What is Attested Confidential Inference (ACI)?
What is Attested Confidential Inference (ACI)?
It is inference served by a gateway running in a TEE that proves its own identity with an
attestation report and signs a per-response
receipt binding your request and response to that attested workload.
You verify the proofs yourself rather than trusting an API’s word.
What is the difference between a confidential and a routed response?
What is the difference between a confidential and a routed response?
A confidential response runs on an upstream enclave that the gateway verifies before forwarding
your prompt, fail-closed. A routed response passes through the TEE gateway but the upstream is not
attested and sees your prompt. Confidentiality is a property of the verified upstream provider, not
of the model id; confirm it per response from the receipt’s
upstream.verified event
(result = verified, required = true). See How it works and
Trust boundary.Can the platform read my prompts?
Can the platform read my prompts?
Plaintext is visible to the attested gateway after TLS or E2EE decryption, because it has to
process the request. The gateway is a reviewed workload running in a TEE and does not retain
request or response bodies. It does not mean no software ever sees
the request. For the exact boundary, read Trust boundary.
Does E2EE hide my request from the gateway?
Does E2EE hide my request from the gateway?
No. E2EE encrypts selected fields to a key from the attested
keyset, and the gateway decrypts them inside the TEE to process the request. E2EE proves the
decryption key belongs to the attested workload; it does not hide the request from that workload.
How do I prove a response was genuinely confidential?
How do I prove a response was genuinely confidential?
Verify the attestation report, then fetch the
receipt by its
x-receipt-id and confirm
upstream.verified.result = verified and required = true. The full procedure is in
Verify a response.What does the nonce in the attestation report do?
What does the nonce in the attestation report do?
The gateway binds your nonce into the hardware-signed quote’s
report_data. A report that commits
to a nonce you just generated cannot be a replay of an older capture, which is how you prove
freshness. Use a new random nonce each time.What does the gateway store?
What does the gateway store?
Receipts, which hold hashes of your request and response, not the content. The gateway does not
store request or response bodies. Receipts are retained for a configurable window.
Which providers run confidential models?
Which providers run confidential models?
Tinfoil, NEAR AI, Chutes, and Phala-backed enclaves, among others the platform adds over time. Each
enforces a channel binding and attests a set of
typed claims. The receipt’s
upstream.verified.provider records
which provider served a given request. See Providers.Which verification endpoints should I use?
Which verification endpoints should I use?
The canonical endpoints live under
/v1/aci/: GET /v1/aci/attestation,
GET /v1/aci/receipts/{id}, and GET /v1/aci/sessions/{id}. The older
GET /v1/attestation/report and GET /v1/signature/{id} remain as legacy compatibility aliases that return the same data in a legacy envelope. Use the /v1/aci/*
endpoints for new integrations.