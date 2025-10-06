Launching today
RedPill
Private AI gateway: encrypted requests to 200+ models
56 followers
Redpill delivers AI privacy by design. All workloads execute in secure hardware enclaves — every LLM query comes with a cryptographic proof so you never have to trust us blindly. Integrate easily via our simple SDK / API.
Hey Product Hunt! 👋
I'm Marvin, founder of Redpill. We're a small, privacy-obsessed team building the VPN for AI privacy — and I’m thrilled to finally share what we’ve been working on.
💡 Why did we build this?
We built Redpill out of frustration with how every AI interaction today leaks data — to the model provider, the infrastructure host, or both. AI tools have become essential, but the moment you use them, you lose control of your data.
As builders, we knew that privacy shouldn’t rely on “trust us.” So we set out to build a platform where AI privacy is verifiable, not promised.
🧠 What makes Redpill unique?
Redpill is the 1st ever private-first AI platform that runs all workloads in secure hardware (TEE) — meaning every AI query comes with cryptographic proof that your data stays private.
We support 200+ popular models, all protected by a TEE proxy. So you can use the tools you love — GPT, Claude, Gemini, and more — inside a verifiably private environment, through our encrypted chat, SDK, and API.
Agnes AI
I can't believe someone finally cracked verifiable AI privacy! Having cryptographic proof that my chats with GPT or Claude stay private is honestly such a relief—how tricky was it to support 200+ models?
Phala Cloud
@cruise_chen Thanks for the comment!
Redpill’s approach was to build a TEE proxy layer that normalizes the runtime for each model vendor, so every request—no matter which model it hits—runs inside an attested enclave with the same privacy guarantees.
We had to solve three hard problems:
1. Unified attestation — generating verifiable proofs across heterogeneous TEEs and GPU types.
2. Encrypted streaming I/O — making sure token streams stay private without adding noticeable latency.
3. Dynamic model routing — managing a secure pool of enclaves that can spin up or switch models instantly.
The result is what you’re seeing now: you can talk to GPT, Claude, or any other LLM, and still have cryptographic assurance that no one—including Redpill—can peek at your data.
I have been thinking of something similar to the concept of 'VPN for AI,' and now it comes!
As a daily VPN user, I know how it works. But as to VPN for AI, I wonder what latency and cost overheads I should expect compared with calling a model provider directly?
And is there a public SDK/API spec or demo repo I can try, and are there any open-source components I can audit before onboarding?
Phala Cloud
@justin2025 Great questions — and exactly the kind of thinking that inspired the “VPN for AI” analogy.
Here’s a breakdown:
Latency & Cost Overhead
Latency: The TEE (Trusted Execution Environment) adds roughly 20–40 ms extra per request for attestation and encrypted streaming, depending on GPU type and model size. In practice, you won’t feel the difference — Redpill’s proxy sits close to major AI endpoints and keeps a warm enclave pool.
Cost: Expect about a 5–10% overhead versus raw API pricing. Most of this comes from secure enclave compute and encrypted network bandwidth. We aim to stay within the “VPN premium” range — small enough that privacy feels free compared to what it’s protecting.
SDK / API Access
There’s a public SDK and REST API spec — modeled closely on OpenAI’s format — so you can swap api.openai.com for api.redpill.ai with minimal changes.
Example repo (demo + SDK clients for Node, Python, Go) is on GitHub: github.com/redpill-ai/sdk-demo .
Open Source & Auditability
The TEE attestation verifier, enclave bootstrap code, and client-side encryption library are open-sourced — so you can verify that Redpill never sees plaintext data or tokens.
The model routing layer and enclave orchestration logic are currently closed-source (they contain sensitive scheduling and security heuristics), but you can audit the attestation outputs for every query, which is the most important guarantee.
