I'm Willem from Confident Security, we've built CONFSEC, a provably private AI inference engine. Today, we're excited to open-source twoway: https://github.com/confidentsecurity/twoway
twoway is a Go package that makes it easy to implement secure, encrypted request-response flows. It powers CONFSEC's blind prompt handling, ensuring no one, not even us, can see client requests.
We built twoway on Cloudflare's circl/hpke, it uses Hybrid Public key Encryption to implement two flows: - A one-to-one flow where a sender communicates with a single receiver. This flow is fully compatible with RFC 9458 Oblivious HTTP (OHTTP), and the chunked OHTTP draft RFC. - A one-to-many flow where a sender communicates with one or more receivers. Similar to the Apple's PCC's request flow.
Other features include: - Compatibility with any transport, twoway deals with just the messages. - Chunked messages. - Allows for custom HPKE implementations for specialized needs like cryptographic hardware modules.
Our README has clear examples to get you started, all you need to do is go get and try an encrypted "Hello world" exchange.
Our team will be popping in to answer questions, we'd love to hear your feedback.
Cheers! Willem