Maple still has not addressed the problem that their product’s “encrypted blobs” CAN be decrypted outside the TEE.
While it is decrypted only in the TEE *during normal operation*, MapleAI can be easily compelled to decrypt the blobs for law enforcement.
This can be done without any technical barriers or challenges.
The root key that is used to protect all data of the enclave is *outside the enclave*, in AWS KMS.
Maple provides an AI experience that is as close to the privacy of local, offline AI as possible while running in the cloud. We do this by using Trusted Execution Environments (TEE). Data is encrypted locally and only decrypted inside the TEE. If law enforcement requested a user's data, they would receive an encrypted blob. Furthermore, we offer anonymous accounts that don’t have any associated email or social media identity.
We've been open from the beginning. You can see our code and technical writeups:
- Source code: https://github.com/orgs/OpenSecretCloud/repositories
- High level architecture: https://www.trymaple.ai/proof
- Technical Deep Dive: https://blog.opensecret.cloud/opensecret-technicals/
We are already in the process of commissioning third-party audits because we know those are helpful for certain organizations.
I know of no other cloud AI provider, whether it’s proprietary frontier labs or other privacy AI companies, that is more open and transparent than we are. We set the bar high because we believe this industry should be open by default.
We offer state-of-the-art open-weight models with the strongest privacy protections we can build. It’s up to you to decide what risk tolerance is right for you.
View quoted note →
