Discover our main three benefits
Confidential‑Computing‑Backed Privacy Guarantees
Zero‑Knowledge Execution – Every request is processed inside a hardware‑isolated Trusted Execution Environment (TEE). Data remains encrypted‑in‑use, never exposed in clear‑text to the host OS, hypervisor, or any external service.
Ephemeral, No‑Log Policy – Conversation payloads are held only for the duration of the compute enclave's lifetime and are then cryptographically shredded. No persistent logs, audit trails, or metadata are retained.
Zero‑Knowledge Encryption – End‑to‑end encryption keys are generated per session and are never exported from the enclave. Even our operators cannot read or export the plaintext data due to guarantees of HPKE-enabled encryption protocols.
No Model‑Training – User‑provided inputs are excluded from any training, fine‑tuning, or reinforcement pipelines. Your data never contributes to model evolution.
API‑Level Guarantees – All API calls are TLS‑protected in transit, with optional HPKE encryption, and processed under strict policy enforcement that audits every enclave launch.
Customization
We empower you to work with the AI front‑end you trust most.
Bring your own interface – Connect any preferred UI or client to our Confidential‑Computing‑enabled API. Your requests are processed inside hardware‑isolated enclaves with zero‑knowledge encryption, so the data never leaves your trusted stack.
Or use our native web‑chat – The built‑in chat interface is secured with end‑to‑end encryption (E2EE) by default, giving you the same strong privacy guarantees without any extra integration work.
Either option lets you tailor the interaction model, workflow, and look‑and‑feel to fit your exact needs while keeping full control over data provenance and protection.
Anonymous‑First Support
We require zero personal information upfront—no name, no email, no phone number required to get started. Your privacy is our default.
Signal & Delta Chat Support – For consulting, technical issues, or any questions, reach out through Signal or Delta Chat—both offering true end‑to‑end encrypted (E2EE) communication channels. No metadata logging, no account linkage, just secure, direct support when you need it.
On‑Your‑Terms Assistance – Whether you prefer asynchronous chat or scheduled calls, our team adapts to your communication preferences while maintaining the highest privacy standards.
Get expert help without compromising your identity or leaving a digital trail.
What happens when you ask Oryxen a question?
The same process at your level of depth
For Everyone
What happens when you ask Oryxen a question?
Your message is turned into a secret code before it leaves your screen. This code travels safely through the internet to our computer. Once there, it enters a locked room that no one else can open — not even us. Inside this room, the computer reads your message, thinks about the answer, and writes it down. Then the answer is turned back into a secret code, sent back to your screen, and unlocked so you can read it.
At no point does anyone see your original message in plain text. We do not keep a copy. We do not use it to teach our AI. And we never ask for your name, email, or phone number to make this happen.
For Developers
Request lifecycle
When your client calls POST /v1/chat/completions, the payload is optionally encrypted with HPKE using a per-session ephemeral key pair derived from the TEE's attestation report. The request travels over TLS 1.3 to the edge ingress, where the enclave identity is verified via RA-TLS.
Inside the enclave:
- The payload is decrypted within the TEE boundary
- The model weights are verified against a known-good hash (dm-verity)
- Inference executes on the GPU in TEE mode (AMD SEV-SNP or NVIDIA TEE)
- The response is encrypted with the session key and returned
The client is standard OpenAI-compatible. No enclave tooling, no SDK, no attestation client required on your side.
const response = await fetch('https://api.oryxen.ai/v1/chat/completions', {
method: 'POST',
headers: { 'X-API-Key': apiKey },
body: JSON.stringify({ messages, stream: true })
});For Experts
Attestation model and cryptographic guarantees
Attestation chain: TPM 2.0 EK-cert chain → UEFI measured boot with Secure Boot → dm-verity rootfs verification → container image hash check → model weight immutable storage (read-only, no runtime mutation) → GPU TEE launch attestation (AMD SEV-SNP or NVIDIA TEE) → periodic RA-TLS heartbeat every 30s with signed SGX/SEV quote.
Cryptography: HPKE (RFC 9180) with P-384 + AES-256-GCM for request/response encryption; HKDF-SHA384 for key derivation; SHA-384 for integrity verification. Ephemeral per-session keys generated inside the enclave, never exported.
Threat model: host OS compromise tolerated, hypervisor escape tolerated, cloud-provider insider access tolerated. Residual attack vector: TEE side-channel extraction or microarchitectural leakage, mitigated by constant attestation (heartbeat), enclave lifecycle isolation (no persistent state), and periodic enclave rotation.
Compliance mapping: GDPR Art. 32 technical measures, ISO 27001 A.13.1 cryptographic controls, SOC 2 CC6.1 logical access security.
How Oryxen Keeps Your AI Requests Secure
The BIOS checks its own code. If anything changed, it stops immediately.
The operating system only loads after passing every hardware check.
The AI engine runs in a locked box, completely separate from the host computer.
The AI 'brain' is checked against a known-good fingerprint.
Once loaded, the weights are locked. Nothing can change them.
Even the graphics card runs in an encrypted, protected mode.
The AI processes your request.
'Am I still running real code?'
A guardian checks the proof.
End-to-end encrypted, tamper-proof.
Do you want to understand more? Read our guide
Frequently Asked Questions
Here are some common questions about our company.
We prioritize your privacy with zero-access encryption and secure enclave processing. Your conversations are never stored or shared, and your data is never used to train our AI models. We don't require any identifying information to sign up and get started.
No, your data is never used to train our AI models. We believe your personal information should remain yours alone. All inputs and conversations are kept private and are not incorporated into our training data or shared with any third parties.
Oryxen AI is available for any system which handles REST APIs. Our web chat works with any modern browser since 2024; due to the requirement of Web Crypto API for strong end-to-end encryption between our app server and your browser.
Yes, we offer hourly consultation for all users. Our team is available to help you with setup, customization, and any questions you may have about working with Oryxen AI. See our pricing plans for details.