blind-llama

Name	blind-llama JSON
Version	0.0.2 JSON
	download
home_page
Summary
upload_time	2023-08-17 11:53:12
maintainer
docs_url	None
author	Mithril Security
requires_python	>=3.8,<4.0
license
keywords
VCS
bugtrack_url
requirements	No requirements were recorded.
Travis-CI	No Travis.
coveralls test coverage	No coveralls.

            <a name="readme-top"></a>

<!-- [![Contributors][contributors-shield]][contributors-url]
[![Forks][forks-shield]][forks-url]
[![Stargazers][stars-shield]][stars-url]
[![Issues][issues-shield]][issues-url]
[![Apache License][license-shield]][license-url] -->


<!-- PROJECT LOGO -->
<br />
<div align="center">
  <a href="https://github.com/mithril-security/blind_llama">
    <img src="https://github.com/mithril-security/blindai/raw/main/docs/assets/logo.png" alt="Logo" width="80" height="80">
  </a>

<h1 align="center">BlindLlama</h1>

[![Website][website-shield]][website-url]
[![Blog][blog-shield]][blog-url]
[![Docs][docs-shield]][docs-url]
</div>

 <p align="center">
    <b>Making AI Confidential & Transparent</b><br /><br />
   <!-- 
    <a href="https://blindllama.mithrilsecurity.io/en/latest"><strong>Explore the docs »</strong></a>
    <br />
    <br />
    <a href="https://aicert.mithrilsecurity.io/en/latest/docs/getting-started/quick-tour/">Get started</a>
    ·
    <a href="https://github.com/mithril-security/aicert/issues">Report Bug</a>
    ·
    <a href="https://github.com/mithril-security/aicert/issues">Request Feature</a>
  </p>
</div>

<!-- TABLE OF CONTENTS -->
<details>
  <summary>Table of Contents</summary>
  <ol>
    <li><a href="#-about-the-project">About the project</a></li>
    <li><a href="#-use-cases">Use cases</a></li>
    <li><a href="#-getting-started">Getting started</a></li>
    <li><a href="#-vision-and-roadmap">Vision and roadmap</a></li>
    <li><a href="#about-us">About us</a></li>
    <li><a href="#-contact">Contact</a></li>
  </ol>
</details>

## 📜 About the project

### Introduction

🛠️ **BlindLlama** makes it easy to use open-source LLMs by using **Zero-trust AI APIs** that abstract all the complexity of model deployment while ensuring **users’ data is never exposed** to us thanks to end-to-end protection with **secure hardware**.

🔐 To provide guarantees to developers that data sent to our managed infrastructure is not exposed, we have developed a **Zero-trust architecture to serve AI models**. 

Our backend has two key properties:

+ **Confidentiality**: Your data is **never accessible to us**. We serve AI models inside **hardened environments** that do not expose data even to our admins. All points of access, such as SSH, logs, networks, etc., are blocked to ensure the isolation of data.

+ **Transparency**: We provide you with verifiable **cryptographic proof** that these controls are in place, thanks to the use of [Trusted Platform Modules (TPMs)](https://blindllama.readthedocs.io/en/latest/docs/getting-started/concepts/).
  
	⚠️ **WARNING:** BlindLlama is still **under development**. Do not use it in production!

	We are working towards the first audit of BlindLlama in the following months. Please refer to the <a href="#-vision-and-roadmap">roadmap</a> to know the current status of the project.

We welcome contributions to our project from the community! Don't hesitate to [raise issues](https://github.com/mithril-security/blind_llama/issues) on GitHub, <a href="#-contact">reach out to us</a> or see our guide on how to audit BlindLlama (**coming soon!**).

<p align="right">(<a href="#readme-top">back to top</a>)</p>

### Architecture

BlindLlama is composed of two main parts:

+ An **open-source client-side Python SDK** that verifies the remote Zero-trust AI models we serve are indeed guaranteeing data sent is not exposed to us.
+ An **open-source server** that serves models without any exposure to us as the server is hardened and removed potential leakage channels from network to logs, and provides cryptographic proof those privacy controls are indeed in place using TPMs.

The server combines a hardened AI server with attested TLS using [TPMs](./docs/docs/concepts/TPMs.md).

The client performs two main tasks:

+ **Verifying that the server it communicates with is the expected hardened AI server** using attestation.
+ **Securely sending data** to be analyzed by a remote AI model using attested TLS to ensure data is not exposed.

The server has two main tasks:

+ It **loads a hardened AI server** which is inspected to ensure no data is exposed to the outside.
+ It **serves models using the hardened AI server that can be remotely verified** using attestation.

### Trust model

On this page, we will explain more precisely what components/parties have to be trusted when using BlindLlama.

To understand better which components and parties are trusted with BlindLlama, let’s start by examining what is trusted with regular AI services.

To do so, we will use the concept of a [Trusted Computing Base (TCB)](./docs/docs/concepts/TCB.md), which refers to the set of all hardware, firmware, and software components that are critical to a system's security.

#### Trusted Computing Base with regular AI providers

We can imagine that an AI provider serves AI APIs to their users using a Cloud infrastructure. Then the parties to be trusted are:

+ **The AI provider**: they provide the software application that is in charge of applying AI models to users’ data.

+ **The Cloud provider**: they provide the infrastructure, Hypervisor, VMs, OS, to the AI provider.

+ **The hardware providers**: they provide the lowest physical components, CPU, GPU, TPMs, etc. to the Cloud provider who then manages those to resell infrastructure to the AI providers. 

The higher the party in the stack, the closer they are to the data, and the more they are in a position to expose data.

In most scenarios today, there is often blind trust in the AI provider, aka we send data to them without any technical guarantees that they will do what they said they would do. For instance, the AI provider could say they just do inference on data, while they could actually train models on users’ data.

For privacy-demanding users that require more technical guarantees, they often choose not to send data to AI providers as they cannot trust them with their confidential data.

#### Trusted parties with BlindLlama

With BlindLlama, we remove the AI provider from the list of trusted parties. When models are served with BlindLlama, users' data cannot be seen by the AI provider because we use a Zero-trust AI infrastructure that removes the service/AI provider from the trust base. We can prove such controls are in place using [TPM-based attestation](./docs/docs/concepts/TPMs.md).

![trust-model-light](./docs/assets/trust-model-light.png#only-light)
![trust-model-dark](./docs/assets/trust-model-dark.png#only-dark)

## 👩🏻‍💻 Use cases

BlindLlama is meant to **help developers working with sensitive data to easily get started with LLMs** by using **managed AI APIs** that abstract the hardware and software complexity of model deployment while ensuring their data remains unexposed.

Several scenarios can be answered by using BlindLlama, such as:

+ Benchmarking the best open-source LLMs against one’s private data to find out which one is the most relevant without having to do any provisioning
+ Structuring medical documents
+ Analysis or auto-completion of a confidential code base

### ✅ When should you use BlindLlama?

+ You want to get started with LLMs that are complex to deploy, such as Llama 2 70B
+ You don’t want to manage that infrastructure as it requires too much time, expertise and/or budget
+ You don’t want to expose your data to a third party AI provider that manages the infrastructure for you due to privacy/compliance issues

#### ❌ What is not covered by BlindLlama?

+ BlindLlama is simply a drop-in replacement to query a remotely hosted model instead of having to go through complex local deployment. We do not cover training from scratch, but we will cover fine-tuning soon.
+ BlindLlama allows you to quickly and securely leverage models which are open-source, such as Llama 2, StarCoder, etc. **Proprietary models from OpenAI, Anthropic, and Cohere are not supported** yet as we would require them to modify their backend to offer a Zero-trust AI infrastructure like ours.
+ **BlindLlama’s trust model implies some level of trust in Cloud providers and hardware providers** since we leverage secure hardware available and managed by Cloud providers (see our [trust model section](https://blindllama.readthedocs.io/en/latest/docs/getting-started/blindllama-101/) for more details).

BlindLlama virtually provides the same level of security, privacy, and control as solutions provided by Cloud providers like Azure OpenAI Services.

<p align="right">(<a href="#readme-top">back to top</a>)</p>

## 🚀 Getting started

- Check out our [Quick tour](https://blindllama.readthedocs.io/en/latest/docs/getting-started/quick-tour/), which will enable you to play with an example using the [Llama 2](https://huggingface.co/meta-llama/Llama-2-7b) model while ensuring your data remains private and without the hassle of provisioning!
- Find out more about [How we protect your data](https://blindllama.readthedocs.io/en/latest/docs/getting-started/how-we-protect-your-data/)
- Refer to our [Concepts](https://blindllama.readthedocs.io/en/latest/docs/getting-started/concepts/) guide for more information on key concepts
- Learn more about BlindLlama's design with our [BlindLlama 101](https://blindllama.readthedocs.io/en/latest/docs/getting-started/blindllama-101/) guide

<p align="right">(<a href="#readme-top">back to top</a>)</p>

<!--
## 📚 How is the documentation structured?
____________________________________________
<!--
- [Tutorials](./docs/tutorials/core/installation.md) take you by the hand to install and run BlindBox. We recommend you start with the **[Quick tour](./docs/getting-started/quick-tour.ipynb)** and then move on to the other tutorials!  

- [Concepts](./docs/concepts/nitro-enclaves.md) guides discuss key topics and concepts at a high level. They provide useful background information and explanations, especially on cybersecurity.

- [How-to guides](./docs/how-to-guides/deploy-API-server.md) are recipes. They guide you through the steps involved in addressing key problems and use cases. They are more advanced than tutorials and assume some knowledge of how BlindBox works.

- [API Reference](https://blindai.mithrilsecurity.io/en/latest/blindai/client.html) contains technical references for BlindAI’s API machinery. They describe how it works and how to use it but assume you have a good understanding of key concepts.

- [Security](./docs/security/remote_attestation/) guides contain technical information for security engineers. They explain the threat models and other cybersecurity topics required to audit BlindBox's security standards.

- [Advanced](./docs/how-to-guides/build-from-sources/client/) guides are destined to developers wanting to dive deep into BlindBox and eventually collaborate with us to the open-source code.

- [Past Projects](./docs/past-projects/blindai) informs you of our past audited project BlindAI, of which BlindBox is the evolution. 
-->

<!-- ## ❓ Why trust us?
___________________________

+ **Our core security features are open source.** We believe that transparency is the best way to ensure security and you can inspect the code yourself on our [GitHub page](https://github.com/mithril-security/blindbox).

+ **Our historical project [BlindAI](docs/past-projects/blindai.md) was successfully audited** by Quarkslab. Although both projects differ (BlindAI was meant for the confidential deployment of ONNX models inside Intel SGX enclaves), we want to highlight that we are serious about our security standards and know how to code secure remote attestation. -->

## 🎯 Vision and roadmap

**Planned new features**:

+ **Confidential GPUs** for additional shielding
+ **Sandboxes** for additional isolation
+ **Finetuning endpoints** for all our APIs
+ **More APIs** to cover a wider range of popular open-source models

<p align="right">(<a href="#readme-top">back to top</a>)</p>


## 🦙 Who made BlindLlama? 
<a name="about-us"></a>

BlindLlama is developed by **Mithril Security**, a startup focused on **democratizing privacy-friendly AI using secure hardware solutions**. 

We have already had our first project, [BlindAI](https://github.com/mithril-security/blindai), an open-source Rust inference server that deploys ONNX models on Intel SGX secure enclaves, audited by [Quarkslab](https://www.quarkslab.com/).

BlindLlama builds on the foundations of BlindAI but provides much faster performance and focuses on serving managed models directly to developers instead of helping AI engineers to deploy models.

<p align="right">(<a href="#readme-top">back to top</a>)</p>

## 📇 Contact

[![Contact us][contact]][contact-url]
[![Twitter][twitter]][website-url]
[![LinkedIn][linkedin-shield]][linkedin-url]

<p align="right">(<a href="#readme-top">back to top</a>)</p>

<!-- MARKDOWN LINKS & IMAGES -->
<!-- https://github.com/alexandresanlim/Badges4-README.md-Profile#-blog- -->
<!-- [contributors-shield]: https://img.shields.io/github/contributors/mithril-security/aicert.svg?style=for-the-badge
[contributors-url]: https://github.com/mithril-security/aicert/graphs/contributors
[forks-shield]: https://img.shields.io/github/forks/mithril-security/aicert.svg?style=for-the-badge
[forks-url]: https://github.com/mithril-security/blindbox/network/members
[stars-shield]: https://img.shields.io/github/stars/mithril-security/aicert.svg?style=for-the-badge
[stars-url]: https://github.com/mithril-security/blindbox/stargazers
[issues-shield]: https://img.shields.io/github/issues/mithril-security/aicert.svg?style=for-the-badge
<!-- [issues-url]: https://github.com/mithril-security/aicert/issues -->
[project-url]: https://github.com/mithril-security/aicert
[twitter-url]: https://twitter.com/MithrilSecurity
[contact-url]: https://www.mithrilsecurity.io/contact
[docs-shield]: https://img.shields.io/badge/Docs-000000?style=for-the-badge&colorB=555
[docs-url]: https://blindllama.readthedocs.io/en/latest/
[license-shield]: https://img.shields.io/github/license/mithril-security/aicert.svg?style=for-the-badge
[contact]: https://img.shields.io/badge/Contact_us-000000?style=for-the-badge&colorB=555
[project]: https://img.shields.io/badge/Project-000000?style=for-the-badge&colorB=555
[license-url]: https://github.com/mithril-security/aicert/blob/master/LICENSE.txt
[linkedin-shield]: https://img.shields.io/badge/LinkedIn-0077B5?style=for-the-badge&logo=linkedin&logoColor=white&colorB=555
[twitter]: https://img.shields.io/badge/Twitter-1DA1F2?style=for-the-badge&logo=twitter&logoColor=white
[linkedin-url]: https://www.linkedin.com/company/mithril-security-company/
[website-url]: https://www.mithrilsecurity.io
[docs-url]: https://blindllama.readthedocs.io/en/latest/
[website-shield]: https://img.shields.io/badge/website-000000?style=for-the-badge&colorB=555
[blog-url]: https://blog.mithrilsecurity.io/
[blog-shield]: https://img.shields.io/badge/Blog-000?style=for-the-badge&logo=ghost&logoColor=yellow&colorB=555
[product-screenshot]: images/screenshot.png
[Python]: https://img.shields.io/badge/Python-FFD43B?style=for-the-badge&logo=python&logoColor=blue
[Python-url]: https://www.python.org/
[Rust]: https://img.shields.io/badge/rust-FFD43B?style=for-the-badge&logo=rust&logoColor=black
[Rust-url]: https://www.rust-lang.org/fr
[Intel-SGX]: https://img.shields.io/badge/SGX-FFD43B?style=for-the-badge&logo=intel&logoColor=black
[Intel-sgx-url]: https://www.intel.fr/content/www/fr/fr/architecture-and-technology/software-guard-extensions.html
[Tract]: https://img.shields.io/badge/Tract-FFD43B?style=for-the-badge
<!-- [tract-url]: https://github.com/mithril-security/tract/tree/6e4620659837eebeaba40ab3eeda67d33a99c7cf -->

            

Raw data

            {
    "_id": null,
    "home_page": "",
    "name": "blind-llama",
    "maintainer": "",
    "docs_url": null,
    "requires_python": ">=3.8,<4.0",
    "maintainer_email": "",
    "keywords": "",
    "author": "Mithril Security",
    "author_email": "contact@mithrilsecurity.io",
    "download_url": "https://files.pythonhosted.org/packages/0d/22/412fe53e763ab8fb1321b99b619e3690081c97372e38be5293be592f2838/blind_llama-0.0.2.tar.gz",
    "platform": null,
    "description": "<a name=\"readme-top\"></a>\n\n<!-- [![Contributors][contributors-shield]][contributors-url]\n[![Forks][forks-shield]][forks-url]\n[![Stargazers][stars-shield]][stars-url]\n[![Issues][issues-shield]][issues-url]\n[![Apache License][license-shield]][license-url] -->\n\n\n<!-- PROJECT LOGO -->\n<br />\n<div align=\"center\">\n  <a href=\"https://github.com/mithril-security/blind_llama\">\n    <img src=\"https://github.com/mithril-security/blindai/raw/main/docs/assets/logo.png\" alt=\"Logo\" width=\"80\" height=\"80\">\n  </a>\n\n<h1 align=\"center\">BlindLlama</h1>\n\n[![Website][website-shield]][website-url]\n[![Blog][blog-shield]][blog-url]\n[![Docs][docs-shield]][docs-url]\n</div>\n\n <p align=\"center\">\n    <b>Making AI Confidential & Transparent</b><br /><br />\n   <!-- \n    <a href=\"https://blindllama.mithrilsecurity.io/en/latest\"><strong>Explore the docs \u00bb</strong></a>\n    <br />\n    <br />\n    <a href=\"https://aicert.mithrilsecurity.io/en/latest/docs/getting-started/quick-tour/\">Get started</a>\n    \u00b7\n    <a href=\"https://github.com/mithril-security/aicert/issues\">Report Bug</a>\n    \u00b7\n    <a href=\"https://github.com/mithril-security/aicert/issues\">Request Feature</a>\n  </p>\n</div>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#-about-the-project\">About the project</a></li>\n    <li><a href=\"#-use-cases\">Use cases</a></li>\n    <li><a href=\"#-getting-started\">Getting started</a></li>\n    <li><a href=\"#-vision-and-roadmap\">Vision and roadmap</a></li>\n    <li><a href=\"#about-us\">About us</a></li>\n    <li><a href=\"#-contact\">Contact</a></li>\n  </ol>\n</details>\n\n## \ud83d\udcdc About the project\n\n### Introduction\n\n\ud83d\udee0\ufe0f **BlindLlama** makes it easy to use open-source LLMs by using **Zero-trust AI APIs** that abstract all the complexity of model deployment while ensuring **users\u2019 data is never exposed** to us thanks to end-to-end protection with **secure hardware**.\n\n\ud83d\udd10 To provide guarantees to developers that data sent to our managed infrastructure is not exposed, we have developed a **Zero-trust architecture to serve AI models**. \n\nOur backend has two key properties:\n\n+ **Confidentiality**: Your data is **never accessible to us**. We serve AI models inside **hardened environments** that do not expose data even to our admins. All points of access, such as SSH, logs, networks, etc., are blocked to ensure the isolation of data.\n\n+ **Transparency**: We provide you with verifiable **cryptographic proof** that these controls are in place, thanks to the use of [Trusted Platform Modules (TPMs)](https://blindllama.readthedocs.io/en/latest/docs/getting-started/concepts/).\n  \n\t\u26a0\ufe0f **WARNING:** BlindLlama is still **under development**. Do not use it in production!\n\n\tWe are working towards the first audit of BlindLlama in the following months. Please refer to the <a href=\"#-vision-and-roadmap\">roadmap</a> to know the current status of the project.\n\nWe welcome contributions to our project from the community! Don't hesitate to [raise issues](https://github.com/mithril-security/blind_llama/issues) on GitHub, <a href=\"#-contact\">reach out to us</a> or see our guide on how to audit BlindLlama (**coming soon!**).\n\n<p align=\"right\">(<a href=\"#readme-top\">back to top</a>)</p>\n\n### Architecture\n\nBlindLlama is composed of two main parts:\n\n+ An **open-source client-side Python SDK** that verifies the remote Zero-trust AI models we serve are indeed guaranteeing data sent is not exposed to us.\n+ An **open-source server** that serves models without any exposure to us as the server is hardened and removed potential leakage channels from network to logs, and provides cryptographic proof those privacy controls are indeed in place using TPMs.\n\nThe server combines a hardened AI server with attested TLS using [TPMs](./docs/docs/concepts/TPMs.md).\n\nThe client performs two main tasks:\n\n+ **Verifying that the server it communicates with is the expected hardened AI server** using attestation.\n+ **Securely sending data** to be analyzed by a remote AI model using attested TLS to ensure data is not exposed.\n\nThe server has two main tasks:\n\n+ It **loads a hardened AI server** which is inspected to ensure no data is exposed to the outside.\n+ It **serves models using the hardened AI server that can be remotely verified** using attestation.\n\n### Trust model\n\nOn this page, we will explain more precisely what components/parties have to be trusted when using BlindLlama.\n\nTo understand better which components and parties are trusted with BlindLlama, let\u2019s start by examining what is trusted with regular AI services.\n\nTo do so, we will use the concept of a [Trusted Computing Base (TCB)](./docs/docs/concepts/TCB.md), which refers to the set of all hardware, firmware, and software components that are critical to a system's security.\n\n#### Trusted Computing Base with regular AI providers\n\nWe can imagine that an AI provider serves AI APIs to their users using a Cloud infrastructure. Then the parties to be trusted are:\n\n+ **The AI provider**: they provide the software application that is in charge of applying AI models to users\u2019 data.\n\n+ **The Cloud provider**: they provide the infrastructure, Hypervisor, VMs, OS, to the AI provider.\n\n+ **The hardware providers**: they provide the lowest physical components, CPU, GPU, TPMs, etc. to the Cloud provider who then manages those to resell infrastructure to the AI providers. \n\nThe higher the party in the stack, the closer they are to the data, and the more they are in a position to expose data.\n\nIn most scenarios today, there is often blind trust in the AI provider, aka we send data to them without any technical guarantees that they will do what they said they would do. For instance, the AI provider could say they just do inference on data, while they could actually train models on users\u2019 data.\n\nFor privacy-demanding users that require more technical guarantees, they often choose not to send data to AI providers as they cannot trust them with their confidential data.\n\n#### Trusted parties with BlindLlama\n\nWith BlindLlama, we remove the AI provider from the list of trusted parties. When models are served with BlindLlama, users' data cannot be seen by the AI provider because we use a Zero-trust AI infrastructure that removes the service/AI provider from the trust base. We can prove such controls are in place using [TPM-based attestation](./docs/docs/concepts/TPMs.md).\n\n![trust-model-light](./docs/assets/trust-model-light.png#only-light)\n![trust-model-dark](./docs/assets/trust-model-dark.png#only-dark)\n\n## \ud83d\udc69\ud83c\udffb\u200d\ud83d\udcbb Use cases\n\nBlindLlama is meant to **help developers working with sensitive data to easily get started with LLMs** by using **managed AI APIs** that abstract the hardware and software complexity of model deployment while ensuring their data remains unexposed.\n\nSeveral scenarios can be answered by using BlindLlama, such as:\n\n+ Benchmarking the best open-source LLMs against one\u2019s private data to find out which one is the most relevant without having to do any provisioning\n+ Structuring medical documents\n+ Analysis or auto-completion of a confidential code base\n\n### \u2705 When should you use BlindLlama?\n\n+ You want to get started with LLMs that are complex to deploy, such as Llama 2 70B\n+ You don\u2019t want to manage that infrastructure as it requires too much time, expertise and/or budget\n+ You don\u2019t want to expose your data to a third party AI provider that manages the infrastructure for you due to privacy/compliance issues\n\n#### \u274c What is not covered by BlindLlama?\n\n+ BlindLlama is simply a drop-in replacement to query a remotely hosted model instead of having to go through complex local deployment. We do not cover training from scratch, but we will cover fine-tuning soon.\n+ BlindLlama allows you to quickly and securely leverage models which are open-source, such as Llama 2, StarCoder, etc. **Proprietary models from OpenAI, Anthropic, and Cohere are not supported** yet as we would require them to modify their backend to offer a Zero-trust AI infrastructure like ours.\n+ **BlindLlama\u2019s trust model implies some level of trust in Cloud providers and hardware providers** since we leverage secure hardware available and managed by Cloud providers (see our [trust model section](https://blindllama.readthedocs.io/en/latest/docs/getting-started/blindllama-101/) for more details).\n\nBlindLlama virtually provides the same level of security, privacy, and control as solutions provided by Cloud providers like Azure OpenAI Services.\n\n<p align=\"right\">(<a href=\"#readme-top\">back to top</a>)</p>\n\n## \ud83d\ude80 Getting started\n\n- Check out our [Quick tour](https://blindllama.readthedocs.io/en/latest/docs/getting-started/quick-tour/), which will enable you to play with an example using the [Llama 2](https://huggingface.co/meta-llama/Llama-2-7b) model while ensuring your data remains private and without the hassle of provisioning!\n- Find out more about [How we protect your data](https://blindllama.readthedocs.io/en/latest/docs/getting-started/how-we-protect-your-data/)\n- Refer to our [Concepts](https://blindllama.readthedocs.io/en/latest/docs/getting-started/concepts/) guide for more information on key concepts\n- Learn more about BlindLlama's design with our [BlindLlama 101](https://blindllama.readthedocs.io/en/latest/docs/getting-started/blindllama-101/) guide\n\n<p align=\"right\">(<a href=\"#readme-top\">back to top</a>)</p>\n\n<!--\n## \ud83d\udcda How is the documentation structured?\n____________________________________________\n<!--\n- [Tutorials](./docs/tutorials/core/installation.md) take you by the hand to install and run BlindBox. We recommend you start with the **[Quick tour](./docs/getting-started/quick-tour.ipynb)** and then move on to the other tutorials!  \n\n- [Concepts](./docs/concepts/nitro-enclaves.md) guides discuss key topics and concepts at a high level. They provide useful background information and explanations, especially on cybersecurity.\n\n- [How-to guides](./docs/how-to-guides/deploy-API-server.md) are recipes. They guide you through the steps involved in addressing key problems and use cases. They are more advanced than tutorials and assume some knowledge of how BlindBox works.\n\n- [API Reference](https://blindai.mithrilsecurity.io/en/latest/blindai/client.html) contains technical references for BlindAI\u2019s API machinery. They describe how it works and how to use it but assume you have a good understanding of key concepts.\n\n- [Security](./docs/security/remote_attestation/) guides contain technical information for security engineers. They explain the threat models and other cybersecurity topics required to audit BlindBox's security standards.\n\n- [Advanced](./docs/how-to-guides/build-from-sources/client/) guides are destined to developers wanting to dive deep into BlindBox and eventually collaborate with us to the open-source code.\n\n- [Past Projects](./docs/past-projects/blindai) informs you of our past audited project BlindAI, of which BlindBox is the evolution. \n-->\n\n<!-- ## \u2753 Why trust us?\n___________________________\n\n+ **Our core security features are open source.** We believe that transparency is the best way to ensure security and you can inspect the code yourself on our [GitHub page](https://github.com/mithril-security/blindbox).\n\n+ **Our historical project [BlindAI](docs/past-projects/blindai.md) was successfully audited** by Quarkslab. Although both projects differ (BlindAI was meant for the confidential deployment of ONNX models inside Intel SGX enclaves), we want to highlight that we are serious about our security standards and know how to code secure remote attestation. -->\n\n## \ud83c\udfaf Vision and roadmap\n\n**Planned new features**:\n\n+ **Confidential GPUs** for additional shielding\n+ **Sandboxes** for additional isolation\n+ **Finetuning endpoints** for all our APIs\n+ **More APIs** to cover a wider range of popular open-source models\n\n<p align=\"right\">(<a href=\"#readme-top\">back to top</a>)</p>\n\n\n## \ud83e\udd99 Who made BlindLlama? \n<a name=\"about-us\"></a>\n\nBlindLlama is developed by **Mithril Security**, a startup focused on **democratizing privacy-friendly AI using secure hardware solutions**. \n\nWe have already had our first project, [BlindAI](https://github.com/mithril-security/blindai), an open-source Rust inference server that deploys ONNX models on Intel SGX secure enclaves, audited by [Quarkslab](https://www.quarkslab.com/).\n\nBlindLlama builds on the foundations of BlindAI but provides much faster performance and focuses on serving managed models directly to developers instead of helping AI engineers to deploy models.\n\n<p align=\"right\">(<a href=\"#readme-top\">back to top</a>)</p>\n\n## \ud83d\udcc7 Contact\n\n[![Contact us][contact]][contact-url]\n[![Twitter][twitter]][website-url]\n[![LinkedIn][linkedin-shield]][linkedin-url]\n\n<p align=\"right\">(<a href=\"#readme-top\">back to top</a>)</p>\n\n<!-- MARKDOWN LINKS & IMAGES -->\n<!-- https://github.com/alexandresanlim/Badges4-README.md-Profile#-blog- -->\n<!-- [contributors-shield]: https://img.shields.io/github/contributors/mithril-security/aicert.svg?style=for-the-badge\n[contributors-url]: https://github.com/mithril-security/aicert/graphs/contributors\n[forks-shield]: https://img.shields.io/github/forks/mithril-security/aicert.svg?style=for-the-badge\n[forks-url]: https://github.com/mithril-security/blindbox/network/members\n[stars-shield]: https://img.shields.io/github/stars/mithril-security/aicert.svg?style=for-the-badge\n[stars-url]: https://github.com/mithril-security/blindbox/stargazers\n[issues-shield]: https://img.shields.io/github/issues/mithril-security/aicert.svg?style=for-the-badge\n<!-- [issues-url]: https://github.com/mithril-security/aicert/issues -->\n[project-url]: https://github.com/mithril-security/aicert\n[twitter-url]: https://twitter.com/MithrilSecurity\n[contact-url]: https://www.mithrilsecurity.io/contact\n[docs-shield]: https://img.shields.io/badge/Docs-000000?style=for-the-badge&colorB=555\n[docs-url]: https://blindllama.readthedocs.io/en/latest/\n[license-shield]: https://img.shields.io/github/license/mithril-security/aicert.svg?style=for-the-badge\n[contact]: https://img.shields.io/badge/Contact_us-000000?style=for-the-badge&colorB=555\n[project]: https://img.shields.io/badge/Project-000000?style=for-the-badge&colorB=555\n[license-url]: https://github.com/mithril-security/aicert/blob/master/LICENSE.txt\n[linkedin-shield]: https://img.shields.io/badge/LinkedIn-0077B5?style=for-the-badge&logo=linkedin&logoColor=white&colorB=555\n[twitter]: https://img.shields.io/badge/Twitter-1DA1F2?style=for-the-badge&logo=twitter&logoColor=white\n[linkedin-url]: https://www.linkedin.com/company/mithril-security-company/\n[website-url]: https://www.mithrilsecurity.io\n[docs-url]: https://blindllama.readthedocs.io/en/latest/\n[website-shield]: https://img.shields.io/badge/website-000000?style=for-the-badge&colorB=555\n[blog-url]: https://blog.mithrilsecurity.io/\n[blog-shield]: https://img.shields.io/badge/Blog-000?style=for-the-badge&logo=ghost&logoColor=yellow&colorB=555\n[product-screenshot]: images/screenshot.png\n[Python]: https://img.shields.io/badge/Python-FFD43B?style=for-the-badge&logo=python&logoColor=blue\n[Python-url]: https://www.python.org/\n[Rust]: https://img.shields.io/badge/rust-FFD43B?style=for-the-badge&logo=rust&logoColor=black\n[Rust-url]: https://www.rust-lang.org/fr\n[Intel-SGX]: https://img.shields.io/badge/SGX-FFD43B?style=for-the-badge&logo=intel&logoColor=black\n[Intel-sgx-url]: https://www.intel.fr/content/www/fr/fr/architecture-and-technology/software-guard-extensions.html\n[Tract]: https://img.shields.io/badge/Tract-FFD43B?style=for-the-badge\n<!-- [tract-url]: https://github.com/mithril-security/tract/tree/6e4620659837eebeaba40ab3eeda67d33a99c7cf -->\n",
    "bugtrack_url": null,
    "license": "",
    "summary": "",
    "version": "0.0.2",
    "project_urls": null,
    "split_keywords": [],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "8f59a3ef1a1782184847baa0426f5d85770c1e7018eb26c141ebf9892033da0f",
                "md5": "f50af33752cf3694850fcab64b3f5eeb",
                "sha256": "a5e57cf0830f3ffcb021838397985f2482e37fd9e2407e2dcdca6bf60ed8a328"
            },
            "downloads": -1,
            "filename": "blind_llama-0.0.2-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "f50af33752cf3694850fcab64b3f5eeb",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.8,<4.0",
            "size": 10579,
            "upload_time": "2023-08-17T11:53:10",
            "upload_time_iso_8601": "2023-08-17T11:53:10.775112Z",
            "url": "https://files.pythonhosted.org/packages/8f/59/a3ef1a1782184847baa0426f5d85770c1e7018eb26c141ebf9892033da0f/blind_llama-0.0.2-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "0d22412fe53e763ab8fb1321b99b619e3690081c97372e38be5293be592f2838",
                "md5": "150b45844fa51a3f141f6104479b5757",
                "sha256": "962801e57cacaecb218abd7637a25cbec1b3a1a562420d7747e5fcace61f4073"
            },
            "downloads": -1,
            "filename": "blind_llama-0.0.2.tar.gz",
            "has_sig": false,
            "md5_digest": "150b45844fa51a3f141f6104479b5757",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.8,<4.0",
            "size": 14474,
            "upload_time": "2023-08-17T11:53:12",
            "upload_time_iso_8601": "2023-08-17T11:53:12.381349Z",
            "url": "https://files.pythonhosted.org/packages/0d/22/412fe53e763ab8fb1321b99b619e3690081c97372e38be5293be592f2838/blind_llama-0.0.2.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-08-17 11:53:12",
    "github": false,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "lcname": "blind-llama"
}