Skip to content

Guarantees

Standard tier guarantees

  • No raw data transmission
  • Local transformation only
  • Explicit boundary enforcement
  • Deterministic output
  • No identity mapping output

Attested tier (preview)

  • Attestation evidence is emitted
  • Output binding is verifiable with AttestationVerifier
  • Simulator mode yields warnings (no platform authentication)
  • Signature chain validation is in progress

Non-guarantees

  • No claims are made about external model behavior
  • Simulator mode does not provide hardware-backed guarantees
  • Fully compromised hosts are out of scope

Boundary enforcement model

flowchart LR
  rawData[RawLocalData] --> transform[LocalTransform]
  transform --> boundary[BoundaryCheck]
  boundary --> safeOutput[SafeReasoningContext]
  safeOutput --> external[ExternalModelOrService]

Prev: Native Enclave Runtime | Next: Threat Model