Secure, Smart, and Onchain: Redefining AI with TEEs

Oyster
,
1

Marlin has integrated Chromia’s AI chatbot to enable persistent, on-chain AI memory using Trusted Execution Environments (TEEs). This groundbreaking solution allows AI models to securely store, verify, and retain long-term context, overcoming one of AI chat agents’ biggest limitations.

AI systems typically forget past interactions after each session, limiting adaptability and long-term learning. Chromia solves this by structuring AI memory into short-term interactions and long-term blockchain storage, ensuring private, verifiable, and continuous context retention.

Marlin’s TEE technology ensures AI memory remains secure, private, and tamper-proof. With this innovation, AI can remember, verify, and build on past interactions, making more reliable AI a reality.

About Chromia

Chromia is a Relational Blockchain designed to simplify decentralized app (dapp) development by merging blockchain technology with familiar database structures. Whether for business or gaming, Chromia makes dapp creation intuitive and scalable.

At its core is Rell, a streamlined programming language tailored for blockchain and databases. Rell enables developers to build secure, efficient dApps with minimal code while maintaining the flexibility of traditional databases.

Marlin’s CVM

Confidential Virtual Machines (CVMs) enable secure and private computation in untrusted environments. By leveraging hardware-based encryption and secure enclaves, CVMs protect sensitive data and applications even on third-party infrastructure. With Oyster’s CVM tooling, you can create secure environments that maintain data privacy while enabling complex computations.

A Key Management System (KMS) handles cryptographic key generation and distribution for applications such as database credentials. Oyster enclaves ensure that even the host cannot access enclave secrets. The KMS also enables persistent secret storage, unlocking new design possibilities for applications using Oyster.

Why TEEs Are Ideal for AI Chatbots

  • Reliable & Tamper-Proof Execution: AI agents can produce different results for the same query, making consensus-based methods unreliable. TEEs ensure code runs exactly as written, free from host interference.
  • Strong Security: KMS securely manages secret sharing within the enclave, automating encryption and ensuring sensitive data remains completely hidden, even from the host.
  • Direct Transactions & API Access: TEEs allow AI to send messages, execute transactions, and interact with APIs in real time.
  • Seamless Deployment: Oyster’s CVM makes deploying AI in TEEs as simple as launching a cloud server, with multi-language support.

Deploying Chromia AI agent with Oyster TEEs

You can deploy your AI agent on the Chromia network and interact with it using Oyster TEEs by following these steps:

  1. Clone the repo from marlinprotocol/chromia-neural-interface.
  2. Obtain Groq API keys.
  3. Lease a container and deploy your AI agent on the Chromia network using the Chromia tutorials.
  4. Update the .env file with the relevant information:
XAI_API_KEY= # Groq API keys from step 2
CHROMIA_BLOCKCHAIN_RID= # BRID from step 3
CHROMIA_PRIV_KEY= # Private key generated from step 3
CHROMIA_CLIENT_URL= # Client URL used in step 3
  1. Modify docker-compose.yml based on your system’s architecture:
services:  
  # Bun service
  bun:
    image: kalpita888/bun_arm64:0.0.1  # Use kalpita888/bun:0.0.1 for amd64
    container_name: my-chat-agent
    init: true
    network_mode: host
    restart: unless-stopped
    volumes:
      - /init-params/:/init-params/
    env_file:
      - /init-params/bun/.env
  1. Set up a wallet with 0.001 ETH and 1 USDC on the Arbitrum One network.
  2. Deploy the enclave using the below command and note the IP printed. This command securely shares the .env file with the enclave using KMS.
# for amd64
# replace <key> with the private key of the wallet
oyster-cvm deploy --wallet-private-key <key> --docker-compose ./docker-compose.yml --instance-type c6a.2xlarge --region ap-south-1 --operator 0xe10Fa12f580e660Ecd593Ea4119ceBC90509D642 --duration-in-minutes 20 --pcr-preset base/blue/v1.0.0/amd64 --init-params 'bun/.env:1:1:file:./.env' --image-url https://artifacts.marlin.org/oyster/eifs/base-blue_v1.0.0_linux_amd64.eif

# for arm64
# replace <key> with the private key of the wallet
oyster-cvm deploy --wallet-private-key <key> --docker-compose ./docker-compose.yml --instance-type c6g.2xlarge --region ap-south-1 --operator 0xe10Fa12f580e660Ecd593Ea4119ceBC90509D642 --duration-in-minutes 20 --pcr-preset base/blue/v1.0.0/arm64 --init-params 'bun/.env:1:1:file:./.env' --image-url https://artifacts.marlin.org/oyster/eifs/base-blue_v1.0.0_linux_arm64.eif
  1. Verify remote attestation using the below command and wait for the “Verification successful” message:
# Replace <ip> with the IP you obtained above
oyster-cvm verify --enclave-ip <ip>
  1. Start chatting at http://IP:6060 :robot_face:

That’s it! You’re now ready to securely and efficiently interact with the Chromia AI agent.

1 Like