Building in public · Base L2 · Confidential AI

Confidential AI Compute.
Verified On-Chain.

DePIN infrastructure for AI training and inference on regulated data. Hardware-enforced privacy in TEE enclaves, cryptographic attestation anchored to Base L2.

01 / NETWORK
A mesh of confidential compute nodes
Independent providers, each running a hardware-secured enclave.
02 / TARGET NODE
Zooming into a single provider
A workload is routed to one node's Trusted Execution Environment.
03 / INPUT
Sensitive data enters the enclave
The prompt is encrypted in transit — readable only inside the boundary.
04 / SEALED
Memory encrypted at silicon level
The boundary locks. Data is now isolated inside the hardware.
SHA-256 COMMITMENT · COMPUTING…
________________________________________________________________anchored on Base Mainnet · tx 0x7028…5c5b ↗
05 / COMPUTE
Inference runs inside the boundary
GPT-2 · 124M params in an AMD SEV enclave. Data is in clear only inside.
06 / ATTESTATION
The session is hashed into a SHA-256 commitment
A cryptographic commitment is produced — proof, not data.
07 / VERIFY
Anchored on Base Mainnet
Only the commitment leaves the enclave. Anyone can verify it on-chain.

Attestation contract

Base Mainnet

TEE hardware

AMD SEV (PoC)

Contract suite

v1.16 · 16 contracts

Privacy

Hardware-Enforced

AMD SEV-SNP and Intel TDX enclaves isolate AI workloads at silicon level. Node operators cannot read your data. Privacy is a CPU guarantee, not a policy.

Attestation

Cryptographically Verified

Every compute session emits a hardware-signed attestation report. The commitment hash is anchored on Base L2 before execution. Verifiable forever.

Settlement

Trust-Minimized SLA

Smart contracts handle session opening, workload commitment, and payment. SLA breaches trigger automatic on-chain slashing. No centralized arbiter.

The Problem

Regulated sectors cannot run AI on sensitive data today.

No compliant pipeline exists for training AI on highly protected datasets—from clinical trials and patient genomes to non-public financial records and legal archives. Organizations face a binary choice: deploy on public clouds and accept legal exposure, or build internal HIPAA/GDPR/MiFID-compliant infrastructure at enterprise capex scale.

The Solution

Neurolix Protocol delivers the missing third option: confidential compute as a network primitive. By anchoring verifiable cryptographic proofs of isolation to a public blockchain, Neurolix enables secure, decentralized AI without data exposure.