What is VoltageGPU Confidential Chat?

A ChatGPT-style interface running inside Intel TDX hardware enclaves. Prompts and responses are encrypted in CPU memory at runtime and never leave the sealed Trust Domain. VoltageGPU cannot read user data, cannot log it, cannot train on it.

Do I need an account to try it?

No. Anonymous visitors get 3 free messages on Qwen3-32B-TEE without any signup, no credit card required. After the free trial, signup unlocks 50 free messages per month, Plus $20/mo unlocks 2000 messages with Qwen3-235B 262K context.

How is it different from ChatGPT Plus?

Same $20/mo price point but sealed in Intel TDX hardware. OpenAI trains on user data by default. VoltageGPU Plus cannot technically read user data — memory is encrypted with CPU-fused keys and even the hypervisor is outside the trust boundary. EU company (France, SIREN 943 808 824), native GDPR Article 28 DPA available.

Which TEE models are available?

3 models sealed in Intel TDX: Qwen3-32B-TEE (40K context, fast), Qwen3-235B-A22B-Instruct-2507-TEE (262K context, flagship, Plus/Pro), DeepSeek-R1-0528-TEE (163K context, reasoning model, Enterprise).

Can I use it for regulated work (legal, medical, finance)?

Yes. Beyond the generic chat, 8 specialized agents are available: Contract Analyst, Financial Analyst, Medical Records, Compliance Officer, Due Diligence, Cybersecurity, HR, Tax. GDPR Article 28, HIPAA, DORA, NIS2 ready. DPA available on request.

Yes — api.voltagegpu.com/v1 is OpenAI-compatible, pay-per-token starting at $0.15/M input tokens on Qwen3-32B-TEE. Drop-in replacement for the OpenAI SDK (change base_url).

Is the VoltageGPU API really OpenAI-compatible?

Yes. /v1/chat/completions, /v1/embeddings and /v1/models follow the OpenAI schema. Existing CrewAI, LangChain, LlamaIndex, AutoGen and OpenAI SDK code works by changing only base_url to https://api.voltagegpu.com/v1 and the api_key to a VoltageGPU API key.

Where is my agent traffic processed?

Inside Intel TDX hardware enclaves operated by VoltageGPU in the European Union. AES-256 memory encryption protects prompts at runtime. Even VoltageGPU operators cannot read prompts, function calls, or tool outputs once they enter the trust domain.

Does VoltageGPU support MCP (Model Context Protocol)?

Yes. We host confidential MCP servers inside Intel TDX. Your MCP client connects over TLS 1.3, the server runs sealed in the enclave, tool calls and resource reads stay encrypted in CPU memory. See /mcp-server-confidential for the technical walkthrough.

How does pricing work for BYOA workloads?

Pay-per-token, no commitment. Qwen3-32B-TEE starts at $0.50 / 1M input tokens. Qwen3-235B-TEE at $1.20 / 1M. DeepSeek-R1-TEE at $1.80 / 1M. Output tokens billed separately. No platform fee on top of token usage.

Bring Your Own Agent — Confidential Inference Endpoint Sealed in Intel TDX

Drop-in OpenAI-compatible API for CrewAI, LangChain, OpenAI SDK and MCP clients

VoltageGPU exposes an OpenAI-compatible API at https://api.voltagegpu.com/v1 backed by Qwen3-32B-TEE, Qwen3-235B-A22B-TEE and DeepSeek-R1-TEE running inside Intel TDX hardware enclaves we operate in the European Union. Existing agent code works unchanged: point your OpenAI SDK, CrewAI, LangChain, LlamaIndex, AutoGen, or MCP client at our base URL with a VoltageGPU API key, and inference runs inside a sovereign trust domain. AES-256 memory encryption protects prompts at runtime; ECDSA attestation evidence is signed per request.

Why BYOA matters in 2026

92 percent of enterprise AI buyers cite privacy as the top reason to leave hyperscaler APIs
MCP (Model Context Protocol) became the de-facto agent integration spec in early 2026
CrewAI vertical agents are exploding in legal, finance, healthcare, and industrial ops
Agent traffic is far more sensitive than chat: tool calls expose database schemas, file paths, internal APIs
EU AI Act Article 5 and DORA Article 5 require provable data residency and processor blindness

OpenAI-compatible drop-in

Change base_url to https://api.voltagegpu.com/v1, swap the API key, pick a TEE model. The Python OpenAI SDK, the TypeScript SDK, the Go SDK, and any framework that wraps them will route through the enclave with no code change beyond configuration.

CrewAI integration

Pass a CrewAI LLM with custom_llm_provider=openai, base_url set to api.voltagegpu.com/v1, and a TEE model name. Crews, agents, and tasks execute against confidential inference. The crew runtime stays on your machine; only token traffic crosses the enclave boundary.

LangChain integration

ChatOpenAI accepts openai_api_base and openai_api_key parameters. Set them to the VoltageGPU endpoint and any LangChain chain, agent, RAG pipeline, or LangGraph workflow runs against TDX-sealed inference. Tool calls, structured outputs, and JSON mode are all supported.

MCP (Model Context Protocol)

Confidential MCP servers run sealed inside Intel TDX. Tools, resources, and prompts stay encrypted in CPU memory. Connect from Claude Desktop, Cursor, Continue, or any MCP-aware client. See /mcp-server-confidential for the setup walkthrough.

Pricing per 1M tokens

Qwen3-32B-TEE: $0.50 input / $1.50 output
Qwen3-235B-A22B-Instruct-2507-TEE: $1.20 input / $3.50 output
DeepSeek-R1-0528-TEE: $1.80 input / $5.40 output
No commitment, no platform fee, billed per token

Related resources on VoltageGPU

Bring Your Own Agent

OpenAI-compatible · Intel TDX

BYOA · MCP · CrewAI · LangChain · OpenAI SDK

Bring Your Own Agent —
Run It Inside Intel TDX.

Point CrewAI, LangChain, OpenAI SDK, and MCP clients at api.voltagegpu.com/v1. Same code, sovereign infrastructure.

One base_url swap routes every prompt, tool call and embedding through Intel TDX hardware enclaves we operate in the EU. Provider-blind by design.

WHY BYOA MATTERS IN 2026

MCP became the agent standard

Model Context Protocol unlocks tool-calling across IDEs, desktops and CI. Confidential MCP servers seal that traffic in TDX.

CrewAI vertical agents exploded

Legal, finance, supply-chain crews need provider-blind LLMs. Drop-in base_url switch keeps your existing crew code intact.

92% privacy-driven AI infra

Buyers cite confidentiality as the #1 reason to leave hyperscalers. EU jurisdiction + Article 28 DPA closes the procurement door.

Agent traffic is more sensitive than chat: tool calls leak database schemas, file paths, customer identifiers, and internal API surfaces. Hyperscaler endpoints expose that traffic to a foreign jurisdiction. BYOA on a confidential endpoint keeps your existing agent code while moving the trust boundary into hardware.

OpenAI-compatible — drop in

Full API reference

Existing OpenAI SDK code works unchanged: switch base_url to https://api.voltagegpu.com/v1 and pass a VoltageGPU API key. Streaming, tool calls, structured outputs, JSON mode, embeddings — all OpenAI semantics preserved.

Python · OpenAI SDK · /v1/chat/completions

PYTHON

# Drop-in: same OpenAI SDK, sovereign endpoint
from openai import OpenAI

client = OpenAI(
    base_url="https://api.voltagegpu.com/v1",
    api_key="vg-...",  # https://app.voltagegpu.com/settings/api-keys
)

response = client.chat.completions.create(
    model="Qwen3-235B-A22B-Instruct-2507-TEE",
    messages=[
        {"role": "system", "content": "You are a regulated-industry assistant."},
        {"role": "user", "content": "Summarize this MSA section..."},
    ],
)

print(response.choices[0].message.content)

CrewAI integration

Private CrewAI guide

CrewAI's LLM wrapper accepts an OpenAI-compatible base URL. Construct one pointing at VoltageGPU and pass it to every agent in the crew. Your crews, tasks, planners and tools stay local; only token traffic crosses the enclave boundary.

Python · CrewAI · custom LLM

PYTHON

# CrewAI pointed at confidential VoltageGPU inference
from crewai import Agent, Crew, Task, LLM

confidential_llm = LLM(
    model="openai/Qwen3-235B-A22B-Instruct-2507-TEE",
    base_url="https://api.voltagegpu.com/v1",
    api_key="vg-...",
    temperature=0.2,
)

analyst = Agent(
    role="Senior Compliance Analyst",
    goal="Flag regulatory risks in vendor contracts",
    backstory="Trained on EU AI Act and DORA requirements.",
    llm=confidential_llm,
    allow_delegation=False,
)

review = Task(
    description="Review {contract} for Article 28 RGPD gaps.",
    expected_output="A bulleted list of clause-level findings.",
    agent=analyst,
)

crew = Crew(agents=[analyst], tasks=[review], verbose=True)
result = crew.kickoff(inputs={"contract": open("msa.txt").read()})

LangChain integration

All integrations

ChatOpenAI from langchain_openai exposes base_url and api_key. Wire it up once and every chain, agent, RAG pipeline, or LangGraph node runs against confidential inference.

Python · LangChain · ChatOpenAI

PYTHON

# LangChain ChatOpenAI -> TDX-sealed inference
from langchain_openai import ChatOpenAI
from langchain_core.messages import HumanMessage, SystemMessage

llm = ChatOpenAI(
    model="Qwen3-32B-TEE",
    base_url="https://api.voltagegpu.com/v1",
    api_key="vg-...",
    temperature=0,
)

messages = [
    SystemMessage(content="You are a sovereign legal assistant."),
    HumanMessage(content="Identify auto-renewal clauses in this NDA..."),
]

reply = llm.invoke(messages)
print(reply.content)

MCP — MODEL CONTEXT PROTOCOL

Host MCP servers sealed in Intel TDX

Tool calls, resource reads, and prompt templates stay encrypted in CPU memory. Connect from Claude Desktop, Cursor, Continue, or any MCP-aware client.

MCP setup walkthrough

PRICING — PER 1M TOKENS

BALANCED128K ctx

Qwen3-32B-TEE

Fast multilingual inference, ideal for high-volume agent loops and lightweight tools.

INPUT

$0.50

OUTPUT

$1.50

FLAGSHIP262K ctx

Qwen3-235B-A22B-Instruct-2507-TEE

Long-context reasoning. Recommended for contract review crews and document-heavy chains.