// COMPARE
phantom vs
tee direct.
Same Intel TDX. Same NVIDIA Confidential Computing. Same attested inference. One side takes an email and a card. The other takes anonymous crypto.
| TEE provider direct | Phantom | |
|---|---|---|
| Account | none | |
| Payment | credit card or crypto | any major crypto, no return address |
| KYC at the billing layer | email-tied billing history | none |
| IP logging | varies by provider | discarded at edge |
| TEE attestation | yes (provider-side verifier) | yes, same hardware, per-response at /v1/inference-attest |
| Closed-weight models | typically open-weight only | GPT, Claude, Gemini, Grok via separate proxy tier |
| Recovery without account | not possible | payment ID re-fetch |
| Markup over wholesale | none (vendor list) | +30% TEE tier |
// WHAT YOU GET
same hardware. different billing surface.
Phantom's TEE tier forwards your request to the same class of confidential-computing infrastructure you would reach by going direct. The enclave decrypts the request, runs the model, returns the response. Per-request attestation exposes the Intel TDX quote (TD Report, mr_td, mr_config_id) plus NVIDIA CC GPU attestation. You can verify those quotes yourself, no trust in Phantom required.
The thing that's different is the billing layer. Going direct, you sign up with an email and pay through a billing system that ties usage to an identity. Phantom doesn't. We sit between you and the provider. The provider sees a single customer (us, paying in bulk). You see hardware-attested inference. Nobody connects you to the prompt.
// WHEN PHANTOM
when phantom wins.
- You want anonymity end-to-end. Crypto in, attested inference out, no email, no card, no IP log at any layer Phantom touches.
- You want closed-weight models on the same key. Most TEE providers run open-weight only. Phantom's proxy tier reaches Claude, GPT, Gemini, Grok through a TDX gateway under the same API.
- You want frictionless recovery. Lost your API key, kept your payment ID? Re-fetch at
/recover.html. No account login. - You want the Tor mirror. Phantom serves the same API at a hidden service. No exit node required.
// WHEN DIRECT
when going direct wins.
- You don't care about anonymity. Direct is 30% cheaper because there's no anonymity-layer markup.
- You want SLA and support. Phantom has no support email. Direct providers have one.
- You want a verifier you control. Some TEE providers ship their own attestation client. Phantom exposes the raw quotes for you to verify against your own root of trust.
// HONEST DISCLAIMER
what the markup buys.
+30% over going direct on the TEE-attested tier is the cost of the anonymity layer: no account, no card, no IP, no return address. The TEE hardware guarantee is identical. The proxy itself is not a hardware-enforced enclave. Plaintext flows through Phantom's RAM in transit. We don't log it, but a host-level compromise in the moment could see it. The "we can't read your prompts" guarantee is enforced by the upstream TEE, not by the proxy. Verify per request via /v1/inference-attest.