Every confidential response ships a signed receipt, anchored on Sui. Paste one to check it yourself — the anchor and signature here, the Intel TDX quote via the CLI on your machine.
The upstream proves it's a genuine GPU-TEE with a hardware attestation report — and publishes the keys it signs with.
Each response gets a receipt binding your request + response hashes to that attested workload. Hashes, never bodies.
The receipt's hash is committed on Sui as a ReceiptAnchored event — public, tamper-evident, permanent.
t2 verify recovers the signature and re-checks the Sui anchor + Intel TDX quote — all client-side. No trust in t2000.
Every confidential response is one paste away from proof. Build on data you can check.