Skip to content

feat: TEE whitepaper with GPU/TPU analysis and deployment workflow#1

Open
dzianisv wants to merge 7 commits intomainfrom
feat/deploy-workflow
Open

feat: TEE whitepaper with GPU/TPU analysis and deployment workflow#1
dzianisv wants to merge 7 commits intomainfrom
feat/deploy-workflow

Conversation

@dzianisv
Copy link
Copy Markdown
Contributor

@dzianisv dzianisv commented Jan 30, 2026
edited
Loading

Summary

Comprehensive update to the TrustedGenAi whitepaper and infrastructure.

Changes

Whitepaper Updates

  • Expanded GPU TEE section with NVIDIA H100 Confidential Computing architecture
  • Added cloud provider availability table (Azure NCCads_H100_v5, Google Cloud A3)
  • Added DeepSeek model deployment table for H100 (1.5B through V3 671B MoE)
  • Added TPU TEE limitations section (TPUs do NOT support confidential computing)
  • Expanded citations from 13 to 30 references
  • Updated author email

Infrastructure

  • Added GitHub Action for TEE infrastructure deployment
  • Added terraform configuration for Azure Confidential VMs
  • Added open-source components (attestation service, secure inference server)
  • Updated license to CC BY-NC-SA 4.0

Repository Cleanup

  • Added .gitignore to exclude terraform provider binaries
  • Cleaned git history of large files

Overleaf

The whitepaper is synced to Overleaf and compiles to 11 pages:

@dzianisv
feat: add GitHub Action for TEE infrastructure deployment
ed2a0e6 
- Manual dispatch with cpu/gpu and plan/apply/destroy options
- Validates terraform on push to main
- Connects to VibeBrowser billing at api.vibebrowser.app
- Verifies TEE attestation after deployment
@dzianisv
docs: update author email to [email protected]
c314011
@dzianisv
docs: expand GPU TEE section with H100 details, add TPU limitations, …
a003c11 
…expand to 30 citations
@dzianisv
chore: add .gitignore to exclude terraform providers
b4fc681
@dzianisv dzianisv changed the title feat: add GitHub Action for TEE infrastructure deployment feat: TEE whitepaper with GPU/TPU analysis and deployment workflow Jan 30, 2026
@dzianisv
feat: split TEE workflows (CPU/GPU), add open-weight models table
a75b07b 
- Split deploy-tee.yml into deploy-tee-cpu.yml and deploy-tee-gpu.yml
- CPU TEE: tee.vibebrowser.app (Intel TDX, ~$216/month)
- GPU TEE: tee-gpu.vibebrowser.app (NVIDIA H100 CC, ~$6,300/month)
- Add comprehensive open-weight models table (DeepSeek, Llama, Qwen, Mistral, Kimi K2, MiniMax, etc.)
- GPU workflow includes model size selection (7B-70B)
- Separate Cloudflare tunnel tokens per endpoint
@dzianisv
feat: add AMD SEV-SNP terraform with 35% cost savings vs Intel TDX
c855b77 
- Add cpu-tee-amd-sev.tf: AMD SEV-SNP on DCasv5 (~$140/mo)
- Add cpu-tee-intel-tdx.tf: Intel TDX on DCesv5 (~$216/mo)
- Update whitepaper with platform comparison table
- AMD SEV-SNP recommended for cost-sensitive deployments
- Both platforms provide equivalent security guarantees
@dzianisv
docs: remove Claude co-author, simplify title
4baa5d7 
- Title: Privacy-Preserving LLM Inference with Hardware-Attested TEEs
- Author: Dzianis Vashchuk only
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dzianisv