The private AI whose privacy comes from architecture, not a promise. Your prompt is computed inside a hardware-sealed enclave — the operator can't read it, and we keep no logs.
Your prompt runs inside a TEE-attested enclave — sealed where it's computed, not where it's convenient. We keep no logs at our end.
Stablecoins, cards, crypto. No "go acquire a token first." Trying it is as easy as the tools it competes with.
A private second-brain the host can never read. Cloister remembers you without being able to read the memory.
No "trustless" theater, no hidden keys. We tell you exactly what we can and can't see — and let the architecture talk.
It enters a hardware enclave — a trusted execution environment the machine's own operator cannot read into.
Inference happens inside the sealed enclave. Not behind a privacy policy — behind a wall of silicon.
You get the response; we keep no logs at our gateway. Sealed where it counts, honest about the rest.
The model runs inside a TEE-attested enclave — the node operator can't read it there. Your prompt passes through our gateway in the clear for the instant it takes to route it, and we keep no logs. Sealed where it counts; honest about the rest. We'll never claim we "mathematically can't see it" — that's the overclaim we're built to avoid.
It's OpenAI-compatible. Point your base URL at Cloister, use your cloi- key, and call it like any OpenAI SDK — no rewrite. 12 TEE-attested models.
Pay-per-token, fractions of a cent per call (~$0.0003 avg). Every new key starts with free credit to try — no deposit, no email.
No. The token is a placeholder/utility asset — using the API doesn't require holding it, and holding it doesn't entitle you to anything. Experimental, not financial advice.