🫖
highlight to read

TEE Talk is an end-to-end encrypted, open-weight LLM running inside a hardware-isolated Trusted Execution Environment, or TEE. The model is fully open — no data is sent to any third-party API. Your words are encrypted before they leave your device and decrypted only inside the TEE. No other human can read them.

How it works

TEE Talk runs an open-weight AI model on a GCP confidential VM with AMD SEV-SNP hardware isolation. When you connect, your client performs a Noise protocol handshake, verifies a hardware-signed attestation report proving the server code hasn't been tampered with, and establishes an encrypted channel. Your prompts are encrypted on your machine and only decrypted inside the TEE — not even the cloud provider can read them. Nothing is stored between sessions.

How to talk

By web UI (desktop only)

Download for your platform from the latest release, extract, and run. Opens a web UI in your browser, end-to-end encrypted to the TEE. The first message may take a moment — the model loads on demand.

macOS: macOS will block the app because it isn't signed. Open System Settings → Privacy & Security, find the message about "tee-talk" being blocked, and click Allow Anyway. Or run in Terminal: 

xattr -d com.apple.quarantine ~/Downloads/tee-talk
chmod +x ~/Downloads/tee-talk
~/Downloads/tee-talk

Windows: Click More info on the SmartScreen warning, then Run anyway.

Linux: 

chmod +x tee-talk
./tee-talk

By terminal

End-to-end encrypted. Verifies the TEE hardware attestation before you type a word.

git clone https://github.com/reeeneeee/tee-talk.git
cd tee-talk
cargo run -- connect -a 34.123.21.55:9999

Requires Rust. Add --trust-server to skip attestation (still encrypted).

By text message (coming soon)

  1. Text HELLO to +1 (970) 717-2021
  2. You'll receive a welcome message confirming your opt-in.
  3. Start a conversation. The AI responds with presence — reflective, non-judgmental, and unhurried.

SMS is not end-to-end encrypted — your carrier can see messages. For full encryption, use the web UI or terminal client above.

Verify it yourself

The binary running inside the TEE is built reproducibly from public source code. You can rebuild it and check that the hardware-signed attestation report matches your build. 

./scripts/build.sh
EXPECTED_BINARY_HASH=336d19...2bd \
  cargo run -- connect -a 34.123.21.55:9999

Full details in VERIFY.md.

Message frequency: Varies. You only receive messages in direct response to texts you send.

Message & data rates may apply.

Opt out: Reply STOP at any time to unsubscribe.

Help: Reply HELP for support information.

By texting HELLO, you consent to receive SMS messages from this service. You can revoke consent at any time by replying STOP.

This is not therapy or a crisis service. If you're in distress, call or text 988.