Confidential AI Models
Private LLMs.
Verified results.
Frontier inference without exposing prompts, tools, or memory.
OpenAI-compatible APIs run inside hardware-backed TEEs and return proof of the runtime that handled the request.
AI 调用承载的不只是提示词。
TEE 边界
Phala 隐私 LLM
Private AI calls prompts, keys, tools, and memory stay inside the runtime. providers route the request without becoming the trust boundary. Proof follows the answer. verify GPU, container, model route, and response. same API shape, hardware-backed receipt, private inference. streaming, tool calls, and agent memory keep their normal developer flow. auditors can inspect evidence without reading the prompt. users get answers plus runtime proof, not another black box.
Traditional AI
- Prompts, tools, keys, and memory can become provider-visible state
- Security depends on policy, contracts, and audit logs after the fact
- The model result cannot carry a hardware-backed runtime receipt
Confidential AI
- Inference runs inside TEE-backed infrastructure
- The runtime can be verified before the result is trusted
- Customers can inspect proof without operating on-prem GPUs
Private LLM catalog
Frontier models with private runtime.
OpenAI-compatible models with hardware-backed privacy and verification. Keep your SDK flow, change the endpoint, and copy the real call when you need it.
Integrate in minutes
Same SDK, Change Endpoint, Verify E2EE.
Keep your OpenAI-compatible client. Point it at the private endpoint, choose a Phala model slug, and read the proof when the output needs an audit trail.
selected proof
Private LLM Gateway
The OpenAI-compatible endpoint terminates inside the verified gateway boundary.
AI 解决方案路径
在 AI 触及密钥时使用隐私模型。
隐私模型端点是第一个入口点。同样的隐私原语也适用于代理、数据工作流和训练。
隐私 AI 推理
提供 OpenAI 兼容的模型调用,提示词、输出和客户上下文都需要在使用中加密保护。
DeepSeek V3.1
128K
$0.27/M input
Qwen3 Coder
256K
$0.40/M input
Llama 3.3 70B
128K
$0.15/M input
GPT OSS 120B
128K
$0.10/M input
Claude Sonnet 4.5
200K
$3.00/M input
Gemini 2.5 Pro
1M
$1.25/M input
隐私 AI 代理
在可验证的运行时中运行代理的密钥、工具、记忆和操作,而不是放在可见的自动化云中。
隐私模型训练
在保持数据集、梯度、检查点和评估轨迹处于边界内的同时,基于专有数据调整模型。
private training run
Observe without exposing weights.
01
dataset
sealed
02
fine-tune
running
03
eval
private
04
checkpoint
verified
loss curve
proof attached
attestation.json
隐私 AI 数据
将模型移动到敏感记录旁,在不向模型运营方暴露原始数据的情况下返回已批准的输出。
source
EHR data
source
Customer records
source
Internal docs
TEE clean room
query without raw access
approved output
aggregate only
问题
团队切换前会先问什么。
隐私 LLM 不只是另一个端点。它是在 SaaS 便利性与自托管 AI 基础设施之间的部署选择。
这和普通 LLM API 有什么不同?
普通 LLM API 要求你信任服务商边界。Phala 将模型调用运行在硬件支持的 TEE 中,并可附加运行时证明,展示请求受到了什么保护。
这与本地部署模型有什么不同?
本地部署带来控制权,但你要自行运维 GPU、模型服务、升级和容量。Phala 保留 API 工作流,同时增加隐私执行和可验证的运行时状态。
将隐私 LLM 集成到现有应用中有多难?
使用兼容 OpenAI 的 API 形态:修改 base URL,选择一个隐私模型 slug,并保留你现有的 SDK 或智能体框架。
支持哪些模型类型?
目录包含来自 DeepSeek、Qwen、Meta、Mistral、Google 和 OpenAI OSS 等提供方的编程、推理、通用聊天和开放权重模型家族。
客户如何验证数据已受到保护?
Trust Center 将证明报告转化为可审查的硬件、源码、运行时和网络验证状态视图。
什么时候应该使用专用隐私栈?
当您需要自定义模型、预留 GPU、按客户部署,或比共享推理拥有更强的合规与审计边界时,请使用专属技术栈。
