Below are examples of attacks mounted by our watermark stealing attacker, copied from our experimental
evaluation (all examples here use
KGW2-SelfHash, see other experimental details
in
the paper).
Pick an example to see the corresponding texts. Enabling the
Watermark Detector perspective reveals
the color of each token and the prediction of the detector, i.e., if some text is detected as watermarked or
not.