// Confidential AI Infrastructure
Unlock collaborative AI with hardware-level privacy.
The open-source foundation for confidential computing. Train and run AI models on sensitive data inside secure enclaves — with end-to-end attestation and zero trust in the host.
// How It Works
Secure multi-party computation, by construction
Secure Enclaves
Data and code are isolated in hardware-encrypted Trusted Execution Environments — AMD SEV-SNP, Intel TDX.
// AMD-SEV · INTEL-TDX
Remote Attestation
Cryptographic proofs verify the workload is running on genuine hardware and the expected, untampered binary.
// VTPM · SEV-SNP · TDX
Confidential Compute
Compute over encrypted data without exposing it to the cloud provider, hypervisor, or infrastructure operator.
// IN-USE ENCRYPTION
// Trusted Partners
Collaborating with leading organizations
in confidential computing and secure AI.
// Memberships
Members of key industry consortia
// Why Cocos
For decades, AI on sensitive data forced a compromise
Either you trust the cloud — or you build everything from scratch. Cocos AI removes that tradeoff.
// Status Quo
Traditional Cloud AI
Speed and integration, but at a cost
- Plaintext data exposed to the cloud provider
- Implicit trust in the hypervisor and host OS
- No cryptographic proof of execution integrity
- Compliance burden falls on the data owner
// The New Default
Confidential by design
Hardware-rooted trust, no compromises
- Hardware-isolated TEEs (AMD SEV-SNP, Intel TDX)
- Cryptographic remote attestation, end-to-end
- Encrypted in-use data — invisible to the host
- Open-source. Apache 2.0. Self-hostable.
// About
Built in research, hardened in production
Cocos AI started with the support of the School of Electrical Engineering (ETF), University of Belgrade, and the Serbian government's Innovation Fund. It has since evolved through several major European Union research initiatives, including CONFIDENTIAL6G, TITAN, and ELASTIC.
// Lead Developer
Ultraviolet
A specialized technology company with a strong reputation in the security domain. Ultraviolet coordinates the project, builds the user experience, and manages the SaaS offering — leading the development and commercialization of the Cocos AI platform.
// Research
ETF Belgrade
Original research partner and expertise provider for TEE and cryptographic protocols.
// EU Project
CONFIDENTIAL6G
Quantum-resistant cryptography and security frameworks for 6G confidential computing.
// EU Project
ELASTIC
Next-gen network orchestration using WebAssembly and confidential computing for 6G.
// EU Project
TITAN
Trusted AI & privacy-preserving technologies building secure AI systems via TEEs.
// Funded By
Initiated with support from the School of Electrical Engineering (ETF), University of Belgrade, and funded by the Innovation Fund from the Republic of Serbia (Project ID 50314). Further developed through EU-funded projects: CONFIDENTIAL6G, TITAN, and ELASTIC.
// Use Cases
Real-world workloads, hardware-isolated
Where data sensitivity meets compute demand — Cocos AI keeps both sides honest.
Medical / Pharma
- ›Encrypted patient data exchange for medical trials and drug discovery
- ›Drug distribution, serialization, and tracking
Public / Government
- ›Cross-agency analytics and AI/ML over confidential citizen data
Banking / Finance
- ›Private payment data exchange for fraud detection and AML
- ›Secure credit approval workflows
- ›Trustless transaction handling between parties
Transportation / Logistics
- ›Autonomous driving routing and AI/ML
- ›Logistics data analytics across operators
Industry
- ›Multi-party computation across competing companies
- ›Predictive maintenance via shared models
- ›Quality assurance and Industry 4.0 data exchange
Software Development
- ›IP protection — algorithms shielded from cloud providers
- ›Mitigation of insider threats inside organizations
// Capabilities
One platform. Every confidential workload.
Deploy and maintain confidential virtual machines.
Unified interface for AMD SEV and Intel TDX.
Execution scheduler and coordinator within the enclave.
Encrypted traffic, data, and execution state.
Verify integrity and establish trust over the wire.
Python, Docker, and WebAssembly workloads.
First-class developer tooling for secure pipelines.
Small footprint, near-bare-metal execution.
Apache 2.0 — auditable, forkable, accountable.
// System Architecture
Robust by design, scalable by default
- › Agent
- › Config files / TLS certs
- › HAL + Runtime
- › TEE Enclave CPU HW (SEV / TDX)
// Get Started
Run sensitive AI workloads — without trusting the host.
Self-host the open-source stack today, or talk to the team about deployments.
// Contact
Talk to the team
Reach out for partnerships, deployments, or research collaboration.
// Headquarters
