TEE coprocessors for decentralized AI
Joined March 2018
- Tweets 2,121
- Following 347
- Followers 53,025
- Likes 2,195
403 Photos and videos
Pinned Tweet
3 Jan 2025
Wondering how to secure your AI agent within a TEE? We’ve got you covered!
Check out our latest post by @roshanrags @0xkrane @PrateekReddyy @0xlinguine:
Securing TEE Apps: A Developer's Guide
3 Jan 2025
Securing TEE Apps: A Developer's Guide
In this post, @roshanrags, @PrateekReddyy, @0xlinguine and @0xkrane explore the features that have made TEEs popular for crypto x AI, discuss security concerns and lay out some practical solutions to build TEE applications
47
77
248
93,470
Jun 2
Meta's Private Processing puts AI inference inside a TEE. The host sees encrypted memory. Nothing else.
Secure enclaves. Encrypted processing. Anonymous routing. Verifiable code. This is the new standard for private AI.
How the full stack fits together: ppc.land/metas-whatsapp-inco…
7
3
112
8,332
Jun 2
TEEs solve a core AI problem:
Models need plaintext to run, you can't compute on ciphertext. Usually, that means trusting the server.
With a TEE, decryption happens inside a sealed enclave. The operator provides compute but can't see the data, removing the trust assumption.
2
10
1,600
Jun 2
TEE-based inference doesn't have to be built in-house by each provider.
Marlin provides it as open, verifiable compute infrastructure. Same hardware guarantees. No proprietary stack required.
Learn more: docs.marlin.org/oyster/intro…
7
1,356
May 27
TACo has announced a transition in stewardship to the World Ethical Data Foundation (WEDF), with a planned network relaunch later in 2026.
What this means for the Oyster Key Management Service (KMS) 🧵
We've been quiet on X for 6-ish months, but a lot has happened behind the scenes. TACo fully exited the @ThresholdAC network, expanded the access condition framework, increased support across various EVM chains, and completed numerous secure handovers of cryptographic material between nodes – demonstrating the network's unique resilience in a distributed paradigm.
Through it all, the technology has reached maturity. In the last couple years, TACo has underpinned real-world, high-stakes data sharing patterns; including delivering inheritance information to beneficiaries without trusted middlemen, managing decryption rights for valuable digital media libraries, and securing back-up root keys for TEEs.
6
7
69
4,137
May 27
Practically, the KMS can operate even while TACo nodes remain unavailable.
However, there is a caveat: if all current KMS nodes were to go down, the ability for enclaves to derive secrets from the KMS will be lost forever.
1
1
9
1,056
May 27
When TACo relaunches under WEDF stewardship and/or Seal (research.marlin.org/t/additi…) launches on mainnet, a new KMS root seed ceremony can be performed against the relaunched network. That ceremony would re-establish a root seed backup for the new operational setup.
1
1
8
904
May 20
He’s enjoying those readable inputs a bit too much
Make everything confidential
4
36
90
15,631
May 15
Marlin’s Key Management Service (KMS) is set to feature another recovery path.
This is powered by Seal on @SuiNetwork and enforced via Sui smart contracts, operating independently from the existing Threshold Network backup.
research.marlin.org/t/additi…
4
19
50
9,545
May 15
Think of it as two separate vaults for the same critical key, each built on a different system with its own access rules. If one path fails, the other continues working. Neither can be unlocked without clearing multiple layers of independent authorization.
1
1
12
1,866
May 15
What keeps this secure: the key material is never exposed to outside servers during backup. Recovering it means clearing multiple independent checks. Access policy sign-off, hardware-level verification, and threshold server availability all have to pass.
1
12
1,565
May 13
If you’re not happy single, you won’t be happy in a relationship.
True happiness comes from verifiable state transitions and knowing your data never left the enclave.
7
16
48
8,631
May 7
AWS now supports TPM-based EC2 instance attestation.
Like Nitro Enclave attestation, it gives software a way to prove its identity and boot state cryptographically, instead of relying on “trust me.”
5
12
54
12,102
May 7
For Marlin Oyster SDK users, the goal is to make this verification easy.
Developers should be able to check an EC2 instance’s attestation before trusting it, without becoming experts in TPMs, certificates, or AWS internals.
1
1
13
1,433