| Website | https://caution.co |
| Verifiable AI inference (live demo) | https://chat.caution.dev/ |
| Verifiable compute made simple (blog) | https://caution.co/blog/introducing-caution.html |
Trust is not a security property. It’s what systems fall back to when verification is impossible.
Most software still works this way, but regulatory frameworks are shifting expectations toward traceability and transparency, not just security claims.
We wrote about what changes when systems become verifiable: https://caution.co/blog/on-transparency.html
#SelfPromo #Security #VerifiableCompute #ConfidentialCompute
The bare minimum for running security critical services is multi-party verified deterministic builds running on remotely attestable enclaves.
My teammates and I at Distrust have been helping teams architect and build this way for 5+ years now.
It was tough watching people repeatedly struggle to do everything from zero.
So we built the first 100% FOSS general purpose verifiable compute platform: Caution.
For prioritized early access join #caution-platform:matrix.org
Secure enclaves are still underused, and many #confidentialcompute deployments amount to security theater.
Most platforms can attest that something hasn’t changed, but not what code is actually running, since PCRs can’t usually be reproduced from source.
Relying on a single vendor’s attestation engine also creates a real single point of failure.
Isolation and attestation without reproducibility or platform diversity isn’t sufficient for high-security systems.
Lance R. Vick