How is it even possible for the chat to be "end to end encrypted"? That doesnt make sense. Your AI processes unencrypted chat messages in order to respond, and you obviously have access to those since you run the AI servers. Some people claim this is a privacy focused AI. How can anyone possibly make such a claim if you (the provider) can see everything??
Discussion
The answer to my question seems to be something called "enclaves".
https://blog.opensecret.cloud/opensecret-technicals/
Enclaves seem to be something like a Virtual Machine that has its memory and resources protected from prying eyes at the hardware level, even from the hypervisor running the VM.
However, even if you offer reproducible builds of these enclaves, how can anyone be certain that the current running enclave really is that same build?
The enclave attestations include Amazon's AWS credentials. Ultimately the final trust point lies with AWS to honor the encryption for all of their secure enclave users.
Thoughts on Venice.ai?
Venice doesn’t use enclaves so we can’t see the code running on their servers. It follows a “trust we don’t log your chats” model, similar to VPN servers that ask you to trust they don’t log
Their service works well, though. You can pick your trust level. Maple is open source and provides cryptographic proof of the code running on the servers. Every user can verify that we don’t log the chats elsewhere.
They explain on their website and state they can’t see anything, with a “Proof of Security” page, but I don’t know how to verify it.
You can't verify it. You need to "just trust us" that Amazon isn't spying on you.