OpenAI compatible API. Attested gateway. Public status.

Attestation is all you need

For AI routing, trust should be something an agent can verify, not only a policy page a human reads after the fact.

Verify gateway
1 URLbase_url migration
100smodels and routes
0prompt logs by default

Attestation is all you need

2026-06-14

Source context: Joseph Perla original.

Policy matters, but policy alone is not enough for high-value prompts. A router should make it possible to verify what code is receiving the request and whether that code matches the open source release.

That is why TrustedRouter treats attestation as part of the product surface. A user or agent can check the trust page, compare source commits and release digests, and then decide whether a route meets the workload's privacy bar.

The practical split

  • The control plane manages accounts, keys, billing, docs, and status.
  • The API plane handles prompt traffic through the attested gateway.
  • Provider pages show upstream retention and confidential-compute posture separately.
  • Legal and procurement pages state what is ready now and what still requires a signed agreement.

This makes the system legible. A lawyer can read the DPA and subprocessor list. An engineer can inspect the code. An agent can verify attestation before routing sensitive work.

Evals guide Models Providers GitHub

Sign in

Choose a sign in method.