Security

Verifiable Privacy & Attestation

Explore how Ollm provides cryptographic proof of privacy and execution integrity for every request.

Verifiable Inference Explained

Verifiable inference is the core security guarantee provided by Ollm. It ensures that privacy is not based on policy, contractual assurances, or provider claims, but on cryptographic proof tied to each individual request.

What “verifiable privacy per request” means

For every inference request processed through Ollm:

  • The model executes only inside a hardware-backed Trusted Execution Environment (TEE)
  • The execution environment produces cryptographic evidence of how and where the request was processed
  • That evidence can be independently verified by the customer

This means privacy guarantees are request-scoped, not platform-scoped. Each response stands on its own, with its own proof.

What is proven cryptographically

Using hardware attestation, Ollm enables customers to verify that:

  • The inference ran inside a genuine TEE
  • The execution environment was not tampered with
  • The environment matched expected security measurements
  • The response was generated within that trusted boundary

These proofs are anchored in hardware root-of-trust mechanisms, not software assertions.

What is guaranteed

Ollm guarantees that:

  • Prompts and responses are processed inside TEEs
  • Data is encrypted while in use
  • Inference execution integrity can be verified per request
  • Ollm does not access plaintext inference data outside secure enclaves

What is out of scope

Ollm does not claim to guarantee:

  • The semantic correctness or safety of model outputs
  • Protection against malicious prompts or model misuse
  • Security of client-side environments
  • Elimination of all supply-chain risks outside the attested boundary

These boundaries are intentional and explicit, allowing security teams to reason precisely about risk.

Attestation Flow

Attestation is the mechanism by which Ollm converts hardware trust guarantees into verifiable evidence that customers can inspect.

Request lifecycle and attestation timing

Request submission

The client submits an inference request to Ollm, explicitly specifying the model.

Secure execution

The request is forwarded to the selected model’s TEE-backed execution environment.

Measurement and attestation

During execution, the hardware records cryptographic measurements of the environment, including code and configuration state.

Signature generation

These measurements are signed using hardware-backed keys rooted in the platform’s trust anchor.

Response delivery

The model output is returned along with attestation artifacts tied to that specific request.

Hashes, measurements, and signatures

Attestation artifacts typically include:

  • Cryptographic hashes of the execution environment
  • Signed measurements attesting to environment integrity
  • Metadata linking the attestation to the specific inference request

These artifacts are tamper-evident and can be validated independently.

What customers can independently verify

Using the attestation data, customers can verify that:

  • The inference ran inside a genuine TEE
  • The hardware platform is authentic
  • The execution environment matches expected security properties
  • The response was produced within that verified environment

This enables auditable, defensible trust without relying on Ollm or model providers as intermediaries.

Supported Attestation Technologies

Ollm supports multiple hardware attestation technologies to enable verifiable inference across different execution environments.

Intel TDX Attestation

Intel TDX (Trust Domain Extensions) provides hardware-enforced isolation for virtual machines running on Intel CPUs.

When it is used

  • CPU-based inference workloads
  • Confidential virtual machine environments

What it guarantees

  • Isolation from host OS and hypervisor
  • Memory encryption and integrity
  • Verifiable measurements of VM state

Known limitations

  • CPU-bound performance characteristics
  • Model availability depends on provider support for TDX-backed environments

NVIDIA GPU Attestation

NVIDIA GPU attestation extends trust guarantees to GPU-based inference, enabling secure execution for high-performance LLM workloads.

When it is used

  • GPU-accelerated inference
  • Models requiring high throughput or low latency

What it guarantees

  • Verified GPU firmware and execution environment
  • Protection against unauthorized access during inference
  • Cryptographic proof of trusted GPU execution

Known limitations

  • Attestation scope is limited to supported GPU architectures
  • Guarantees apply to execution integrity, not model behavior

By combining hardware-backed execution, cryptographic attestation, and per-request verification, Ollm enables a security posture where privacy and integrity are provable, inspectable, and auditable, even in highly regulated or adversarial environments.

Security Model

How Ollm ensures provable privacy and verifiable execution for enterprise AI.

Requests & Responses

How Ollm structures requests, responses, and verification metadata.

On this page

Verifiable Inference Explained
What “verifiable privacy per request” means
What is proven cryptographically
What is guaranteed
What is out of scope
Attestation Flow
Request lifecycle and attestation timing
Hashes, measurements, and signatures
What customers can independently verify
Supported Attestation Technologies
Intel TDX Attestation
NVIDIA GPU Attestation