Confidential AI Infrastructure

"Trust us" is not
a compliance strategy.

Cyntrisec runs AI inference inside hardware-isolated enclaves and delivers a cryptographic receipt for every request — turning "trust us" into "verify this."

Request a Pilot Technical Docs →
ephemeralml verify receipt.cbor
$ ephemeralml verify receipt.cbor

Execution Receipt (AIR v1)
────────────────────────────────────────
receipt_id68796942-19cf-4b60-a17c-91e5a0de8555
modelminilm-l6-v2 v1.0.0
platformGCP Confidential Space (TDX)
formatCOSE_Sign1 + CWT (RFC 9052/8392)

Hashes
────────────────────────────────────────
input_hashsha256:a1b2c3d4e5f6...abcdef
output_hashsha256:f6e5d4c3b2a1...fedcba
model_hashsha256:9f8e7d6c5b4a...fedc01

Verification
────────────────────────────────────────
signatureEd25519 VERIFIED
attestationHardware measurements PASS
air_verify11/11 mandatory checks PASS

$
3/3
GCP TDX pilot verified
AIR v1
IETF Internet-Draft
2
crates.io packages
sha256
manifest-backed identity
How It Works
Request. Confine. Prove.
Request
OpenAI-compatible API. Change base_url.
Confine
Attested hardware enclave. Host sees ciphertext only.
Prove
Signed AIR v1 receipt. Verify offline.
Environment
Workload
Model

For regulated workflows, you don't just get an output. You get evidence you can verify later.

The receipt covers model identity, data hashes, and hardware attestation — mapped to controls your compliance team already tracks.

We cryptographically verify the confidential execution environment and policy-bound identity of the workload. Model weights are measured inside the TEE from decrypted bytes. Additional model artifacts are bound via a signed manifest.

Model Identity Coverage
AIR hash scheme: sha256-manifest
weightsbound
tokenizerbound
configbound
adaptersnot bound
Layer 1: Environment
Hardware attestation

GPU/CPU attestation proves hardware platform and confidential computing mode — not which model was loaded.

Layer 2: Workload
Identity verification

Policy-bound attestation verifies expected container image, project, zone, issuer, and nonce freshness.

Layer 3: Model
Integrity binding

Weights hashed inside the TEE from decrypted bytes. Signed manifests bind tokenizer and config.

Pilot Completed

Insurance workflow on GCP TDX. 3/3 requests, 3/3 receipts verified offline.

3/3
Verified
TDX
Platform
AWS Nitro
GCP TDX
H100 CC
Azure SEV-SNP
IETF Draft
NIST Comment
Open verifier
Research & Evidence
Proof, not just posture

Technical notes for security, compliance, and platform teams evaluating confidential AI inference.

What "cryptographic proof of AI inference" actually means

Why GPU attestation does not prove model identity

How AIR receipts bind request, response, and model identity

Logs vs receipts for regulated AI workflows

Insurance pilot on GCP TDX: what we verified and what we did not

Healthcare
Receipt fields map to HIPAA 164.312 controls: access, audit, integrity, transmission security.
Finance
SEC 2025 examination priorities include AI risk. Receipts provide audit evidence for model governance.
Legal
Attorney-client privilege demands provable data isolation with verifiable evidence.

Let's scope a pilot

If you run AI in healthcare, finance, or legal — and need auditable, hardware-proven confidentiality with verifiable receipts.

Request a Pilot Talk to Engineering Docs →
Sources
  1. Cloudera, April 2025. ~1,500 IT leaders. cloudera.com