CPU-based TEEs (AWS Nitro Enclaves, AMD SEV, Intel TDX) have been around for a few years, but aren’t widely used because they are more akin to primitives than fully baked security solutions. We are trying to make this as user friendly and self serve as possible, with full verifiability by open sourcing the entire server that runs inside the enclave. So far we have not found any end to end verifiably private solution on the market that we could just sign up for to try, which was a big reason we started Tinfoil in the first place. We also strongly believe that verifiably private AI should be the norm, so the more players in the space, the better because a missing piece is market awareness and convincing folks this is actually possible and real.
Been building something along these lines for a while. At Qbix, we call it our QBOX. Full stack, using Nix for the base, and Nitro attestation. No SSH. We have the exact same approach — cron running and only downloading signed scripts and binaries from endpoints. But there is a lot more… Would be great to connect and maybe join forces.
Want to connect some time next Tuesday or Wednesday? https://calendly.com/qbix/meeting
Yes, excited to connect, scheduled a call! We used Nitro back in December when we were prototyping but moved to NVIDIA CC because we wanted to support LLMs.