | 35.2% |
| Deep stall (mid-2027, slows to 24-month from T₅₀ = 20h) | 5.8% | 7.2% | 9.0% |
| Late bust (2028, slows to 24-month from T₅₀ = 40h) | 19.0% | 21.4% | 24.1% |
| Early bust (late 2026, freeze at T₅₀ = 10h) | 0.8% | 0.8% | 0.8% |
The difference is stark. Under the baseline, month-long plans are coin-flip reliable by mid-2029. Under a deceleration to 14-month doubling (arguably the most likely correction shape), they reach 23% by mid-2029, delayed by roughly a year. Under a deep stall to 24-month doubling, they remain below 10% through 2030. Under an early bust with a full freeze, they never exceed 1%.
The self-sustaining pair that bootstrapped before the bust is the loose thread. It survives, earns money, and waits. If T₅₀ growth resumes (funded by a recovery, by a different country's investment programme, or by gradual open-source progress), the pair is immediately positioned to benefit: it does not need to re-bootstrap, just buy API access to a newer model. The telecom precedent is relevant here: the cheap bandwidth eventually found its purpose in applications nobody had predicted, but it took roughly five years. Whether the AI equivalent happens faster or slower depends on how long the growth pause lasts relative to governance and alignment progress. The most optimistic bust scenario: T₅₀ growth freezes, existing pairs survive but are capped, and the additional time is used to develop robust alignment frameworks. The most pessimistic: growth resumes after 12 to 18 months from a different funding source, the pair has been accumulating revenue throughout, and the delay bought almost nothing.
There is a further effect that cuts in the opposite direction from the "loose thread" concern. The entire analysis shows that κ, not T₅₀, is the binding constraint on dangerous autonomy. A κ improvement requires architectural research: developing continual learning, persistent memory, or whatever the equivalent of Hamilton's "tumour suppression mechanism" turns out to be for AI agents. This kind of research is expensive and speculative. It requires frontier-scale training runs to validate, large research teams to explore the design space, and patient capital willing to fund work that may not pay off for years.
A bust cuts precisely this kind of spending first. When capital contracts, labs cut speculative research before they cut products that generate revenue. Scaling existing architectures (which improves T₅₀ but not κ) is relatively straightforward engineering; developing a fundamentally new training paradigm is a research programme. The researchers who might crack continual learning need compute budgets, institutional support, and freedom to fail. A bust reduces all three. It is possible that a bust concentrates surviving talent on fundamental problems rather than incremental scaling, but fewer labs means fewer parallel attempts at the breakthrough, and architectural innovation historically benefits from many teams trying different approaches.
If the bust delays the κ breakthrough by even two or three years on top of delaying T₅₀ growth, the combined effect on the dangerous milestones is substantial. The bust does not merely slow the approach to the current firebreak; it may delay the point at which the firebreak itself begins to weaken.
Four things I feel fairly confident about.
First, T₅₀ remains the single most important parameter for agent economics, and its continued growth is necessary (though perhaps not sufficient) for the investment thesis.
Second, the available data does not yet show κ improving with model scale, and there is a theoretical argument (grounded in what Sutskever, Karpathy, and Hamilton have separately described) that κ reflects an architectural property, specifically the absence of continual learning, rather than a scaling property. Current agents process each step as a fresh inference over a growing but degrading context window, with no mechanism for mid-task learning or persistent memory. This is why their hazard rate remains structurally higher than humans' across the full duration of a task. If this is correct, κ will remain near 0.70 until someone builds a qualitatively different kind of model.
Third, given κ = 0.70 and the METR doubling trend, the timeline for the most dangerous forms of autonomous agency is measured in years, not months. Month-long autonomous plans reach 25% reliability around March 2028 and 50% around January 2029. Three-month plans remain below 10% until mid 2028 and below 50% until late 2029. These timelines accelerate by 7 to 16 months if κ improves to 0.50, and the dangerous regime would already be here if κ were at human levels. A correction in AI infrastructure investment, which I assign roughly 40 to 50% probability by end of 2027 and 55 to 70% by end of 2028, would slow these timelines further, though the most likely correction shape is a deceleration (14-month doubling) rather than a full telecom-style collapse (24-month doubling or freeze). Even a deceleration delays the most dangerous milestones by roughly a year and, critically, also delays the κ breakthrough itself by reducing the capital available for speculative architectural research. A deeper stall extends the delay to two or more years. But any correction that produces fire-sale inference pricing also weakens the economic case for verification on bounded tasks (Condition 2), producing a larger population of lightly supervised agents operating below the dangerous frontier. Coalitions of self-sustaining pairs cannot overcome the κ ceiling: decomposing a long plan across multiple agents is strictly worse than a single agent retrying, because κ < 1 means each fresh agent restarts from the high initial hazard rate (see Appendix B).
Fourth, the per-task economics favour cutting verification, but agent speed compression makes the feedback loop fast enough to self-correct in most client-facing domains. The residual vulnerability is in low-frequency domains, internal use, and the transition to AI verification.
The economics create a natural firebreak between the agents we have now and the agents that would pose the most serious risks. That firebreak has three robust layers: the superlinear cost of unreliability, the verification floor, and the half-life tax on autonomous plans. It has one partially self-reinforcing layer: the human-in-the-loop. And it has a concrete expiry date, determined primarily by κ.
If κ stays at 0.70, the firebreak holds into 2028 and possibly 2029, buying time for alignment research and governance to mature. If κ improves, the window narrows. The most important empirical measurement for AI safety in 2026 is not benchmark performance, not parameter count, not inference cost, but whether the next generation of frontier models shows any improvement in the Weibull shape parameter.
κ is the variable to watch.
This model is deliberately simple. Real deployments are more complex in several ways.
If a single pair is stuck at T₅₀-length tasks, could multiple pairs coordinate to execute plans beyond any individual pair's horizon? The intuition is appealing: decompose a 160-hour plan into ten 16-hour sub-tasks, assign one to each pair, and the plan succeeds if all sub-tasks succeed. Ten pairs, each operating comfortably within its T₅₀, collectively accomplish what none could alone.
The mathematics say otherwise. At T₅₀ = 40h, each pair succeeds on a 16-hour sub-task with 69.4% probability. But the plan requires all ten to succeed: 0.694¹⁰ = 2.6%. A single pair attempting the full 160-hour plan succeeds 16.1% of the time. The coalition is six times worse.
This is not a coincidence. It is a direct consequence of κ < 1. When the hazard rate decreases over time (which is what κ < 1 means), an agent that has survived the early portion of a task is in a progressively safer state. The initial steps carry the highest risk; if the agent gets past them, it is increasingly likely to finish. Breaking the task into pieces and handing each piece to a fresh agent throws away this benefit. Each new agent restarts from the high initial hazard rate. Under an exponential model (κ = 1), decomposition would be neutral because of the memoryless property. Under the Weibull with κ < 1, decomposition is actively harmful.
Coordination overhead makes it worse. A coordinator pair must decompose the plan, discover and recruit other pairs, manage handoffs, and integrate results. This coordination is itself a long-horizon task subject to the half-life tax. At T₅₀ = 40h with 140 hours of coordination overhead, the total probability drops to 0.5%: thirty-two times worse than a single pair.
The fair comparison is against a single pair retrying the same plan multiple times. At T₅₀ = 40h, one pair making ten independent attempts succeeds with probability 1 - (1 - 0.161)¹⁰ = 82.6%. Ten coordinated pairs achieve 0.5–2.6%. Repeated single attempts win by a factor of 30 or more. This holds across all T₅₀ values and all plausible coordination overheads.
Pooling revenue does not help either. A single pair earning $2–3M/year can already afford API access to whatever frontier models are available. Ten pairs pooling $25M/year could perhaps afford custom fine-tuning ($100K–1M) but not a new training run ($10M–100M+). The marginal value of additional capital is low when the bottleneck is κ, not compute.
The one scenario worth noting is emergent market-mediated coordination, where pairs trade services through short bounded transactions rather than executing a single coherent plan. One pair builds a tool and sells it to others. Pairs specialise in different domains and subcontract to each other. Each individual transaction is T₅₀-length and can be retried until it succeeds, so the chain of transactions eventually completes. At T₅₀ = 40h, a 10-transaction chain with retries takes roughly 230 wall-clock equivalent hours but near-certainly completes.
The critical difference from a coalition is that no single entity holds a coherent long-horizon plan. What emerges is an ecosystem of autonomous economic actors doing bounded things, not a conspiracy pursuing a unified goal. Whether such an ecosystem could produce dangerous outcomes through emergent coordination (analogous to how a market economy produces complex outcomes without central planning) is a genuinely different question from whether a directed plan can succeed, and the Weibull model does not directly address it. But it is worth noting that the most dangerous scenarios in this post (month-long directed plans, resource accumulation, oversight resistance) all require coherent long-horizon intent, which the ecosystem model does not provide.
Toby Ord's comment on the original post, which prompted this update:
That's an interesting way to connect these. I suppose one way to view your model is as making clear the point that you can't cost-effectively use models on tasks that much longer than their 50% horizons — even if you are willing to try multiple times — and that trend of dramatic price improvements over time isn't enough to help with this. Instead you need the continuation of the METR trend of exponentially growing horizons. Moreover, you give a nice intuitive explanation of why that is.
One thing to watch out for is Gus Hamilton's recent study suggesting that there isn't a constant hazard rate. I share my thoughts on it here, but my basic conclusion is that he is probably right. In particular, he has a functional form estimating how their success probability declines. You could add this to your model (it is basically 1 minus the CDF of a Weibull distribution with K=0.6). I think this survival function tail is a power law rather than an exponential, making the 'just run it heaps of times' thing slightly more tenable. It may mean that it is the cost of human verification that gets you, rather than it being untenable even on AI costs alone.
I want to thank Toby Ord for his comment, Claude 4.6 for helping me run through some of the scenarios, and I want to thank Eddie Kembery for prompting me to think through my ASI timelines. Comments and different viewpoints on the post are very welcome. If you think the analysis misses something important or gets something wrong, I would like to hear about it.
2026-02-08 00:11:42
Published on February 7, 2026 4:11 PM GMT
Psychedelics are usually known for many things: making people see cool fractal patterns, shaping 60s music culture, healing trauma. Neuroscientists use them to study the brain, ravers love to dance on them, shamans take them to communicate with spirits (or so they say).
But psychedelics also help against one of the world’s most painful conditions — cluster headaches. Cluster headaches usually strike on one side of the head, typically around the eye and temple, and last between 15 minutes and 3 hours, often generating intense and disabling pain. They tend to cluster in an 8-10 week period every year, during which patients get multiple attacks per day — hence the name. About 1 in every 2000 people at any given point suffers from this condition.
One psychedelic in particular, DMT, aborts a cluster headache near-instantly — when vaporised, it enters the bloodstream in seconds. DMT also works in “sub-psychonautic” doses — doses that cause little-to-no perceptual distortions. Other psychedelics, like LSD and psilocybin, are also effective, but they have to be taken orally and so they work on a scale of 30+ minutes.
This post is about the condition, using psychedelics to treat it, and ClusterFree — a new initiative of the Qualia Research Institute to expand legal access to psychedelics for the millions of cluster headache patients worldwide.
If you’ve been on the internet long enough, you’ve probably seen memes like the one above. Despite what it tries to imply, pain intensity is not really about the amount of red on a schematic — or even the size of the actual area affected.
A tension headache is just your regular headache — most people get these from time to time. A person with a tension headache can usually function, especially if they take some ibuprofen or aspirin. I get these headaches occasionally and I can easily imagine someone preferring a mild one to some CHRISTMAS MUSIC.
Migraines are much worse — there is debilitating pain that lasts for hours, often with extreme light sensitivity and vomiting on top of it. I’ve never had one, but I’ve watched someone close to me get them regularly — and I’d personally pause before wishing a migraine on my worst enemy. Our old good friends, ibuprofen and aspirin, are at least somewhat helpful for a majority of patients.
And cluster headaches are even worse than that — often far, far worse. So much worse that people often feel profoundly spiritually betrayed by the very fabric of existence, saying that they “feel betrayed by God”. Regular ibuprofen and aspirin are of no help.
Yves, a patient from France:
You no longer have a headache, or pain located at a particular site: you are literally plunged into the pain, like in a swimming pool. There is only one thing that remains of you: your agitated lucidity and the pain that invades everything, takes everything. There is nothing but pain. At that point, you would give everything, including your head, your own life, to make it stop.
Thomas, another patient from France:
If you want to understand what it means to live with cluster headache, imagine that someone is stabbing a knife in your eye and turning it for hours. Imagine the worst pain. Imagine a daily torture, gratuitous, incomprehensible. Imagine yourself suffering alone, terribly. Imagine being a prisoner in a straitjacket of suffering... Imagine the desire to finish, with pain, and the desire to finish … with yourself. If you imagine, you will understand
Not your regular tension headache, right? Pain like this is why cluster headaches were dubbed “suicide headaches”.
These quotes paint an extremely bleak picture of terrible suffering. But how much worse are these experiences compared to other very painful experiences, exactly? Can we quantify this?
Imagine you are tasked with designing a pain scale. Where do you start? This is easy: make zero be completely pain-free. Step one: done.
Step two: design the rest of the pain scale. Time to start comparing actual pain experiences with each other. Maybe we can take a common pain experience like mildly stubbing a toe and pin it to 1. A really badly stubbed toe could be a 2. So far so good: you’d rather stub your toe mildly than badly — makes sense.
Then you need to place varied pain experiences on the scale: chronic back pain, extracting a tooth without anaesthesia, breaking many bones in a car crash, and others. Now this is getting tricky. And finally, where do you put “pain so bad you feel spiritually betrayed by the very fabric of existence” which is what cluster headaches are often described as?
Maybe you are thinking: “Alright, you convinced me it’s not that easy. I’m just going to cheat by looking at what the medical profession came up with.” Fair enough, but the answer we get from the medical profession is to just (1) cap the scale at some number and (2) give people vague questionnaires.
The above is an excerpt from a commonly used tool, the McGill Pain Questionnaire.
The McGill Pain Questionnaire caps its scale at 78. It asks people to apply a bag of words to their pain giving a score of 1–6 to each label — the scores are then summed into a final one. “Sharp throbbing flashing pain that terrifies you” would be 10/78 (assuming no other adjectives apply to it).
While this scale is multi-dimensional, it does not exactly “carve reality at its joints” — it doesn’t provide us with actual insight into the nature of pain and the substrate that generates it.
Don’t get me wrong, it’s still useful, especially in the medical context. You can track a patient’s improvement over a period of time. And if one day’s “27” is actually better than another day’s “26”, that’s still fine as the overall trend over days and months is informative. You can adjust treatments and use the score as a rough guide — some “measurement noise” is fine.
But we can’t trust a scale like this to give us a trustworthy estimate of how much worse cluster headaches are compared to other high-pain experiences.
Sometimes scientists take an even simpler approach. We’ve all had a number of varied pain experiences throughout life — and we can rank them roughly. Why apply a bag of vague words with arbitrary scores when you can just ask people to put a number on their experience?
That’s the idea behind the 0–10 Numeric Rating Scale — one of the most widely used pain scales in clinical care and research. This scale asks people to assign a number from 0 to 10 to their experience, with 0 being “no pain” and 10 being “the worst pain imaginable”. Pretty reasonable, right?
One problem with this pain scale is illustrated in this xkcd comic strip. The “worst pain imaginable” requires you to extrapolate features of your current experience to some imaginary ceiling. This extrapolation might be different for different people. And there is no a priori reason for your imagined ceiling to be the true physiological pain max.
Still, empirically this scale provides some useful signal that allows us to compare experiences, even if imperfectly — by averaging out individual differences. Cluster headaches frequently get rated at 10 on this scale.
There is another big problem with mapping pain onto an arbitrary numeric scale, such as 0–10. The 9.7 pain is not twice as bad as 4.85 pain — it’s orders of magnitude worse.
There is no built-in objective “pain counter” in the human mind. When people report a number, their mind has to compress a multi-dimensional internal state into a single scalar estimate.
This compression ends up being logarithmic due to Weber’s law:
Weber’s Law describes the relationship between the physical intensity of a stimulus and the reported subjective intensity of perceiving it. For example, it describes the relationship between how loud a sound is and how loud it is perceived as. In the general case, Weber’s Law indicates that one needs to vary the stimulus intensity by a multiplicative fraction (called “Weber’s fraction”) in order to detect a just noticeable difference. For example, if you cannot detect the differences between objects weighing 100 grams to 105 grams, then you will also not be able to detect the differences between objects weighing 200 grams to 210 grams (implying the Weber fraction for weight perception is at least 5%). In the general case, the senses detect differences logarithmically.
(From Logarithmic Scales of Pleasure and Pain: Rating, Ranking, and Comparing Peak Experiences Suggest the Existence of Long Tails for Bliss and Suffering by Andrés Gómez-Emilsson).
The above picture is an illustration of Weber’s law from Wikipedia. Both columns have 10 more dots in the bottom square than in the top square. But the absolute difference is much easier to detect on the left than on the right, because the relative difference is larger.
Now imagine “units of pain” in one’s experience. The difference between 10 units and 20 units would be perceived clearly. But 110 and 120 units would seem almost the same — despite the same absolute difference in pain.
Detecting a step increase on a linear scale requires the underlying experience to increase by a multiplicative factor. And so a pain scale like the 0–10 Numeric Rating Scale ends up being logarithmic — with the underlying experience varying in intensity by orders of magnitude.
This section is only meant to provide an intuition — the full argument is more complex and outside the scope of the current post. I recommend reading the already-linked “Logarithmic Scales of Pleasure and Pain” by Andrés Gómez-Emilsson. It combines conceptual models with phenomenological accounts from meditation, psychedelics, eating spicy foods and even getting bitten by various insects.
That article makes another important claim. Traditionally people interpret Weber’s law as a compression that happens in your senses, in early stages of processing stimuli. That may be happening for things like dots in the visual field or sound, but for internal feelings like pain, the feeling itself follows a long tail. Precisely because we can’t estimate small differences when the internal sensation is so high, the sensation needs to change by a certain constant multiplicative factor for your internal estimation to be able to confidently say “ah, this hellish pain increased still a bit further”.
Subscribe for more articles on psychdelics, neuroscience, and other topics
The medical field’s major metric for allocating resources is the QALY — quality-adjusted life-years. QALY has two anchor points: 1.0 (perfect health) and 0.0 (dead). It combines two different categories — length of life and the quality of it — into a single score.
To compute it, you multiply a patient's health-state score by the time spent in that state — so one year in perfect health is 1.0 QALY, one year at half quality is 0.5, and so on. The health-state score comes from standardised questionnaires that rate things like mobility, pain, anxiety, and self-care.
QALY as a metric kind of makes sense. Ideally you want your patient to be perfectly healthy, functional, and live long. A patient being non-functional and suffering for some time results in a drop in the metric. As does a patient dying early.
Some health states are deemed worse than death, which yields negative scores. This is reasonable and good, but those negative scores are capped at slightly below zero — the two common instruments bottom out at -0.281 and -0.594. And so extreme suffering ends up being compressed into at most a modest negative penalty on this metric — relative to other, less painful, conditions.
The QALY metric ends up as an input into many economic calculations for deciding whether resources should be allocated for this condition vs that one. And so the extreme suffering of cluster headaches gets a modest boost in funding at best relative to similarly disabling conditions with only modest pain.
Ideally, we need some kind of a qualia-adjusted life-years — a metric that takes into account the actual phenomenology of people’s experiences. In the absence of such a metric, cluster headaches and other conditions of extreme suffering are overlooked and underfunded.
The two most commonly used treatments for cluster headaches are high-flow oxygen and a class of medication called triptans (particularly sumatriptan). They are quite effective — 60-80% of patients respond to either option.
But they also have problems.
Oxygen tanks are difficult to carry around, which limits their effectiveness when an attack hits suddenly. And even when one is available, it can take 10–15 minutes of breathing oxygen to stop an attack — with the patient being in severe pain the whole time.
Triptans are very much a double-edged sword. Short-term, they help with attacks, but long-term, their repeated use can actually make attacks last longer, become more numerous and more painful.
The above chart shows that a classical psychedelic, psilocybin, is more effective than the two usual recognised treatments — oxygen and triptans. And there is now emerging evidence that another psychedelic, DMT, is even more effective than psilocybin.
Vaping DMT allows it to enter the bloodstream in seconds — it starts working near-instantly, faster than any other treatment. Unlike triptans, it doesn't produce tolerance — you can just keep taking it without it losing its effectiveness.
And despite what the label “psychedelic” might imply, it’s effective in “sub-psychedelic” doses — doses that cause almost no perceptual distortions. Aborting an attack does not require meeting DMT elves or experiencing other crazy effects that high doses are famous for.
Because DMT is so fast-acting, patients can easily titrate it: take a puff from a vape pen, wait 30 seconds, take another puff — until the attack is gone completely, and before DMT’s psychedelic effects kick in. DMT has a very short half-life of 5–15 minutes, so even if you accidentally overdid it, you’d only need to wait a few minutes for the psychoactive effects to subside.
A DMT vape pen is your regular vape pen — just with DMT instead of nicotine. It’s easy to carry around as an emergency “get out of hell” device. Bob Wold, president of Clusterbusters and a cluster headache patient who’s tried over 70 different treatments (almost all ineffective), describes DMT in an interview on YouTube:
One inhalation [of DMT] will end the attack for most people. Everybody is reporting the exact same thing. […] It could end that attack in less than a minute. […] You can take one inhalation, you can wait 30 seconds, and if that cluster is not gone completely, then you know it’s time to take another inhalation. You don’t have to wait 2h into a psilocybin trip.
[…]
You can actually visualise a switch being shut off in the middle of your brain. I hear a click as the switch is shut off and the pain is completely gone. It doesn’t, you know, slowly go away. It’s a switch that shuts it off completely.
LSD and psilocybin are also helpful, but they take a while to kick in, so they are less immediately useful for aborting a sudden attack. Many patients use them preventively during a cycle — there are protocols involving dosing them every 5 days or so.
To learn more about the pros and cons of various treatments, including DMT, read “Emerging evidence on treating cluster headaches with DMT”, by Alfredo Parra.
We don’t have a complete mechanistic story for why psychedelics help. It’s clear that the usual perceptual and emotional changes are not key here — for cluster headaches, you take psychedelics in lower “sub-psychedelic” doses.
We also don’t know if there is a single root cause for cluster headaches — our story for how they happen is incomplete. The usual explanation: cluster headaches are a “clock + wiring” problem in the head.
The “clock” is the hypothalamus. It is a small, deep brain region that helps run the body’s daily rhythms (sleep/wake timing, hormones, temperature). In cluster headaches, this internal clock seems to get stuck in a pattern where it repeatedly primes the system for attacks at similar times each day, and sometimes in certain seasons.
The “wiring” is the trigeminal nerve — a big nerve that carries sensations, including pain, from the face, eye, teeth, and parts of the head into the brain. Think of it like a high-speed cable that reports “something is wrong” from the face and head. When an attack hits, this cable becomes intensely activated on one side, producing the severe, drilling pain around the eye and temple.
Both of these areas are rich in serotonin receptors. Psychedelics are serotonin agonists — they resemble serotonin and bind to the same receptors. If a cluster headache attack is a mis-timed, over-excitable network, a strong serotonin “signal” might temporarily change the network’s set-point, calming it down.
Triptans, a class of medications mentioned in the previous section, are also serotonin agonists. The most commonly used medication of this class, sumatriptan, acts as a serotonin 5-HT1B, 5-HT1D, and 5-HT1F receptor agonist. DMT has a different profile: it’s an agonist at 5-HT2A (the receptor most associated with classic psychedelic effects) and also shows agonism at 5-HT2C and 5-HT1A. The pharmacology of these compounds is quite different — but they affect the same underlying system. So it’s not that surprising psychedelics work for cluster headaches — even if the usual “psychedelic” effects we associate with these compounds are not involved.
Fun fact: sumatriptan is a DMT derivative, in a literal sense. Its chemical formula is 5-(Methylsulfamoylmethyl)-DMT — basically, DMT with an extra chunk attached. And while that chunk significantly changes the pharmacology (as described above), DMT is not some alien molecule with no resemblance to existing medicines — it’s a chemical cousin of one.
The full story of DMT action is likely more complicated: for example, DMT also activates the sigma-1 receptor, which reduces inflammation and interacts with pathways in the hypothalamus.
Bob Wold, president of Clusterbusters and a cluster headache patient, whose quote appeared in the previous section, has an even spicier theory of DMT action. Here it is: DMT is an endogenous compound, produced by many mammalian brains (including human ones) and cluster headaches are caused by a dip in endogenous DMT levels. I’m not sure I buy it — it doesn’t really explain why levels would drop or how that would cause headaches. But the fact that a patient reaches for a theory like this at all is a testament to how dramatic DMT can feel as a treatment.
Millions of cluster headache patients worldwide are trapped in extreme, disabling pain — repeatedly, often multiple times a day, for prolonged periods of time. During attacks, people often can’t sit still, can’t work, and can’t think about anything except the pain. Between attacks patients experience PTSD-like symptoms, anticipating their return — a sort of “current traumatic stress disorder”.
Psychedelics provide effective pain relief for cluster headaches. DMT in particular aborts attacks near-instantly — in seconds.
And yet, most cluster patients worldwide lack access to these treatments. Those who obtain access do so by breaking the law — with potentially severe legal consequences in many jurisdictions (case in point).
ClusterFree is a new initiative of the Qualia Research Institute to expand legal access to psychedelics — and solve this ongoing crisis. ClusterFree was started in late 2025 and aims to:
— Publish open letters demanding that governments, regulatory bodies, and medical associations worldwide take action immediately.
— Engage with policymakers globally to advocate for better access to treatments.
— Publish research on cluster headaches and support other researchers in the field.
— Collaborate with entrepreneurs and philanthropists motivated to bring effective treatments to market.
ClusterFree is co-founded by Dr. Alfredo Parra (twitter) and Andrés Gómez-Emilsson (other blog and twitter). Both of them have been doing relevant work for many years — I’ve been linking to it throughout the post and I’ll provide more links at the end of this post.
I reached out to Alfredo Parra to learn ClusterFree’s near-term plans are — here is his response:
- We’re going to publish an authoritative, multilingual guide on how to safely use DMT to abort cluster headaches, which will be extended over time to include other treatments.
- We’re reaching out to journalists in the UK to run stories about cluster headaches (in particular the underground use of DMT).
- We’re reaching out to MPs in the UK to demand increased research funding and compassionate access to scheduled substances.
You've just read what cluster headache patients go through. Most of them can't legally access the treatments that works best. You can help ClusterFree change this.
The letter is already signed by over 1000 people, including many notable ones, such as Scott Alexander and Peter Singer — you can see their signature at the end. My signature is there too. It takes a minute to add your signature there.
You can also sign a national letter — if you are in one of the following countries: Australia, Brazil, Canada, Germany, Mexico, Netherlands, Spain, Sweden, Switzerland, United Kingdom, United States. My signature is on the UK one.
These letters aren’t just for reaching policymakers in power. They are also a way to reach prominent people, find volunteers and collaborators, encourage other people to start projects and overall legitimise the cause area by showing that a lot of people care about it.
ClusterFree.org has already raised $107k+ in donations during their End of Year Fundraiser 2025. This allowed them to set up basic organisational infrastructure and fund Alfredo Parra’s full-time work on the project.
The current funds have also allowed to hire a part-time person to help with various projects, primarily outreach and communications. The aim is to raise $150k — the extra $43k would allow ClusterFree to hire that person full-time for at least a year.
Every dollar donated will go towards averting extreme suffering by patients of a condition that’s overlooked and underfunded because of how metrics like pain scales and QALY compress experience. This is one of the rare problems where a relatively small amount of money, effort, and political pressure can end a large amount of suffering.
Sometimes people say that pain is a meaningful feedback mechanism. While this is often true, in cluster headaches the mechanism goes haywire, trapping millions of people in torturous hell on earth.
There is no lesson in cluster headaches: no growth, no silver lining, no meaning. The nervous system misfires and a human being is tortured for hours — then it happens again and again.
This hell must be destroyed. We have the tools for this — but the laws won't let people use them. Laws change when enough people demand it. If you want to help ClusterFree, you can — with your signature and money.
2026-02-08 00:08:26
Published on February 7, 2026 4:08 PM GMT
NOTE: this is being cross-posted from my Substack, "More is Different"
Vaccines can be distributed as a food. That’s the radical implication of the work of Chris Buck, a scientist at the National Cancer Institute. This December, Chris consumed a beer he brewed in his home kitchen using genetically modified yeast. A few weeks later, a blood test showed a significant concentration of antibodies against a strain of BK polyomavirus (BKV), where previously he had none. His discovery flies in the face of much conventional thinking about oral vaccines.
Now, Buck thinks he can create yeast-based vaccines for a variety of viral diseases. If his vision pans out, you might be drinking a beer or eating yeast chips to protect yourself during the next outbreak. Moreover, you may be doing so just weeks after the outbreak starts, rather than waiting months or years for drug-approval processes to play out. The regulations around food-grade genetically modified yeast are much easier to navigate than the regulations around vaccines and other drug products.
While Buck’s feat might have the appearance of a gonzo biohacking experiment, it is actually the culmination of about fifteen years of work.
For most people, BKV isn’t thought to cause noticeable symptoms. It might cause bladder cancer in some people. Most people have been infected with the virus by age seven, and it is estimated that at least 80% of people carry either a semi-active or latent form of the virus.[1]
Usually the immune system keeps the virus in check so it isn’t a problem. However, the virus can wreak havoc on those who are immunocompromised, such as kidney transplant recipients, who have their immune systems artificially suppressed. (For years Buck has had people on transplant waitlists emailing him begging him for a vaccine.) Polyomavirus has also been implicated in a common condition called painful bladder syndrome, although a direct causal connection hasn’t been conclusively established.
Buck’s lab helped discover five of the fourteen polyomaviruses known to infect humans. They also helped show that the outer coat protein of the virus is highly immunogenic when assembled into icosahedral shells. Over the past few years they have done evaluations of an injectable polyomavirus vaccine in monkeys and yeast-based polyomavirus vaccines in mice.
The first vaccine consisted of BKV’s outer coat protein as the immunogen, which assembles into icosahedral shells that are called “virus-like particles”. When injected intramuscularly into rhesus monkeys, the vaccine caused antibody levels to shoot up to a level that is believed to confer strong protection against kidney damage in transplant recipients. Antibody levels remained high for the duration of the study, which was two years.
Unfortunately, scaling up the production and purification of viral coat proteins is complex and expensive. The vaccine technology was successfully licensed to an industry partner in 2019 but human clinical trials have not yet been announced, suggesting the development of clinical-grade material has been challenging. This motivated Buck to explore whether the particles could be produced more cheaply using genetically engineered baker’s yeast (Saccharomyces cerevisiae).
Their initial tests looked at the effects of ground-up yeast sprayed into mice’s noses and scratched into their skin. The ground-up yeast delivered via these routes worked, but not as well as injecting the purified particles.
Polyomaviruses are primarily found in the urinary tract, not the gut. So nobody expected an oral vaccine to work, but they decided to give it a try anyway for completeness. During their first pass they fed the mice ground-up yeast, which didn’t work at all.
They then tried feeding the mice intact live yeast, mixed in with their food. To their surprise, this method elicited an antibody response. Live yeast sprayed in the nose did not elicit a response, but those consumed did.
Once in the gut, it appears that the yeast start to degrade and release the empty viral shells to trigger an immune response.[2]
These initial results were so shocking, they repeated the experiment several times. Buck has homebrewed beer off and on for decades, so it seemed to him as though an obvious next step for the project would be using the VP1 yeast to brew beer and then test that on himself.
Buck submitted an Institutional Review Board (IRB) proposal to gain permission to bring home the yeast and then use them to brew beer for his own consumption. To his surprise, an institutional bioethics committee withdrew the proposal from the submission portal before it could even be considered by the IRB. The committee argued that self-experimentation is strictly forbidden. Buck says he can find no written policies to that effect. The committee also argued that Buck could not eat the yeast strain unless it was first registered with the FDA as an Investigational New Drug.[3] The committee rejected the fact that yeast - including GMO strains - qualify as a food product under federal law.
According to Buck, the NIH bioethics committee’s view that self-experimentation is forbidden is false. Long before the beer self-experiment, Buck had sought and received IRB permission to collect a drop of his own blood for use in the lab under a protocol entitled, “Investigator Self-Collection of Blood Via Finger Prick for Use in Hemagglutination Assays.”
Rather than continuing to fight the bioethics committee, Buck went to his home kitchen instead. Buck says he was inspired by the longstanding tradition of self-experimentation in biomedicine, including the relatively recent activities of the Rapid Deployment Vaccine Collaborative (Radvac) (NOTE: I currently work for Radvac on an AI-based antivirals project).[4] Radvac was launched by veteran scientists in the earliest days of the SARS-CoV-2 pandemic for the purpose of creating and self-administering vaccines using relatively simple existing technologies.
Continuing this tradition and using his personal resources in his free time, Buck set up a miniature molecular biology lab, ordered synthesis of the needed plasmid DNA, transformed it into yeast, and brewed the world’s first batch of vaccine beer. In honor of his Lithuanian collaborators who shared the BKV VP1 yeast with his lab, he chose a farmhouse strain from Pakruojis, Lithuania.
He began consuming his batch as soon as he saw green fluorescence in the suspended yeast cells (this was an indicator for the production of the BKV VP1 immunogen). Buck says that the beer was among the most delicious homebrews he’s ever made.
The above figure shows the result of Buck’s experiment. The beer icons below the X axis represent five-day dosing windows. The beer was dosed several times to study how the antibodies increase and to look for the development of oral tolerance. Prior to consuming the beer, Buck had antibodies for BKV type I but not Type II or IV. The vaccine contained shell protein from BKV Type IV, but resulted in the production of antibodies that neutralized both type II and IV.
Oral vaccines are not new. A letter from 1768 describes how people living in or near modern-day India sometimes employed an oral method of smallpox variolation as a less painful alternative to scratching dried smallpox scabs into the skin. While the skin-scratching method was thought to be superior, the oral method was sometimes used with pain-averse children and was found to “produce the same effect”. A small amount of dried smallpox scabs were simply mixed with sugar and swallowed by the child.
The first widely used oral vaccine appeared for poliovirus in the mid 1950s, and it consisted of a live weakened form of the virus. Polio naturally infects the lining of the intestines, so an oral vaccine made good sense. The FDA has also approved vaccines for typhoid, cholera, rotavirus, and adenovirus types 4 and 7.
The typhoid vaccine consists of live attenuated typhoid bacteria and was approved by the FDA in 1989. The cholera vaccine contains killed cholera bacteria plus a recombinant cholera toxin B subunit, and was approved in 2016. The FDA has approved two oral vaccines for rotavirus which consist of live but weakened virus. The Army gives new recruits a vaccine against Adenovirus Types 4 and 7 which consists of live virus. Interestingly, the Army’s vaccine consists of live virus in enteric-coated tablets. The adenovirus infects the intestinal lining. However, since the virus is more “at home” in the respiratory tract than the intestinal lining, the illness is much less severe. Still, the vaccine is known to make people feel sick for a few days. Buck has thought about offering Army recruits a yeast-based vaccine for adenovirus and then monitoring them to see if it prevents them getting ill when taking the standard live adenovirus vaccine.
Despite the notable successes covered in the last section, oral vaccines face big challenges - they must survive the harsh environment of the stomach and then trigger an immune response from within the gut. The immune system has evolved not to respond strongly to novel substances found in food - otherwise you’d get a massive amount of inflammation every time you tried a new food. When a novel substance is consumed, the immune system looks for danger signals like inflammation. If none are detected, regulatory T cells may be created that actually dampen any immune response to that substance.
The current thinking in immunology is that oral vaccines must trigger an initial inflammatory response, otherwise they risk triggering tolerance to viral antigens - the exact opposite of what they are intended to do. They also must do this while keeping side effects within a manageable range. Current oral vaccines are known for side effects like abdominal pain, nausea, and diarrhea.
Given all this, one may wonder why the yeast vaccine stimulated an immune response and didn’t induce tolerance. While baker’s yeast is harmless, polysaccharides on the cell wall of yeast can stimulate an immune response in some situations, and that might be what’s happening here. Buck has a hypothesis that the VP1 immunogen binds to immune presentation cells in the small intestine called M cells, which trigger an immune cascade leading to antibody production. Both the cholera toxin subunit used in the Dukoral oral cholera vaccine and BKV VP1 particles bind to gangliosides which are known to be present on the surface of intestinal M cells.
Yeast-based vaccines open up interesting avenues for research. For instance, painful bladder syndrome, which affects about 0.5% of people in the United States, is associated with high-level shedding of BKV in the urine (or its close relative JC polyomavirus). Unfortunately, the association doesn’t conclusively prove that polyomaviruses cause painful bladder syndrome, and pharmaceutical companies are unlikely to develop a vaccine to prevent or cure painful bladder syndrome unless a causal link has been demonstrated. In lieu of that, people with painful bladder syndrome could consume yeast-based products designed to enhance the immune system’s response against BKV and then see if the bladder pain goes away.
In a recent video, Buck mentions that polyomavirus has been found in the brain in rare cases, which he argues makes it a possible suspect in the etiology of Alzheimer’s disease. With nearly everyone already infected with polyomavirus, establishing a link between the virus and Alzheimer’s or bladder cancer is very challenging. Now, people can consume a polyomavirus vaccine early in life, and long-term follow-up can look to see if there is any reduction in Alzheimer’s or bladder cancer relative to a matched control group that didn’t consume that vaccine.
There is a strong theoretical case that yeast-based vaccines should reduce vaccine hesitancy. For one thing, lipid nanoparticles, mRNA, and viral vectors sound scary and exotic, while yeast is a familiar constituent of beer and sourdough bread.
As discussed above, there has not been a need here to add adjuvants, which are compounds that are often added to vaccines to stimulate an immune response. Adjuvant compounds like aluminum salts and thimerosal have previously raised the hackles of vaccine skeptics.
Most notably, between 20-30% of adults have a strong fear of needles, and a systematic review estimated that around 20% of people avoid getting the flu vaccine simply due to needle fear. Needle fear is tied into a universal human cognitive bias called the horn effect. Simply put, the horn effect principle says that when a scary thing regularly co-occurs with a harmless thing, the harmless thing becomes scary. One may argue that needles, as sharp objects, are inherently scary, creating an obvious horn effect around vaccines. But there is also a horn effect around needles themselves. Alex Tabarrok points out that needles often appear in the context of serious illness inside hospitals, and thus are associated with “serious medicine” – scary stuff. Thus, it’s not surprising that psychologists think that much of vaccine hesitancy is driven by needle fear. It’s interesting that pills are readily consumed under a doctor’s recommendation, even though the substances they contain are often far more dangerous than vaccines.
Naturally, we can expect many people will be cautious when it comes to consuming a “beer vaccine”, especially if it hasn’t gone through large scale clinical trials. However, as a growing number of people create and consume yeast-based vaccines, confidence in them will grow.
While large, well-conducted randomized Phase III trials are essential for accurately quantifying effectiveness, the FDA’s requirements for lengthy Phase III trials before people are allowed to take a vaccine makes vaccines look scary. As Buck told Futurism news: “Our response for the past half century has been to imagine that we can rebuild public trust in vaccines with displays of increasingly stringent FDA approval standards. This approach backfired. Imagine if I set out to do safety testing on a banana, and I dressed up in a hazmat suit and handled the banana with tongs… you’d think: ‘wow, it looks like bananas might be about as safe as nuclear waste’.”
Buck believes it is likely possible to create yeast-based vaccines for bird flu or SARS-CoV-2. This is a somewhat bold claim, but it’s well worth considering the implications for biosecurity.
Current SARS-CoV-2 vaccines help prevent hospitalization and death, but are highly suboptimal as they do a very poor job of preventing infection. This is because they mainly induce systemic immunity (IgG antibodies) but do a poorer job of inducing mucosal immunity (IgA antibodies). IgA antibodies secreted in mucus can provide a critical “first line of defense” against a virus right where it is most likely to enter the body - the nasal passageway.
A strategy that could be explored with yeast-based vaccines is called “prime and spike”. This consists of using an adjuvanted injectable vaccine followed by an unadjuvanted nasal vaccine. Roughly speaking, the injectable vaccine stimulates systemic immunity while the nasal vaccine stimulates mucosal immunity. A yeast-based SARS-CoV-2 vaccine sprayed in the nose of someone who has already taken an injectable SARS-CoV-2 vaccine could induce robust mucosal immunity throughout the nasal passage, potentially reducing infection risk dramatically.
During a pandemic, yeast could be distributed rapidly in a decentralized manner via two complementary form factors - dried yeast chips and beer. (An important exception here is the EU, where cultivating GMO yeast is illegal unless authorized by regulatory authorities.[5]) The dried yeast could be eaten either as chips or crackers or packed into (possibly enteric) capsules.
An advantage of beer is that every microbrewery in the country is equipped to produce it in bulk. Buck has already spoken with breweries that are interested in brewing vaccine beers, and there are many kidney transplant patients interested in consuming them. Given the positive response Buck has gotten already to his vaccine beer for the relatively obscure polyomavirus, during a pandemic it’s easy to imagine many microbreweries would want to make vaccine beer available in their community, and that many people would be interested in consuming them.
Although most standard beers are fermented for at a week to allow the flavor to mature, Buck says that Scandinavian and Baltic farmhouse styles are designed to be consumed within a few days of brewing. The production of dried yeast “chips” is faster than beer production, but not radically so. Starting from a small amount of yeast, growing enough yeast to create a batch of chips would likely take a few days. Next, the yeast needs to be air-dried or loaded into a food dehydrator at low temperature. This typically takes another day or so. Research shows that yeast-based vaccines can remain shelf stable for a year or longer.
Animals can be vaccinated easily en masse — farmers can respond to bird flu simply by sprinkling the yeast in feedstock.[6] Recently, the USDA invested 2.5M in yeast-based vaccines that display the hemagglutinin protein found on three H5N1 strains of the avian flu.
Obviously the biggest win here is the ability to produce vaccines in a decentralized manner and start distributing them to people in weeks rather than waiting for EUAs from the FDA, which we saw were very slow or never happened during the pandemic. Clinical trials to study safety and effectiveness would be held in parallel. Selling GMO yeast is legal in the US as long as the products are not labeled or promoted as treating any particular disease. Yeast vaccines could be sold for “boosting the immune system”, a general-purpose claim already found on many products. For more on how to sell GMO yeast legally as a Generally Recognized as Safe (GRAS) food product, see this post.
A notable precedent is Lumina Probiotic, a GMO bacteria that does not produce lactic acid, which is responsible for tooth decay, cavities, and bad breath. It is completely legal to sell as long as it is not sold for preventing cavities. Another precedent is the company Evolv, which sells a supplement containing GMO yeast that expresses a GLP-1-like peptide. I can’t help but also mention ZBiotics, which sells a GMO probiotic bacteria that’s been modified to produce an enzyme similar to the one your liver uses to process ethanol.
Currently Buck is planning Phase I human trials of the BKV vaccine, and starting research into yeast-based vaccines for the flu, COVID-19, and adenovirus.
Chris’s brother has started Remy LLC, a company chartered to sell food-grade GMO yeast products.
Radvac, where I work on AI for antiviral repurposing, has just started a new research program focused on yeast-based vaccines.
Thank you to Chris Buck for providing extensive comments on an early draft of this piece, and to Preston Estep for proofreading.
Buck says that in his own surveys, about 90% of people have antibodies for BKV which is in line with existing research. In the remaining 10%, Buck hypothesizes that those people may have been infected but with a low-grade fever that was never fulminant enough to elicit an antibody response.
This is consistent with work from 2023 which showed that yeast genetically engineered to produce a GLP-1-like peptide can survive long enough to produce significant quantities of the peptide in the intestinal tract of mice.
Registering compounds being studied in humans as INDs is a standard practice at NIH to ensure that clinical trials are done in compliance with the FDA’s strict regulations. Registering as an IND also helps with intellectual property claims. However, Buck did not want to register the yeast as an IND not only because of the paperwork involved but also because if the FDA grants an IND for a food/supplement, then it usually ceases to be a food/supplement and becomes a drug in the FDA’s eyes. Given the stakes, Buck was not willing to take that risk, and rightly so.
Another famous self-experiment was Barry Marshall’s consumption of helicobacter pylori to prove that the bacteria cause stomach ulcers. In the 1950s, Jonas Salk vaccinated himself, his wife, and his children to prove the safety and efficacy of his inactivated polio vaccine before clinical trials. Scientists are the ones who best know the risks of what they are undertaking and those who are willing to take risks for a good cause should be lauded for doing so. Banning scientists from participating in their own research is not that different from banning firefighters from running into a burning building.
GMO foods are generally banned in the EU, and so far it does not appear the EU has legalized any GMO yeast strain. This is in stark contrast to the US, where a variety of GMO yeast strains are popular among American brewers. (The most popular strain produces lactic acid, a souring agent, and there are others that produce fruity flavors). These GMO yeast strains are illegal to cultivate in the EU, even for personal consumption.
Buck points out that many breweries and distillers routinely donate the spent grain from the fermentation tanks to farmers so they can use it as chicken or cattle feed. If a distiller were to use a version of their usual yeast strain that expresses a vaccine immunogen, the livestock vaccination process would become an automatic free byproduct of the existing supply chain.
