How OpenGradient Chat keeps you private.
Chat with ChatGPT, Claude, Gemini and Grok without revealing who you are. Every prompt is routed through an OHTTP relay to strip your network identity, then through a TEE-isolated gateway that talks to the provider on your behalf. No single party can correlate who you are with what you asked. And your chat history never leaves your device — conversations are sealed inside your browser with strong encryption, so only you can ever read them.
The privacy model
Two independent layers, in series. Each layer eliminates one piece of correlation. Together, they leave no party with both.
OHTTP relay
Splits the network transport. The relay sees your IP but only an encrypted blob. The downstream gateway sees the plaintext request but never your IP.
TEE-isolated gateway
Runs inside a sealed trusted execution environment (TEE) with remote attestation. The operator can't see or log any of the prompts or requests, or build a profile across requests.
How a request flows
Four hops, two trust boundaries. Each party only sees what it strictly needs to do its job.
Encrypts the prompt with the gateway's public key. The ciphertext is wrapped in an OHTTP envelope and sent to the relay.
Sees your IP and an opaque ciphertext blob. Forwards the blob to the TEE gateway from its own infrastructure. Never sees the prompt.
Inside a TEE — decrypts the prompt, calls the model provider, and re-encrypts the response. Sees the prompt content but not your IP. Memory is sealed; the operator can't read it.
Receives an anonymous request from our gateway. Sees the prompt content but no identifying information about you.
What each party sees
A summary of the information each hop has access to.
| Party | Sees your IP? | Sees your prompt? |
|---|---|---|
| OHTTP relay | Yes | No |
| TEE gateway | No | Yes (in sealed memory) |
| Model provider | No | Yes (anonymized) |
| OpenGradient operator | No | No |
What's not private
Be honest about the limits.
- The model provider still sees the contents of your prompt - but the sender is anonymized.
- Account-level data (email, plan, billing) is held by OpenGradient under standard data protection.
- Coarse timing and traffic volume aren't hidden. An adversary watching both ends of the network could still correlate. Mitigated with batching, not eliminated.
FAQ
Why combine OHTTP and a TEE? Isn't one enough?
OHTTP alone hides your network identity from the operator that talks to the provider — but the operator still sees your prompts. A TEE alone protects the prompt content from the operator, but the operator still sees your network identity. Putting them in series means neither layer can correlate identity to content, even if compromised independently.
How is the TEE attested?
Before any prompt is decrypted, the client verifies a remote attestation from the gateway's TEE. The attestation cryptographically proves the gateway is running the expected binary on genuine TEE hardware. The attestation is rechecked periodically - when it's stale, the indicator in your composer shows a warning.
What does the model provider see?
An anonymous request from our gateway's infrastructure. The provider sees the prompt and our gateway's IP - but no identifying information about you. From their side, every OpenGradient Chat user looks the same.
Are my chats stored on OpenGradient's servers?
No - your chat history never touches our servers. Every conversation is sealed inside your browser with strong encryption, locked to a key that lives only on your device and can't be exported or copied. You're the only one who can ever read them.