OpenAI found that paying developers could not access the AI coding agent for several days because flawed fraud-prevention logic depleted the Codex credit stock. The incident resulted in three total usage resets and raised new concerns about the reliability of AI tools, which have limited usage due to their computational demands.Thibault Sottiaux, a member of the Codex engineering team, documented the incident in several X posts on June 28th and June 29th. This prompted the Codex team to work through the weekend in a “war room” to investigate the system logs to determine the cause of the issue.The systemic abuse and fraud prevention system was found to be the cause of users being unintentionally rate-limited, as confirmed by OpenAI’s status page.What went wrong Developers began experiencing strange credit depletion sometime around the middle of June. By June 25, many developers had taken to GitHub and social media to report that token consumption was significantly higher than what would typically be seen for doing these same tasks. Livestreams from KuCoin News, which used data from the Beating monitoring site as a source, estimated usage of some accounts to be 10 to 20 times more than normal.Those who subscribed to OpenAI’s Pro plan ($200/month) reported a rapid depletion of the $40 supplementary credits (i.e., in a matter of hours). There were also multiple reports of budgets set aside for 5 hours of coding being consumed by only a few prompts. There was even a software engineer on X who stated that he burned through one week’s worth of usage in one day across two sessions.Sottiaux confirmed, on June 28, that this was an issue of concern to him and felt there was no doubt about the scope of the problem. “Codex team is in a war room on a Sunday combing through logs and checking whether there is anything that could lead to increased usage drains for some users,” he wrote. “Taking it very seriously and won’t rest until we get to the bottom of it.”Codex team restores usage with three resetsOpenAI gradually revealed its plan to help its users following reports that Codex is being used at an accelerated rate. Sottiaux did a hard reset on all of the Codex usage limits by June 28, which also reset users’ previously banked resets (maximum of three). He also promised to give manual resets to any user who was still impacted.By the next day (June 29), the team had discovered that multiple vulnerabilities in the Codex rate limiting infrastructure caused the unexpected usage of Codex. There was a third full reset, and Sottiaux posted that all users would receive one additional banked reset that could be used within 24 hours.He said that they had received several reports that Codex was being used at a rate faster than was originally anticipated and stated that “there was not one central problem”. Preliminary repairs were completed at this time.The unfortunate timing of this incident was highlighted by Sottiaux, as the calendaring system at OpenAI had this same timeframe as “RESET week” for an unrelated initiative.Compute limits strain AI coding workflowsThe Codex issue comes at a time when there is a noticeable restriction of access to compute by AI companies. In March, there were two significant issues regarding usage limitations by Anthropic with its Claude product due to high-volume use.Also, during that same month, there was an outage of Claude due to a bug that caused an outage, which made many professional developers to realize just how reliant they have become on using an AI-based product to assist with their coding, in that there were many who complained publicly about having to code manually due to the lack of access.OpenAI also had a separate outage of Codex in June where just three days before, they had experienced three stability issues that occurred within a 24-hour period that forced Sottiaux to change the usage limits across all of the paid plans, and told the users that “May the tokens flow again”.As the market evolves, there has been a clear structural tension between AI companies as they are beginning to eliminate unlimited fee-based pricing due to the demand for inference-type compute is far exceeding capacity.OpenAI implemented a bank-reset type system on June 12th that allows users of Codex-based products on Go, Plus, Pro, and Business-type subscription plans to initiate one manual reset of their quota and utilize that at their discretion, which does recognize that the rigid cool-off windows are frustrating developers when they are in the midst of their work. However, as was demonstrated with the credit drain bug, this also demonstrates that the metering is a critical component of such a system.Developers who are trying to develop workflow processes that incorporate AI-based coding assistants will continue to be limited by the multiple usage interruptions to develop future plans. Developers that are scheduling their time based upon the established usage windows (something that has been reported by Business Insider and is increasingly becoming the norm) will continue to have compounded lost productivity.OpenAI will continue to monitor the situation and provide further updates after the investigation process has been completed. If you're reading this, you’re already ahead. Stay there with our newsletter.