Private Inference
Follow a single request through the confidential inference pipeline
1
2
3
4
5
1
Trust Bootstrapping
Before the first request, the client contacts the KBS (Key Broker Service) to establish a trust anchor. It fetches the mesh CA certificate and reference measurements — the expected launch digest, minimum TCB version, and policy hash. These are cached locally for all subsequent verifications.
With Lunal: The KBS is the root of the trust chain. It can run inside a TEE (verified by its own attestation) or be an auditable open-source component. Once verified, everything else follows.